Category: Crypto Points: 200 Solves: 11 Description:

p > q

n = p*q = 11461532818525251775869994369956628325437478510485272730419843320517940601808597552925629451795611990372651568770181872282590309894187815091191649914833274805419432525386234876477307472337026966745408507004000948112191973777090407558162018558945596691322909404307420094584606103206490426551745910268138393804043641876816598599064856358266650339178617149833032309379858059729179857419751093138295863034844253827963

flag = md5(str(p))

EN:

Can solve it by using Pollard P-1 Factorization Method(http://www.mersennewiki.org/index.php/P-1_Factorization_Method);

step 01:select B1

N =p*q (p>q)

q<=sqrt(N)

B1=sqrt(N)

more B1 is bigger, the more possible can find out it(?! maybe, No!)

step 02: count out E2, E3,E5 ....

2E2<=B1,  3E3<=B1 ...

E2=log(B1)/log(2)

E3=log(B1)/log(3)

E5=log(B1)/log(5)

E7=log(B1)/log(7)

...

push 2  in the z[] E2 times, push 3 in the z[] E3 times, push 5 in the z[] E5 times ...

step 03:

x=a, (a is a prime)

i=0

do

  xz[i]≡a(mod n)

  x=a

until  gcd(n, x-1) !=1

gcd(n,x-1) is one factor of N.

#!/usr/bin/python3

import math

n=11461532818525251775869994369956628325437478510485272730419843320517940601808597552925629451795611990372651568770181872282590309894187815091191649914833274805419432525386234876477307472337026966745408507004000948112191973777090407558162018558945596691322909404307420094584606103206490426551745910268138393804043641876816598599064856358266650339178617149833032309379858059729179857419751093138295863034844253827963

z=[]

prime=[2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997];

def gcd(a,b):

    if b==0:

        return a

    return gcd(b,a%b)

def e(a,b):

    return pow(a,b)%n

def mysqrt(n):

    x=n

    y=[]

    while(x>0):

        y.append(x%100)

        x=x//100

    y.reverse()

    a=0

    x=0

    for p in y:

        for b in range(9,-1,-1):

            if(((20*a+b)*b)<=(x*100+p)):

                x=x*100+p - ((20*a+b)*b)

                a=a*10+b

                break

    return a

B1=mysqrt(n)

for j in range(0,len(prime)):

    for i in range(1, int(math.log(B1)/math.log(prime[j]))+1):

        z.append(prime[j])

#print(z)

for pp in prime:

    i=0

    x=pp

    while(1):

        x=e(x,z[i])

        i=i+1

        y=gcd(n,x-1)

        if(y!=1):

            print (y)

            exit(0)

        if(i>=len(z)):

            break

python3 sss.py, we can the number:

958483424448747472504060861580795018746355733561446016442794600533395417361061386707061258449029078376132360127073305093209304646989718030495000998517698501250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001

then

n=11461532818525251775869994369956628325437478510485272730419843320517940601808597552925629451795611990372651568770181872282590309894187815091191649914833274805419432525386234876477307472337026966745408507004000948112191973777090407558162018558945596691322909404307420094584606103206490426551745910268138393804043641876816598599064856358266650339178617149833032309379858059729179857419751093138295863034844253827963

p=958483424448747472504060861580795018746355733561446016442794600533395417361061386707061258449029078376132360127073305093209304646989718030495000998517698501250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001

q=11957987510443514049047696785587234758227153373363589891876816598599064856358266650339178617149833032309379858059729179857419751093138295863034844253827963

flag=md5(str(p)) = c78504a558bdb6213b9019f6925fa4ae

flag is c78504a558bdb6213b9019f6925fa4ae

CN:

这个是因子分解,用 Pollard P-1因子分解法(http://www.mersennewiki.org/index.php/P-1_Factorization_Method), pyhton3 源码看上面。

还是要看B1的选择,选择不好也是有可能解不出,解不出就重新选择,直到解出。

Sharif University CTF 2016 - Smooth As Silk的更多相关文章

  1. Sharif University CTF 2016 -- Login to System (PWN 200)

    EN: It's easy to find out where is the bug : .text:0000000000400DE4 ; void *start_routine(void *).te ...

  2. Sharif University CTF 2016 -- Android App

    很多种的方案: 方案 A: 直接逆向读代码方案 B: 解包,加入debug信息,重新打包,动态调试方案 C: 解包,改代码加入log.i整出flag, 去掉MainActivity里面d=什么也可以, ...

  3. H4CK1T CTF 2016 Mexico-Remote pentest writeup

    进去网站之后发现连接都是包含类型的,就能想到文件包含漏洞(话说刚总结过就能遇到这题,也算是复习啦) 这里用php://filter/read=convert.base64-encode/resourc ...

  4. Asis CTF 2016 b00ks理解

    ---恢复内容开始--- 最近在学习堆的off by one,其中遇到这道题,萌新的我弄了大半天才搞懂,网上的很多wp都不是特别详细,都得自己好好调试. 首先,这题目是一个常见的图书馆管理系统,虽然我 ...

  5. 18. CTF综合靶机渗透(十一)

    靶机描述: SkyDog Con CTF 2016 - Catch Me If You Can 难度:初学者/中级 说明:CTF是虚拟机,在虚拟箱中工作效果最好.下载OVA文件打开虚拟框,然后选择文件 ...

  6. 引言:CTF新世界

    1. CTF的昨天和今天 CTF(Capture The Flag)中文一般译作夺旗赛,在网络安全领域中指的是网络安全技术人员之间进行技术竞技的一种比赛形式.CTF起源于1996年DEFCON全球黑客 ...

  7. {ICIP2014}{收录论文列表}

    This article come from HEREARS-L1: Learning Tuesday 10:30–12:30; Oral Session; Room: Leonard de Vinc ...

  8. Pedestrian Attributes Recognition Paper List

    Pedestrian Attributes Recognition Paper List  2018-12-22 22:08:55 [Note] you may also check the upda ...

  9. 文献综述十六:基于UML的中小型超市管理系统分析与设计

    一.基本信息 标题:基于UML的中小型超市管理系统分析与设计 时间:2016 出版源:Journal of Xiangnan University 文件分类:uml技术系统的研究 二.研究背景 开发一 ...

随机推荐

  1. Asp.Net MVC及Web API框架配置会碰到的几个问题及解决方案

    前言 刚开始创建MVC与Web API的混合项目时,碰到好多问题,今天拿出来跟大家一起分享下.有朋友私信我问项目的分层及文件夹结构在我的第一篇博客中没说清楚,那么接下来我就准备从这些文件怎么分文件夹说 ...

  2. SQL Server Reporting Services本机模式下的权限管理

    SQL Server Reporting Services在安装配置后,缺省只给BUILTIN\Administrators用户组(实际上只有本机的Administrator用户)提供管理权限.所以所 ...

  3. java写入文件之txt文本

    FileWriter fw=new FileWriter("D:\\test.txt") fw.write("文本值") fw.flush() fw.close ...

  4. openlayers中实现自定冒泡的效果

    自定义的Openlayers.Popup.FreshCloud继承自Openlayers.Popup.Framed,实现了比较简洁的冒泡效果,详细代码如下 /** * Class: OpenLayer ...

  5. ssh整合需要那些jar

    struts2  commons-logging-1.0.4.jar -------主要用于日志处理 freemarker-2.3.8.jar ------- 模板相关操作需要包 ognl-2.6.1 ...

  6. WIN7无法记住远程登录密码

    1.单点win7系统开始菜单——“运行”,然后输入“gpedit.msc”确定: 2.打开本地组策略后,依次展开:计算机配置 > 管理模板 > 系统 > 凭据分配: 3.双击右侧列表 ...

  7. iOS-多线程 ,整理集锦,多种线程的创建

    - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launc ...

  8. .html()和.text()的区别

    在页面调用接口显示数据的时候,正常情况下.html()和.text()都可以显示数据内容,但是在特殊情况下,比如接口中这个参数为空的时候就表现出差距了,.html()显示的是空白,而.text()显示 ...

  9. iOS开发-- RunLoop的基本概念与例子分析

    看了一下,上一篇貌似5个月前的

  10. JS数组push会覆盖前面的数据问题

    这是一个作用域和重新赋值的问题. 检查声明数组所在位置,特别在是多层嵌套中,检查是否在内层循环结束时 跳到外层循环就重新将 数组 赋值为空.