题目信息:

有个年轻人得到了一份密文,身为老司机的你能帮他看看么?
附件:enc.txt
[{"c": 7366067574741171461722065133242916080495505913663250330082747465383676893970411476550748394841437418105312353971095003424322679616940371123028982189502042, "e": 10, "n": 25162507052339714421839688873734596177751124036723831003300959761137811490715205742941738406548150240861779301784133652165908227917415483137585388986274803},

{"c": 21962825323300469151795920289886886562790942771546858500842179806566435767103803978885148772139305484319688249368999503784441507383476095946258011317951461, "e": 10, "n": 23976859589904419798320812097681858652325473791891232710431997202897819580634937070900625213218095330766877190212418023297341732808839488308551126409983193},

{"c": 6569689420274066957835983390583585286570087619048110141187700584193792695235405077811544355169290382357149374107076406086154103351897890793598997687053983, "e": 10, "n": 18503782836858540043974558035601654610948915505645219820150251062305120148745545906567548650191832090823482852604346478335353784501076761922605361848703623},

{"c": 4508246168044513518452493882713536390636741541551805821790338973797615971271867248584379813114125478195284692695928668946553625483179633266057122967547052, "e": 10, "n": 23383087478545512218713157932934746110721706819077423418060220083657713428503582801909807142802647367994289775015595100541168367083097506193809451365010723},

{"c": 22966105670291282335588843018244161552764486373117942865966904076191122337435542553276743938817686729554714315494818922753880198945897222422137268427611672, "e": 10, "n": 31775649089861428671057909076144152870796722528112580479442073365053916012507273433028451755436987054722496057749731758475958301164082755003195632005308493},

{"c": 17963313063405045742968136916219838352135561785389534381262979264585397896844470879023686508540355160998533122970239261072020689217153126649390825646712087, "e": 10, "n": 22246342022943432820696190444155665289928378653841172632283227888174495402248633061010615572642126584591103750338919213945646074833823905521643025879053949},

{"c": 1652417534709029450380570653973705320986117679597563873022683140800507482560482948310131540948227797045505390333146191586749269249548168247316404074014639, "e": 10, "n": 25395461142670631268156106136028325744393358436617528677967249347353524924655001151849544022201772500033280822372661344352607434738696051779095736547813043},

{"c": 15585771734488351039456631394040497759568679429510619219766191780807675361741859290490732451112648776648126779759368428205194684721516497026290981786239352, "e": 10, "n": 32056508892744184901289413287728039891303832311548608141088227876326753674154124775132776928481935378184756756785107540781632570295330486738268173167809047},

{"c": 8965123421637694050044216844523379163347478029124815032832813225050732558524239660648746284884140746788823681886010577342254841014594570067467905682359797, "e": 10, "n": 52849766269541827474228189428820648574162539595985395992261649809907435742263020551050064268890333392877173572811691599841253150460219986817964461970736553},

{"c": 13560945756543023008529388108446940847137853038437095244573035888531288577370829065666320069397898394848484847030321018915638381833935580958342719988978247, "e": 10, "n": 30415984800307578932946399987559088968355638354344823359397204419191241802721772499486615661699080998502439901585573950889047918537906687840725005496238621}]

涉及知识点:

RSA
RSA是一种公钥加密算法,RSA算法的具体描述如下:

  1. 任意选取两个不同的大素数p和q计算乘积

  2. 任意选取一个大整数e,满足

    ,整数e用做加密钥(注意:e的选取是很容易的,例如,所有大于p和q的素数都可用)

  3. 确定的解密钥d,满足

    ,即

    是一个任意的整数;所以,若知道e和

    ,则很容易计算出d ;

  4. 公开整数n和e,秘密保存d

  5. 将明文m(m<n是一个整数)加密成密文c,加密算法为

  6. 将密文c解密为明文m,解密算法为

  7. 然而只根据n和e(注意:不是p和q)要计算出d是不可能的。因此,任何人都可对明文进行加密,但只有授权用户(知道d)才可对密文解密。

来源:百度百科https://baike.baidu.com/item/RSA%E7%AE%97%E6%B3%95/263310?fromtitle=RSA&fromid=210678&fr=aladdin
低加密指数广播攻击
特点:
  • 加密指数e非常小
  • 一份明文使用不同的模数n,相同的加密指数e进行多次加密
  • 可以拿到每一份加密后的密文和对应的模数n、加密指数e

可以根据中国剩余剩余定理求得m^e,最后得到明文

解题思路:

  1. 观察附件,发现有e,n,c三个参数名,考虑本题目会涉及到RSA
  2. 观察附件,所有的e均为相同的值,且该值并不是很大
  3. 本题目可能由明文m通过多个公钥(n,e)加密且得到多个密文n
  4. 考虑使用低加密指数广播攻击获取明文
  5. 通过判断,所有的密文n均互素,使用中国剩余定理进行求解
  6. 将得到的值开e次方,得到的值转为16进制通过base16转化获得flag

附件:

import gmpy2

def crt(b,m):

    '''中国剩余定理'''

    #判断是否互素

    for i in range(len(m)):

        for j in range(i+1,len(m)):

            if gmpy2.gcd(m[i],m[j]) != 1:

                print("m中含有不是互余的数")

                return -1

    #乘积

    M = 1

    for i in range(len(m)):

        M *= m[i]

    #求M/mi

    Mm = []

    for i in range(len(m)):

        Mm.append(M // m[i])

    #求Mm[i]的乘法逆元

    Mm_ = []

    for i in range(len(m)):

        _,a,_ = gmpy2.gcdext(Mm[i],m[i])

        Mm_.append(int(a % m[i]))

    #求MiM'ibi的累加

    y = 0

    for i in range(len(m)):

        print(Mm[i] * Mm_[i] * b[i])

        y += (Mm[i] * Mm_[i] * b[i])

    y = y % M

    return y

enc = [{"c": 7366067574741171461722065133242916080495505913663250330082747465383676893970411476550748394841437418105312353971095003424322679616940371123028982189502042, "e": 10,

        "n": 25162507052339714421839688873734596177751124036723831003300959761137811490715205742941738406548150240861779301784133652165908227917415483137585388986274803},

       {"c": 21962825323300469151795920289886886562790942771546858500842179806566435767103803978885148772139305484319688249368999503784441507383476095946258011317951461, "e": 10,

           "n": 23976859589904419798320812097681858652325473791891232710431997202897819580634937070900625213218095330766877190212418023297341732808839488308551126409983193},

       {"c": 6569689420274066957835983390583585286570087619048110141187700584193792695235405077811544355169290382357149374107076406086154103351897890793598997687053983, "e": 10,

           "n": 18503782836858540043974558035601654610948915505645219820150251062305120148745545906567548650191832090823482852604346478335353784501076761922605361848703623},

       {"c": 4508246168044513518452493882713536390636741541551805821790338973797615971271867248584379813114125478195284692695928668946553625483179633266057122967547052, "e": 10,

        "n": 23383087478545512218713157932934746110721706819077423418060220083657713428503582801909807142802647367994289775015595100541168367083097506193809451365010723},

       {"c": 22966105670291282335588843018244161552764486373117942865966904076191122337435542553276743938817686729554714315494818922753880198945897222422137268427611672, "e": 10,

        "n": 31775649089861428671057909076144152870796722528112580479442073365053916012507273433028451755436987054722496057749731758475958301164082755003195632005308493},

       {"c": 17963313063405045742968136916219838352135561785389534381262979264585397896844470879023686508540355160998533122970239261072020689217153126649390825646712087, "e": 10,

        "n": 22246342022943432820696190444155665289928378653841172632283227888174495402248633061010615572642126584591103750338919213945646074833823905521643025879053949},

       {"c": 1652417534709029450380570653973705320986117679597563873022683140800507482560482948310131540948227797045505390333146191586749269249548168247316404074014639, "e": 10,

        "n": 25395461142670631268156106136028325744393358436617528677967249347353524924655001151849544022201772500033280822372661344352607434738696051779095736547813043},

       {"c": 15585771734488351039456631394040497759568679429510619219766191780807675361741859290490732451112648776648126779759368428205194684721516497026290981786239352, "e": 10,

        "n": 32056508892744184901289413287728039891303832311548608141088227876326753674154124775132776928481935378184756756785107540781632570295330486738268173167809047},

       {"c": 8965123421637694050044216844523379163347478029124815032832813225050732558524239660648746284884140746788823681886010577342254841014594570067467905682359797, "e": 10,

        "n": 52849766269541827474228189428820648574162539595985395992261649809907435742263020551050064268890333392877173572811691599841253150460219986817964461970736553},

       {"c": 13560945756543023008529388108446940847137853038437095244573035888531288577370829065666320069397898394848484847030321018915638381833935580958342719988978247, "e": 10,

       "n": 30415984800307578932946399987559088968355638354344823359397204419191241802721772499486615661699080998502439901585573950889047918537906687840725005496238621}]

e = 10

c = []

n = []

for i in range(len(enc)):

    c.append(enc[i]["c"])

    n.append(enc[i]["n"])

r = crt(c,n)

print(gmpy2.iroot(r,e))

FLAG

flag{wo0_th3_tr4in_i5_leav1ng_g3t_on_it}

参考:

https://blog.csdn.net/weixin_45556441/article/details/110482520

作者:damedane-qiuqiu

CTF-OldDriver-writeup的更多相关文章

  1. Whctf - OLDDRIVER - Writeup

    Whctf - OLDDRIVER - Writeup 转载请标明出处http://www.cnblogs.com/WangAoBo/p/7541536.html 题目: 分析: 给了10组RSA的加 ...

  2. 攻防世界 WEB 高手进阶区 TokyoWesterns CTF shrine Writeup

    攻防世界 WEB 高手进阶区 TokyoWesterns CTF shrine Writeup 题目介绍 题目考点 模板注入 Writeup 进入题目 import flask import os a ...

  3. Crypto CTF 2019 writeup

    Crypto CTF 2019 writeup roXen 题目 roXen Relationship with a cryptographer! The Girlfriend: All you ev ...

  4. CTF<密码学> writeup 传统知识+古典密码

    小明某一天收到一封密信,信中写了几个不同的年份          辛卯,癸巳,丙戌,辛未,庚辰,癸酉,己卯,癸巳. 信的背面还写有“+甲子”,请解出这段密文. key值:CTF{XXX} 百度可以查到 ...

  5. ctf题目writeup(9)

    继续刷题,找到一个 什么 蓝鲸安全的ctf平台 地址:http://whalectf.xin/challenges (话说这些ctf平台长得好像) 1. 放到converter试一下: 在用十六进制转 ...

  6. ctf题目writeup(8)

    2019.2.11 南京邮电的ctf平台: 地址http://ctf.nuptzj.cn/challenges# 他们好像搭新的平台了...我注册弄了好半天... 1. 签到题,打开网址: 查看一下页 ...

  7. ctf题目writeup(7)

    2019.2.10 过年休息归来,继续做题. bugku的web题,地址:https://ctf.bugku.com/challenges 1. http://123.206.87.240:8002/ ...

  8. ctf题目writeup(6)

    2019.2.2 依旧是bugku上面的题目,地址:https://ctf.bugku.com/challenges 1. 解压后是60多个out.zip,都是真加密,里面都是1kb的data.txt ...

  9. ctf题目writeup(5)

    2019.2.1 今天继续bugku的隐写杂项题:题目链接:https://ctf.bugku.com/challenges 1. 这道题下载后用wireshark打开...看了好久也没看出个所以然, ...

  10. ctf题目writeup(4)

    2019.1.31 题目:这次都是web的了...(自己只略接触隐写杂项web这些简单的东西...) 题目地址:https://www.ichunqiu.com/battalion 1. 打开链接: ...

随机推荐

  1. 状压dp(总结)状态压缩

    状压这个和二进制分不开关系 所以,对于二进制的熟悉是必不可少的技能 &  与操作,1不变,0变0 |  或操作,0不变,1变1 ^  异或操作,0不变,1取反 - 取反操作,把每一个二进制位0 ...

  2. 在NVIDIA(CUDA,CUBLAS)和Intel MKL上快速实现BERT推理

    在NVIDIA(CUDA,CUBLAS)和Intel MKL上快速实现BERT推理 直接在NVIDIA(CUDA,CUBLAS)或Intel MKL上进行高度定制和优化的BERT推理,而无需tenso ...

  3. 使用现代C++如何避免bugs(上)

    使用现代C++如何避免bugs(上) How to avoid bugs using modern C++ C++的主要问题之一是拥有大量的构造,它们的行为是未定义的,或者程序员只是意想不到的.在各种 ...

  4. 【C++】sprintf 与sprintf_s

    (转自: http://blog.sina.com.cn/s/blog_4ded4a890100j2nz.html) 将过去的工程用VS2005打开的时候.你有可能会遇到一大堆的警告:warning ...

  5. MySQL 最佳实践 —— 高效插入数据

    当你需要在 MySQL 数据库中批量插入数百万条数据时,你就会意识到,逐条发送 INSERT 语句并不是一个可行的方法. MySQL 文档中有些值得一读的 INSERT 优化技巧. 在这篇文章里,我将 ...

  6. MySQL 面试必备:又一神器“锁”,不会的在面试都挂了

    1 什么是锁 1.1 锁的概述 在生活中锁的例子多的不能再多了,从古老的简单的门锁,到密码锁,再到现在的指纹解锁,人脸识别锁,这都是锁的鲜明的例子,所以,我们理解锁应该是非常简单的. 再到MySQL中 ...

  7. SSM框架集成各配置文件

    SSM框架集成各配置文件 Spring Spring MVC Mybatis 的整合SpringMVC相当于Spring的一个组件 本来就是一个家族的不存在整合的问题,所以主要就是Spring于Myb ...

  8. 不会 Web 开发,也能让数据“动”起来的开源项目!

    本文面向有 Python 基础的小伙伴,有 Web 基础的更好 作者:HelloGitHub-吱吱 这里是 HelloGitHub 推出的<讲解开源项目>系列,今天要向小伙伴们介绍的是一个 ...

  9. 源码学习之noop

    /** * Perform no operation. * Stubbing args to make Flow happy without leaving useless transpiled co ...

  10. Mysql优化_第十三篇(HashJoin篇)

    Mysql优化_第十三篇(HashJoin篇) 目录 Mysql优化_第十三篇(HashJoin篇) 1 适用场景 纯等值查询,不能使用索引 等值查询,使用到索引 多个join条件中至少包含一个等值查 ...