题解分享
我真是tcl,做了好久···
打开题目文件,发现两个公钥文件,两个加密后的密文文件
查看公钥文件
➜ rsa_5b6020b46b8186d81efea521da55b361 openssl rsa -pubin -in pubkey1.pem -text -modulus
Public-Key: (2048 bit)
Modulus:
00:89:89:a3:98:98:84:56:b3:fe:f4:a6:ad:86:df:
3c:99:57:7f:89:78:04:8d:e5:43:6b:ef:c3:0d:8d:
8c:94:95:89:12:aa:52:6f:f3:33:b6:68:57:30:6e:
bb:8d:e3:6c:2c:39:6a:84:ef:dc:5d:38:25:02:da:
a1:a3:f3:b6:e9:75:02:d2:e3:1c:84:93:30:f5:b4:
c9:52:57:a1:49:a9:7f:59:54:ea:f8:93:41:14:7a:
dc:dd:4e:95:0f:ff:74:e3:0b:be:62:28:76:b4:2e:
ea:c8:6d:f4:ad:97:15:d0:5b:56:04:aa:81:79:42:
4c:7d:9a:c4:6b:d6:b5:f3:22:b2:b5:72:8b:a1:48:
70:4a:25:a8:ef:cc:1e:7c:84:ea:7e:5c:e3:e0:17:
03:f0:4f:94:a4:31:d9:95:4b:d7:ae:2c:7d:d6:e8:
79:b3:5f:8a:2d:4a:5e:fb:e7:37:25:7b:f9:9b:d9:
ee:66:b1:5a:ff:23:3f:c7:7b:55:8a:48:7d:a5:95:
2f:be:2b:92:3d:a9:c5:eb:46:78:8c:05:03:36:b7:
e3:6a:5e:d8:2d:5c:1b:2a:eb:0e:45:be:e4:05:cb:
e7:24:81:db:25:68:aa:82:9e:ea:c8:7d:20:1a:5a:
8f:f5:ee:6f:0b:e3:81:92:ab:28:39:63:5f:6c:66:
42:17
Exponent: 2333 (0x91d)
Modulus=8989A398988456B3FEF4A6AD86DF3C99577F8978048DE5436BEFC30D8D8C94958912AA526FF333B66857306EBB8DE36C2C396A84EFDC5D382502DAA1A3F3B6E97502D2E31C849330F5B4C95257A149A97F5954EAF89341147ADCDD4E950FFF74E30BBE622876B42EEAC86DF4AD9715D05B5604AA8179424C7D9AC46BD6B5F322B2B5728BA148704A25A8EFCC1E7C84EA7E5CE3E01703F04F94A431D9954BD7AE2C7DD6E879B35F8A2D4A5EFBE737257BF99BD9EE66B15AFF233FC77B558A487DA5952FBE2B923DA9C5EB46788C050336B7E36A5ED82D5C1B2AEB0E45BEE405CBE72481DB2568AA829EEAC87D201A5A8FF5EE6F0BE38192AB2839635F6C664217
writing RSA key
-----BEGIN PUBLIC KEY-----
MIIBITANBgkqhkiG9w0BAQEFAAOCAQ4AMIIBCQKCAQEAiYmjmJiEVrP+9Katht88
mVd/iXgEjeVDa+/DDY2MlJWJEqpSb/MztmhXMG67jeNsLDlqhO/cXTglAtqho/O2
6XUC0uMchJMw9bTJUlehSal/WVTq+JNBFHrc3U6VD/904wu+Yih2tC7qyG30rZcV
0FtWBKqBeUJMfZrEa9a18yKytXKLoUhwSiWo78wefITqflzj4BcD8E+UpDHZlUvX
rix91uh5s1+KLUpe++c3JXv5m9nuZrFa/yM/x3tVikh9pZUvviuSPanF60Z4jAUD
Nrfjal7YLVwbKusORb7kBcvnJIHbJWiqgp7qyH0gGlqP9e5vC+OBkqsoOWNfbGZC
FwICCR0=
-----END PUBLIC KEY-----
➜ rsa_5b6020b46b8186d81efea521da55b361 openssl rsa -pubin -in pubkey2.pem -text -modulus
Public-Key: (2048 bit)
Modulus:
00:89:89:a3:98:98:84:56:b3:fe:f4:a6:ad:86:df:
3c:99:57:7f:89:78:04:8d:e5:43:6b:ef:c3:0d:8d:
8c:94:95:89:12:aa:52:6f:f3:33:b6:68:57:30:6e:
bb:8d:e3:6c:2c:39:6a:84:ef:dc:5d:38:25:02:da:
a1:a3:f3:b6:e9:75:02:d2:e3:1c:84:93:30:f5:b4:
c9:52:57:a1:49:a9:7f:59:54:ea:f8:93:41:14:7a:
dc:dd:4e:95:0f:ff:74:e3:0b:be:62:28:76:b4:2e:
ea:c8:6d:f4:ad:97:15:d0:5b:56:04:aa:81:79:42:
4c:7d:9a:c4:6b:d6:b5:f3:22:b2:b5:72:8b:a1:48:
70:4a:25:a8:ef:cc:1e:7c:84:ea:7e:5c:e3:e0:17:
03:f0:4f:94:a4:31:d9:95:4b:d7:ae:2c:7d:d6:e8:
79:b3:5f:8a:2d:4a:5e:fb:e7:37:25:7b:f9:9b:d9:
ee:66:b1:5a:ff:23:3f:c7:7b:55:8a:48:7d:a5:95:
2f:be:2b:92:3d:a9:c5:eb:46:78:8c:05:03:36:b7:
e3:6a:5e:d8:2d:5c:1b:2a:eb:0e:45:be:e4:05:cb:
e7:24:81:db:25:68:aa:82:9e:ea:c8:7d:20:1a:5a:
8f:f5:ee:6f:0b:e3:81:92:ab:28:39:63:5f:6c:66:
42:17
Exponent: 23333 (0x5b25)
Modulus=8989A398988456B3FEF4A6AD86DF3C99577F8978048DE5436BEFC30D8D8C94958912AA526FF333B66857306EBB8DE36C2C396A84EFDC5D382502DAA1A3F3B6E97502D2E31C849330F5B4C95257A149A97F5954EAF89341147ADCDD4E950FFF74E30BBE622876B42EEAC86DF4AD9715D05B5604AA8179424C7D9AC46BD6B5F322B2B5728BA148704A25A8EFCC1E7C84EA7E5CE3E01703F04F94A431D9954BD7AE2C7DD6E879B35F8A2D4A5EFBE737257BF99BD9EE66B15AFF233FC77B558A487DA5952FBE2B923DA9C5EB46788C050336B7E36A5ED82D5C1B2AEB0E45BEE405CBE72481DB2568AA829EEAC87D201A5A8FF5EE6F0BE38192AB2839635F6C664217
writing RSA key
-----BEGIN PUBLIC KEY-----
MIIBITANBgkqhkiG9w0BAQEFAAOCAQ4AMIIBCQKCAQEAiYmjmJiEVrP+9Katht88
mVd/iXgEjeVDa+/DDY2MlJWJEqpSb/MztmhXMG67jeNsLDlqhO/cXTglAtqho/O2
6XUC0uMchJMw9bTJUlehSal/WVTq+JNBFHrc3U6VD/904wu+Yih2tC7qyG30rZcV
0FtWBKqBeUJMfZrEa9a18yKytXKLoUhwSiWo78wefITqflzj4BcD8E+UpDHZlUvX
rix91uh5s1+KLUpe++c3JXv5m9nuZrFa/yM/x3tVikh9pZUvviuSPanF60Z4jAUD
Nrfjal7YLVwbKusORb7kBcvnJIHbJWiqgp7qyH0gGlqP9e5vC+OBkqsoOWNfbGZC
FwICWyU=
-----END PUBLIC KEY-----
很明显,共模攻击,如何解,我们去ctf-wiki
原理以及解密脚本就在那里了,不多说了,说一下我踩的坑点
如何把flag1和flag2转化为10进制数字
查看文件,发现是base64加密后的
➜ rsa_5b6020b46b8186d81efea521da55b361 cat flag1.enc
XSKBJ2biS6brC5iGwU0GZitHdVM3HXAiwtFnVf2+HTaUqFahxL+BxBi2QDcx7gLxcjEWCMwFP6DS92nMAU4r0gPWSEUIoY57sgNZsjDIDAukiYeLNDUgYz+1P+nF4fk7gwPdozrIvAXGDBvMBjuviqsC8vmVP3I6eLLkt9C46HFt0SBw5ycfAjVoDF2r7/4B1UDs4G0dpIDUCk4khezzgqspn6tqtwOGB27vrKegoL/FlwmutFYIuRKKCBKx3yc/qfWXZ84Oo8nPqgaxgDlxWeLtGM9ZouwFKnagmjbnH+58Pescw4XYafXKqFjQz3XrK/uUESE8jIEIPeL1+8yUpw==
之后解密,再然后转化为hex,在转化为10进制数
转化为hex脚本
import base64
import binascii
str = "EruzwVAXSVLC3rldjcsx6HO0UUICdR9xxgr9eWNhIW0T8l2O3yT/LlFLK2+YU0HB97xr5HaiZesk4T6IuJ9+iOzB8YSkWMfYvOSDKn7Jng/1Q3wQuoldm+UurmZkiEs9kFi+EhsCNAbVAnLzLXLwzYm3emamueDqru4Doo/lSMz8p0+jqz24HscJN9shU85WX4JngW92REHHV8rPHaisCdxeAs+uPyTNzO4IbwDaJvw3ZR/Lo4m1K2Qw8PbYnOcgVr9CWR7mVyxofoWk6qWpQf3d0fX6wbbPcQkXxnnqLWy5S3PZcNQa1wkfRTJJO03QmNVsOivXGb3GzmeZbxmVhQ=="
c = base64.b64decode(str)
m = 0
for i in c:
d = ord(i)
m = m *256 + d
print ("m:%x" %m)
之后再运行
>>> int('5D22812766E24BA6EB0B9886C14D06662B477553371D7022C2D16755FDBE1D3694A856A1C4BF81C418B6403731EE02F172311608CC053FA0D2F769CC014E2BD203D6484508A18E7BB20359B230C80C0BA489878B343520633FB53FE9C5E1F93B8303DDA33AC8BC05C60C1BCC063BAF8AAB02F2F9953F723A78B2E4B7D0B8E8716DD12070E7271F0235680C5DABEFFE01D540ECE06D1DA480D40A4E2485ECF382AB299FAB6AB70386076EEFACA7A0A0BFC59709AEB45608B9128A0812B1DF273FA9F59767CE0EA3C9CFAA06B180397159E2ED18CF59A2EC052A76A09A36E71FEE7C3DEB1CC385D869F5CAA858D0CF75EB2BFB9411213C8C81083DE2F5FBCC94A7',16)
11757177168629974661319129065020939259607843855964612407515015619551332717303594939284265148421101106538576564879770344246694669035164564635188309876801896156214909946098869029964618647606449218025915092461416329529723153695631060387903820322776063152970417682658882514448192870115306139048632667164375339647480060498038060662339943872320998391726896418231367745182167642401094985859083528539732718585607300300744481583877075988159078923393794888199752412273065186387778708588318818871255432956112609603017152148063465689319082652284861285738454428311471661017770501362483439955249552527930663707069794266908382237863L
>>> int('12bbb3c150174952c2deb95d8dcb31e873b4514202751f71c60afd796361216d13f25d8edf24ff2e514b2b6f985341c1f7bc6be476a265eb24e13e88b89f7e88ecc1f184a458c7d8bce4832a7ec99e0ff5437c10ba895d9be52eae6664884b3d9058be121b023406d50272f32d72f0cd89b77a66a6b9e0eaaeee03a28fe548ccfca74fa3ab3db81ec70937db2153ce565f8267816f764441c757cacf1da8ac09dc5e02cfae3f24cdccee086f00da26fc37651fcba389b52b6430f0f6d89ce72056bf42591ee6572c687e85a4eaa5a941fdddd1f5fac1b6cf710917c679ea2d6cb94b73d970d41ad7091f4532493b4dd098d56c3a2bd719bdc6ce67996f199585',16)
2364848878397323871885597084235162950454738150033561990125608234733186785294327511676322556989693319543787881108157790541032502889824032246849038028277601291878651138223131738210948288040172974610279550123399373111991951111719314902078119305973622147396199257818150347936553495169543808071509800280778646769553776723985138633331947024508645378935223338224527962766707863670722941767067705851822587652625805245801727869961524972624327839027498877534264770109063202217409037083612774983213841234965045214820133529399280883524064963136158251681946077429913578531311243649928666453318570284124743168193304356485791847813L
tcl,没能整合在一个脚本
然后最终脚本
import gmpy2
n = 17362520124149736059291605717839814089431261833972408175766504894876091272021197374480215582589878198406028065354454242540322618614670160317701698407729515781811530180885334265851364490357884909336085410775168953942120359215038925025305363480538685487988827339463890539279008285241711326041868183805848503077373967082910932422798165242481154593794712639251157856102009630894845049984346776659339380886766804814959778048440996937820138560802077375885700500737699904011032451007341777160586467318264288370080315519305800247682611802774996999330812534723806925426052547128371180683265963525581842037399869323246530085399
e1 = 2333
e2 = 23333
message1 = 11757177168629974661319129065020939259607843855964612407515015619551332717303594939284265148421101106538576564879770344246694669035164564635188309876801896156214909946098869029964618647606449218025915092461416329529723153695631060387903820322776063152970417682658882514448192870115306139048632667164375339647480060498038060662339943872320998391726896418231367745182167642401094985859083528539732718585607300300744481583877075988159078923393794888199752412273065186387778708588318818871255432956112609603017152148063465689319082652284861285738454428311471661017770501362483439955249552527930663707069794266908382237863
message2 = 2364848878397323871885597084235162950454738150033561990125608234733186785294327511676322556989693319543787881108157790541032502889824032246849038028277601291878651138223131738210948288040172974610279550123399373111991951111719314902078119305973622147396199257818150347936553495169543808071509800280778646769553776723985138633331947024508645378935223338224527962766707863670722941767067705851822587652625805245801727869961524972624327839027498877534264770109063202217409037083612774983213841234965045214820133529399280883524064963136158251681946077429913578531311243649928666453318570284124743168193304356485791847813
# s & t
gcd, s, t = gmpy2.gcdext(e1, e2)
if s < 0:
s = -s
message1 = gmpy2.invert(message1, n)
if t < 0:
t = -t
message2 = gmpy2.invert(message2, n)
plain = gmpy2.powmod(message1, s, n) * gmpy2.powmod(message2, t, n) % n
print plain
输出结果plain
D:\0820\rsa_5b6020b46b8186d81efea521da55b361>python exp.py
56006392793405146392044030904223674296981372972935018576761589590002462312910860136112925465677030781
然后转hex,再hex»ascii
flag{4b0b4c8a-82f3-4d80-902b-8e7a5706f8fe}
