rishitsaiya
4 years ago
commit
dde493c336
22 changed files with 630 additions and 0 deletions
@ -0,0 +1,9 @@ |
|||
## Login Error |
|||
The main idea finding the flag is decryption of AES CBC encryption. |
|||
|
|||
#### Step-1: |
|||
I am not that good at AES encryption, so looked up [here](https://dunsp4rce.github.io/csictf-2020/crypto/2020/07/21/Login-Error.html). |
|||
|
|||
#### Step-2: |
|||
Finally the flag becomes: |
|||
`csictf{Sh4u!d_hav3_n0t_u5ed_CBC}` |
@ -0,0 +1,54 @@ |
|||
## Mein Kampf |
|||
The main idea finding the flag is knowing Enigma Machine library. |
|||
|
|||
#### Step-1: |
|||
After reading the given message: |
|||
|
|||
``` |
|||
M4 UKW $ Gamma 2 4 $ 5 9 $ 14 3 $ 5 20 fv cd hu ik es op yl wq jm |
|||
``` |
|||
Google searches gave some sense of Enigma Machine. |
|||
|
|||
#### Step-2: |
|||
So, I quickly searched for such libraries in python at got it at: https://pypi.org/project/py-enigma/ |
|||
|
|||
#### Step-3: |
|||
So, I wrote a `exploit.py` script with help from [official documentation](https://pypi.org/project/py-enigma/). |
|||
|
|||
```python |
|||
from enigma.machine import EnigmaMachine |
|||
|
|||
ROTORS = ['I', 'II', 'III', 'IV', 'V', 'VI', 'VII', 'VIII', 'Beta', 'Gamma'] |
|||
REFLECTORS = ['B', 'C', 'B-Thin', 'C-Thin'] |
|||
|
|||
state = 'M4 UKW $ Gamma 2 4 $ 5 9 $ 14 3 $ 5 20 fv cd hu ik es op yl wq jm' |
|||
enc = 'zkrtwvvvnrkulxhoywoj' |
|||
|
|||
rings = '4 9 3 20' |
|||
plug = 'fv cd hu ik es op yl wq jm'.upper() |
|||
pos = '2 5 14 5' |
|||
pos = ''.join(chr(int(x) - 1 + ord('A')) for x in pos.split()) |
|||
|
|||
for rf in REFLECTORS: |
|||
for r2 in ROTORS: |
|||
for r3 in ROTORS: |
|||
for r4 in ROTORS: |
|||
rotors = ['Gamma', r2, r3, r4] |
|||
e = EnigmaMachine.from_key_sheet(rotors=rotors, ring_settings=rings, |
|||
reflector=rf, plugboard_settings=plug) |
|||
e.set_display(pos) |
|||
txt = e.process_text(enc).lower() |
|||
if 'csictf' in txt: |
|||
print(txt) |
|||
``` |
|||
|
|||
#### Step-4: |
|||
When I ran the script as `python3 exploit.py`, I got the flag: |
|||
|
|||
```bash |
|||
csictfnoshitsherlock |
|||
``` |
|||
|
|||
#### Step-5: |
|||
Finally the flag becomes: |
|||
`csictf{no_shit_sherlock}` |
@ -0,0 +1,24 @@ |
|||
from enigma.machine import EnigmaMachine |
|||
|
|||
ROTORS = ['I', 'II', 'III', 'IV', 'V', 'VI', 'VII', 'VIII', 'Beta', 'Gamma'] |
|||
REFLECTORS = ['B', 'C', 'B-Thin', 'C-Thin'] |
|||
|
|||
state = 'M4 UKW $ Gamma 2 4 $ 5 9 $ 14 3 $ 5 20 fv cd hu ik es op yl wq jm' |
|||
enc = 'zkrtwvvvnrkulxhoywoj' |
|||
|
|||
rings = '4 9 3 20' |
|||
plug = 'fv cd hu ik es op yl wq jm'.upper() |
|||
pos = '2 5 14 5' |
|||
pos = ''.join(chr(int(x) - 1 + ord('A')) for x in pos.split()) |
|||
|
|||
for rf in REFLECTORS: |
|||
for r2 in ROTORS: |
|||
for r3 in ROTORS: |
|||
for r4 in ROTORS: |
|||
rotors = ['Gamma', r2, r3, r4] |
|||
e = EnigmaMachine.from_key_sheet(rotors=rotors, ring_settings=rings, |
|||
reflector=rf, plugboard_settings=plug) |
|||
e.set_display(pos) |
|||
txt = e.process_text(enc).lower() |
|||
if 'csictf' in txt: |
|||
print(txt) |
@ -0,0 +1,53 @@ |
|||
## MODERN CLUELESS CHILD |
|||
The main idea finding the flag is decryption using XOR keys. |
|||
|
|||
#### Step-1: |
|||
After reading the given message: |
|||
|
|||
```bash |
|||
I was surfing the crimson wave and oh my gosh I was totally bugging. I also tried out the lilac hair trend but it didn't work out. That's not to say you are any better, you are a snob and a half. But let's get back to the main question here- Who am I? (You don't know my name) |
|||
|
|||
Ciphertext = "52f41f58f51f47f57f49f48f5df46f6ef53f43f57f6cf50f6df53f53f40f58f51f6ef42f56f43f41f5ef5cf4e" (hex) Key = "12123" |
|||
``` |
|||
|
|||
#### Step-2: |
|||
I quickly removed the `f` from cipher text as looked like it was used for space. So I wrote a script `sub.py` to replace `f` with `''`. |
|||
|
|||
```python |
|||
ciphertext = "52f41f58f51f47f57f49f48f5df46f6ef53f43f57f6cf50f6df53f53f40f58f51f6ef42f56f43f41f5ef5cf4e" |
|||
sub = ciphertext.replace('f','') |
|||
print(sub) |
|||
``` |
|||
|
|||
On running `python3 sub.py` this, it gave me `52415851475749485d466e5343576c506d53534058516e425643415e5c4e`. |
|||
|
|||
#### Step-3: |
|||
I had to check if I am not missing any cipher text so I cross check the flag by XOR checks. So, I wrote this `xor1.py` script get the `csictf{` code: |
|||
|
|||
```python |
|||
from pwn import xor |
|||
flag = bytes.fromhex('52415851475749485d466e5343576c506d53534058516e425643415e5c4e') |
|||
print(xor(flag, 'csictf{'.encode())) |
|||
``` |
|||
Output: |
|||
```bash |
|||
b"1212312+./\r'%,\x0f#\x040'\x1d+57'%?=" |
|||
``` |
|||
|
|||
#### Step-4: |
|||
Since we got the key `1212312` means we are right path as key has cyclic property key (12123). Now it was just replacement on the key with ASCII. |
|||
|
|||
`exlpoit.py` to get flag: |
|||
```python |
|||
from pwn import xor |
|||
flag = bytes.fromhex('52415851475749485d466e5343576c506d53534058516e425643415e5c4e') |
|||
print(xor(flag, '12123'.encode())) |
|||
``` |
|||
On running `python3 exploit.py`, Voila! I got the flag. |
|||
```bash |
|||
b'csictf{you_are_a_basic_person}' |
|||
``` |
|||
|
|||
#### Step-5: |
|||
Finally the flag becomes: |
|||
`csictf{you_are_a_basic_person}` |
@ -0,0 +1,3 @@ |
|||
from pwn import xor |
|||
flag = bytes.fromhex('52415851475749485d466e5343576c506d53534058516e425643415e5c4e') |
|||
print(xor(flag, '12123'.encode())) |
@ -0,0 +1,3 @@ |
|||
ciphertext = "52f41f58f51f47f57f49f48f5df46f6ef53f43f57f6cf50f6df53f53f40f58f51f6ef42f56f43f41f5ef5cf4e" |
|||
sub = ciphertext.replace('f','') |
|||
print(sub) |
@ -0,0 +1,3 @@ |
|||
from pwn import xor |
|||
flag = bytes.fromhex('52415851475749485d466e5343576c506d53534058516e425643415e5c4e') |
|||
print(xor(flag, 'csictf{'.encode())) |
After Width: | Height: | Size: 21 KiB |
@ -0,0 +1,39 @@ |
|||
## Quick Math |
|||
The main idea finding the flag is decrypting the RSA exponentiation. |
|||
|
|||
#### Step-1: |
|||
Given statement |
|||
|
|||
``` |
|||
Ben has encrypted a message with the same value of 'e' for 3 public moduli - |
|||
n1 = 86812553978993 n2 = 81744303091421 n3 = 83695120256591 and got the cipher texts - |
|||
c1 = 8875674977048 c2 = 70744354709710 c3 = 29146719498409. Find the original message. |
|||
``` |
|||
|
|||
|
|||
#### Step-2: |
|||
This article is quite renowned: [https://www.johndcook.com/blog/2019/03/06/rsa-exponent-3/](https://www.johndcook.com/blog/2019/03/06/rsa-exponent-3/) |
|||
|
|||
|
|||
#### Step-3: |
|||
So, I wrote `exploit.py` script to get the flag. |
|||
|
|||
```python |
|||
from sympy.ntheory.modular import crt |
|||
|
|||
N = [86812553978993, 81744303091421, 83695120256591] |
|||
c = [8875674977048, 70744354709710, 29146719498409] |
|||
x = crt(N, c)[0] |
|||
print("Hex String:") |
|||
print(round(x ** (1. /3))) |
|||
``` |
|||
After running the script by `python3 exploit.py`, I got a hex string. |
|||
|
|||
#### Step-4: |
|||
I converted it online to ASCII [here](http://www.unit-conversion.info/texttools/hexadecimal/). |
|||
|
|||
<img src="Flag.png"> |
|||
|
|||
#### Step-5: |
|||
Finally the flag becomes: |
|||
`csictf{h45t4d}` |
@ -0,0 +1,7 @@ |
|||
from sympy.ntheory.modular import crt |
|||
|
|||
N = [86812553978993, 81744303091421, 83695120256591] |
|||
c = [8875674977048, 70744354709710, 29146719498409] |
|||
x = crt(N, c)[0] |
|||
print("Hex String:") |
|||
print(round(x ** (1. /3))) |
@ -0,0 +1,52 @@ |
|||
## Rivest Shamir Adleman |
|||
The main idea finding the flag is just decoding the RSA encryption. |
|||
|
|||
#### Step-1: |
|||
After I downloaded the `enc.txt`, the contents of which are as follows: |
|||
|
|||
``` |
|||
n = 408579146706567976063586763758203051093687666875502812646277701560732347095463873824829467529879836457478436098685606552992513164224712398195503564207485938278827523972139196070431397049700119503436522251010430918143933255323117421712000644324381094600257291929523792609421325002527067471808992410166917641057703562860663026873111322556414272297111644069436801401012920448661637616392792337964865050210799542881102709109912849797010633838067759525247734892916438373776477679080154595973530904808231 |
|||
e = 65537 |
|||
c = 226582271940094442087193050781730854272200420106419489092394544365159707306164351084355362938310978502945875712496307487367548451311593283589317511213656234433015906518135430048027246548193062845961541375898496150123721180020417232872212026782286711541777491477220762823620612241593367070405349675337889270277102235298455763273194540359004938828819546420083966793260159983751717798236019327334525608143172073795095665271013295322241504491351162010517033995871502259721412160906176911277416194406909 |
|||
``` |
|||
|
|||
#### Step-2: |
|||
So, I wanted to use the [RsaCtf Tool](https://github.com/Ganapati/RsaCtfTool), I factorized the `n` online at http://factordb.com/ to give us `p` & `q`. |
|||
|
|||
#### Step-3: |
|||
A simple `flag.py` script gives the flag to us: |
|||
|
|||
```python |
|||
from Crypto.Util.number import inverse |
|||
import binascii |
|||
|
|||
e = 65537 |
|||
c = 226582271940094442087193050781730854272200420106419489092394544365159707306164351084355362938310978502945875712496307487367548451311593283589317511213656234433015906518135430048027246548193062845961541375898496150123721180020417232872212026782286711541777491477220762823620612241593367070405349675337889270277102235298455763273194540359004938828819546420083966793260159983751717798236019327334525608143172073795095665271013295322241504491351162010517033995871502259721412160906176911277416194406909 |
|||
n = 408579146706567976063586763758203051093687666875502812646277701560732347095463873824829467529879836457478436098685606552992513164224712398195503564207485938278827523972139196070431397049700119503436522251010430918143933255323117421712000644324381094600257291929523792609421325002527067471808992410166917641057703562860663026873111322556414272297111644069436801401012920448661637616392792337964865050210799542881102709109912849797010633838067759525247734892916438373776477679080154595973530904808231 |
|||
|
|||
# From factordb |
|||
|
|||
p = 15485863 |
|||
q = 26384008867091745294633354547835212741691416673097444594871961708606898246191631284922865941012124184327243247514562575750057530808887589809848089461174100421708982184082294675500577336225957797988818721372546749131380876566137607036301473435764031659085276159909447255824316991731559776281695919056426990285120277950325598700770588152330565774546219611360167747900967511378709576366056727866239359744484343099322440674434020874200594041033926202578941508969596229398159965581521326643115137 |
|||
|
|||
phi = (p-1) * (q-1) |
|||
|
|||
d = inverse(e,phi) |
|||
m = pow(c,d,n) |
|||
|
|||
hex_str = hex(m)[2:] # Removing '0x' |
|||
print(binascii.unhexlify(hex_str)) |
|||
``` |
|||
|
|||
#### Step-4: |
|||
When I run this by `python3 flag.py`, it game following output: |
|||
|
|||
```bash |
|||
|
|||
b"csictf{sh0uld'v3_t4k3n_b1gg3r_pr1m3s}" |
|||
``` |
|||
Voila! There we have our flag. |
|||
|
|||
#### Step-5: |
|||
Finally the flag becomes: |
|||
`csictf{sh0uld'v3_t4k3n_b1gg3r_pr1m3s}` |
@ -0,0 +1,3 @@ |
|||
n = 408579146706567976063586763758203051093687666875502812646277701560732347095463873824829467529879836457478436098685606552992513164224712398195503564207485938278827523972139196070431397049700119503436522251010430918143933255323117421712000644324381094600257291929523792609421325002527067471808992410166917641057703562860663026873111322556414272297111644069436801401012920448661637616392792337964865050210799542881102709109912849797010633838067759525247734892916438373776477679080154595973530904808231 |
|||
e = 65537 |
|||
c = 226582271940094442087193050781730854272200420106419489092394544365159707306164351084355362938310978502945875712496307487367548451311593283589317511213656234433015906518135430048027246548193062845961541375898496150123721180020417232872212026782286711541777491477220762823620612241593367070405349675337889270277102235298455763273194540359004938828819546420083966793260159983751717798236019327334525608143172073795095665271013295322241504491351162010517033995871502259721412160906176911277416194406909 |
@ -0,0 +1,19 @@ |
|||
from Crypto.Util.number import inverse |
|||
import binascii |
|||
|
|||
e = 65537 |
|||
c = 226582271940094442087193050781730854272200420106419489092394544365159707306164351084355362938310978502945875712496307487367548451311593283589317511213656234433015906518135430048027246548193062845961541375898496150123721180020417232872212026782286711541777491477220762823620612241593367070405349675337889270277102235298455763273194540359004938828819546420083966793260159983751717798236019327334525608143172073795095665271013295322241504491351162010517033995871502259721412160906176911277416194406909 |
|||
n = 408579146706567976063586763758203051093687666875502812646277701560732347095463873824829467529879836457478436098685606552992513164224712398195503564207485938278827523972139196070431397049700119503436522251010430918143933255323117421712000644324381094600257291929523792609421325002527067471808992410166917641057703562860663026873111322556414272297111644069436801401012920448661637616392792337964865050210799542881102709109912849797010633838067759525247734892916438373776477679080154595973530904808231 |
|||
|
|||
# From factordb |
|||
|
|||
p = 15485863 |
|||
q = 26384008867091745294633354547835212741691416673097444594871961708606898246191631284922865941012124184327243247514562575750057530808887589809848089461174100421708982184082294675500577336225957797988818721372546749131380876566137607036301473435764031659085276159909447255824316991731559776281695919056426990285120277950325598700770588152330565774546219611360167747900967511378709576366056727866239359744484343099322440674434020874200594041033926202578941508969596229398159965581521326643115137 |
|||
|
|||
phi = (p-1) * (q-1) |
|||
|
|||
d = inverse(e,phi) |
|||
m = pow(c,d,n) |
|||
|
|||
hex_str = hex(m)[2:] # Removing '0x' |
|||
print(binascii.unhexlify(hex_str)) |
@ -0,0 +1,29 @@ |
|||
public class ClimbSolver { |
|||
static String encrypted = "lrzlhhombgichae"; |
|||
static String key = "gybnqkurp"; |
|||
|
|||
public static void brute(int startPos) { |
|||
int size = (int) Math.sqrt(key.length()); |
|||
String encChunk = encrypted.substring(startPos, startPos + size); |
|||
Main obj = new Main(); |
|||
obj.keyconv(key, size); |
|||
for (char a = 'a'; a <= 'z'; a++) |
|||
for (char b = 'a'; b <= 'z'; b++) |
|||
for (char c = 'a'; c <= 'z'; c++) { |
|||
String text = "" + a + b + c; |
|||
obj.textconv(text); |
|||
obj.multiply(text.length()); |
|||
String res = obj.res(text.length()); |
|||
if (res.equals(encChunk)) { |
|||
System.out.print(text); |
|||
} |
|||
} |
|||
} |
|||
|
|||
public static void main(String[] args) { |
|||
for (int i = 0; i < encrypted.length(); i += 3) { |
|||
brute(i); |
|||
} |
|||
System.out.println(); |
|||
} |
|||
} |
@ -0,0 +1,161 @@ |
|||
## The Climb |
|||
The main idea finding the flag is decrypting the Hill Cipher. |
|||
|
|||
#### Step-1: |
|||
After I downloaded `theclimb.java` & `theclimb.txt`, I checked out the contents in them. |
|||
|
|||
- `theclimb.txt` had this: |
|||
|
|||
``` |
|||
Encrypted text = lrzlhhombgichae |
|||
``` |
|||
|
|||
- `theclimb.java` had this: |
|||
|
|||
```java |
|||
public class Main |
|||
{ |
|||
int kmatrix[][]; |
|||
int tmatrix[]; |
|||
int rmatrix[]; |
|||
|
|||
public void div(String temp, int size) |
|||
{ |
|||
while (temp.length() > size) |
|||
{ |
|||
String substr = temp.substring(0, size); |
|||
temp = temp.substring(size, temp.length()); |
|||
perf(substr); |
|||
} |
|||
if (temp.length() == size) |
|||
perf(temp); |
|||
else if (temp.length() < size) |
|||
{ |
|||
for (int i = temp.length(); i < size; i++) |
|||
temp = temp + 'x'; |
|||
perf(temp); |
|||
} |
|||
} |
|||
|
|||
public void perf(String text) |
|||
{ |
|||
textconv(text); |
|||
multiply(text.length()); |
|||
res(text.length()); |
|||
} |
|||
|
|||
public void keyconv(String key, int len) |
|||
{ |
|||
kmatrix = new int[len][len]; |
|||
int c = 0; |
|||
for (int i = 0; i < len; i++) |
|||
{ |
|||
for (int j = 0; j < len; j++) |
|||
{ |
|||
kmatrix[i][j] = ((int) key.charAt(c)) - 97; |
|||
c++; |
|||
} |
|||
} |
|||
} |
|||
|
|||
public void textconv(String text) |
|||
{ |
|||
tmatrix = new int[text.length()]; |
|||
for (int i = 0; i < text.length(); i++) |
|||
{ |
|||
tmatrix[i] = ((int) text.charAt(i)) - 97; |
|||
} |
|||
} |
|||
|
|||
public void multiply(int len) |
|||
{ |
|||
rmatrix = new int[len]; |
|||
for (int i = 0; i < len; i++) |
|||
{ |
|||
for (int j = 0; j < len; j++) |
|||
{ |
|||
rmatrix[i] += kmatrix[i][j] * tmatrix[j]; |
|||
} |
|||
rmatrix[i] %= 26; |
|||
} |
|||
} |
|||
|
|||
public void res(int len) |
|||
{ |
|||
String res = ""; |
|||
for (int i = 0; i < len; i++) |
|||
{ |
|||
res += (char) (rmatrix[i] + 97); |
|||
} |
|||
System.out.print(res); |
|||
} |
|||
|
|||
|
|||
public static void main(String[] args) |
|||
{ |
|||
Main obj = new Main(); |
|||
System.out.println("Enter the plain text: "); |
|||
String text = "fakeflag"; |
|||
System.out.println(text); |
|||
System.out.println("Enter the key: "); |
|||
String key = "gybnqkurp"; |
|||
System.out.println(key); |
|||
double root = Math.sqrt(key.length()); |
|||
if (root != (long) root) |
|||
System.out.println("Invalid key length."); |
|||
else |
|||
{ |
|||
int size = (int) root; |
|||
|
|||
System.out.println("Encrypted text = "); |
|||
obj.keyconv(key, size); |
|||
obj.div(text, size); |
|||
} |
|||
} |
|||
} |
|||
``` |
|||
|
|||
#### Step-2: |
|||
The flag is encrypted using [Hill cipher](https://en.wikipedia.org/wiki/Hill_cipher), in which every block of 3 is multiplied by a 3x3 matrix. |
|||
|
|||
The official way to solve it is by solving a system of equations using [Gaussian elimination](https://en.wikipedia.org/wiki/Gaussian_elimination) but I prefer Bruteforcing all triagram combinations. |
|||
|
|||
#### Step-3: |
|||
So, I wrote `Main.java` to get the flag. |
|||
|
|||
```java |
|||
public class ClimbSolver { |
|||
static String encrypted = "lrzlhhombgichae"; |
|||
static String key = "gybnqkurp"; |
|||
|
|||
public static void brute(int startPos) { |
|||
int size = (int) Math.sqrt(key.length()); |
|||
String encChunk = encrypted.substring(startPos, startPos + size); |
|||
Main obj = new Main(); |
|||
obj.keyconv(key, size); |
|||
for (char a = 'a'; a <= 'z'; a++) |
|||
for (char b = 'a'; b <= 'z'; b++) |
|||
for (char c = 'a'; c <= 'z'; c++) { |
|||
String text = "" + a + b + c; |
|||
obj.textconv(text); |
|||
obj.multiply(text.length()); |
|||
String res = obj.res(text.length()); |
|||
if (res.equals(encChunk)) { |
|||
System.out.print(text); |
|||
} |
|||
} |
|||
} |
|||
|
|||
public static void main(String[] args) { |
|||
for (int i = 0; i < encrypted.length(); i += 3) { |
|||
brute(i); |
|||
} |
|||
System.out.println(); |
|||
} |
|||
} |
|||
``` |
|||
After running the script, I got the flag. |
|||
|
|||
#### Step-4: |
|||
Finally the flag becomes: |
|||
`csictf{hillshaveeyes}` |
@ -0,0 +1,100 @@ |
|||
public class Main |
|||
{ |
|||
int kmatrix[][]; |
|||
int tmatrix[]; |
|||
int rmatrix[]; |
|||
|
|||
public void div(String temp, int size) |
|||
{ |
|||
while (temp.length() > size) |
|||
{ |
|||
String substr = temp.substring(0, size); |
|||
temp = temp.substring(size, temp.length()); |
|||
perf(substr); |
|||
} |
|||
if (temp.length() == size) |
|||
perf(temp); |
|||
else if (temp.length() < size) |
|||
{ |
|||
for (int i = temp.length(); i < size; i++) |
|||
temp = temp + 'x'; |
|||
perf(temp); |
|||
} |
|||
} |
|||
|
|||
public void perf(String text) |
|||
{ |
|||
textconv(text); |
|||
multiply(text.length()); |
|||
res(text.length()); |
|||
} |
|||
|
|||
public void keyconv(String key, int len) |
|||
{ |
|||
kmatrix = new int[len][len]; |
|||
int c = 0; |
|||
for (int i = 0; i < len; i++) |
|||
{ |
|||
for (int j = 0; j < len; j++) |
|||
{ |
|||
kmatrix[i][j] = ((int) key.charAt(c)) - 97; |
|||
c++; |
|||
} |
|||
} |
|||
} |
|||
|
|||
public void textconv(String text) |
|||
{ |
|||
tmatrix = new int[text.length()]; |
|||
for (int i = 0; i < text.length(); i++) |
|||
{ |
|||
tmatrix[i] = ((int) text.charAt(i)) - 97; |
|||
} |
|||
} |
|||
|
|||
public void multiply(int len) |
|||
{ |
|||
rmatrix = new int[len]; |
|||
for (int i = 0; i < len; i++) |
|||
{ |
|||
for (int j = 0; j < len; j++) |
|||
{ |
|||
rmatrix[i] += kmatrix[i][j] * tmatrix[j]; |
|||
} |
|||
rmatrix[i] %= 26; |
|||
} |
|||
} |
|||
|
|||
public void res(int len) |
|||
{ |
|||
String res = ""; |
|||
for (int i = 0; i < len; i++) |
|||
{ |
|||
res += (char) (rmatrix[i] + 97); |
|||
} |
|||
System.out.print(res); |
|||
} |
|||
|
|||
|
|||
public static void main(String[] args) |
|||
{ |
|||
Main obj = new Main(); |
|||
System.out.println("Enter the plain text: "); |
|||
String text = "fakeflag"; |
|||
System.out.println(text); |
|||
System.out.println("Enter the key: "); |
|||
String key = "gybnqkurp"; |
|||
System.out.println(key); |
|||
double root = Math.sqrt(key.length()); |
|||
if (root != (long) root) |
|||
System.out.println("Invalid key length."); |
|||
else |
|||
{ |
|||
int size = (int) root; |
|||
|
|||
System.out.println("Encrypted text = "); |
|||
obj.keyconv(key, size); |
|||
obj.div(text, size); |
|||
} |
|||
} |
|||
} |
@ -0,0 +1 @@ |
|||
Encrypted text = lrzlhhombgichae |
@ -0,0 +1,48 @@ |
|||
## little RSA |
|||
The main idea finding the flag is getting the cipher text from RSA algorithm. |
|||
|
|||
#### Step-1: |
|||
After I downloaded `a.txt` & `flag.zip`, I checked out the contents in them. |
|||
|
|||
`a.txt` gave `c`, `n`, `e` as follows: |
|||
|
|||
``` |
|||
c=32949 |
|||
n=64741 |
|||
e=42667 |
|||
``` |
|||
`flag.zip` contains `flag.txt` which is encrypted by a pin which is key from RSA implementation. |
|||
|
|||
#### Step-2: |
|||
So, I used again the [RsaCtf Tool](https://github.com/Ganapati/RsaCtfTool) and implemented by a `flag.py`: |
|||
|
|||
`n` was factorized online at http://factordb.com/index.php?query=64741 to get `p` & `q`. |
|||
```python |
|||
from Crypto.Util.number import inverse |
|||
import binascii |
|||
|
|||
e = 42667 |
|||
c = 32949 |
|||
n = 64741 |
|||
|
|||
# From factordb |
|||
|
|||
p = 101 |
|||
q = 641 |
|||
|
|||
phi = (p-1) * (q-1) |
|||
|
|||
d = inverse(e,phi) |
|||
m = pow(c,d,n) |
|||
|
|||
print (m) |
|||
``` |
|||
|
|||
#### Step-3: |
|||
After running above script as `python3 flag.py`, I got this output as `18429`. I used this key to unlock the zip to get access to `flag.txt`. |
|||
|
|||
Voila! I got the flag! |
|||
|
|||
#### Step-4: |
|||
Finally the flag becomes: |
|||
`csictf{gr34t_m1nds_th1nk_4l1ke}` |
@ -0,0 +1,3 @@ |
|||
c=32949 |
|||
n=64741 |
|||
e=42667 |
@ -0,0 +1,18 @@ |
|||
from Crypto.Util.number import inverse |
|||
import binascii |
|||
|
|||
e = 42667 |
|||
c = 32949 |
|||
n = 64741 |
|||
|
|||
# From factordb |
|||
|
|||
p = 101 |
|||
q = 641 |
|||
|
|||
phi = (p-1) * (q-1) |
|||
|
|||
d = inverse(e,phi) |
|||
m = pow(c,d,n) |
|||
|
|||
print (m) |
@ -0,0 +1 @@ |
|||
csictf{gr34t_m1nds_th1nk_4l1ke} |
Binary file not shown.
Loading…
Reference in new issue