设为首页收藏本站
开启辅助访问 切换到窄版

安全矩阵

 找回密码
 立即注册
搜索
安全矩阵»安全矩阵 安全矩阵实验室 CTF CRYPTO(密码学) xctf密码学题目
返回列表 发新帖
查看: 2878|回复: 4

xctf密码学题目

[复制链接]
gclome

991

主题

1063

帖子

4315

积分

论坛元老

Rank: 8Rank: 8

积分
4315
发表于 2021-11-7 16:25:21 | 显示全部楼层 |阅读模式
本帖最后由 gclome 于 2021-11-8 19:46 编辑

easyecc

ECC求公钥

使用场景:
  1. 已知椭圆曲线加密Ep(a,b)参数为

  3. p = 15424654874903
  4. a = 16546484
  5. b = 4548674875
  6. G(6478678675,5636379357093)
  7. 私钥为
  8. k = 546768
  9. 求公钥K(x,y)
复制代码


代码如下:
  1. import collections
  2. import random
  3. EllipticCurve = collections.namedtuple('EllipticCurve', 'name p a b g n h')
  4. curve = EllipticCurve(
  5.    'secp256k1',
  6.    # Field characteristic.
  7.    p=15424654874903,      //有限域的p,就是要mod的数
  8.    # Curve coefficients.
  9.    a=16546484,
  10.    b=4548674875,            //a,b是椭圆曲线方程上的参数
  11.    # Base point.
  12.    g=(6478678675,5636379357093),   //取一个基点
  13.    # Subgroup order.
  14.    n=546768,     //私钥
  15.    # Subgroup cofactor.
  16.    h=1,
  17. )
  18. # Modular arithmetic ##########################################################
  19. def inverse_mod(k, p):    //使用扩展欧几里得算法求模逆
  20.    """Returns the inverse of k modulo p.
  21.   This function returns the only integer x such that (x * k) % p == 1.
  22.   k must be non-zero and p must be a prime.
  23.   """
  24.    if k == 0:
  25.        raise ZeroDivisionError('division by zero')  //被除数不能为0
  26.    if k < 0:
  27.        # k ** -1 = p - (-k) ** -1 (mod p)   //负数求mod
  28.        return p - inverse_mod(-k, p)
  29.    # Extended Euclidean algorithm.    //扩展欧几里得算法
  30.    s, old_s = 0, 1
  31.    t, old_t = 1, 0
  32.    r, old_r = p, k
  33.    while r != 0:
  34.        quotient = old_r // r
  35.        old_r, r = r, old_r - quotient * r
  36.        old_s, s = s, old_s - quotient * s
  37.        old_t, t = t, old_t - quotient * t
  38.    gcd, x, y = old_r, old_s, old_t
  39.    assert gcd == 1
  40.    assert (k * x) % p == 1
  41.    return x % p
  42. # Functions that work on curve points #########################################
  43. def is_on_curve(point):
  44.    """Returns True if the given point lies on the elliptic curve."""
  45.    if point is None:
  46.        # None represents the point at infinity.
  47.        return True
  48.    x, y = point
  49.    return (y * y - x * x * x - curve.a * x - curve.b) % curve.p == 0
  50. def point_neg(point):
  51.    """Returns -point."""
  52.    assert is_on_curve(point)
  53.    if point is None:
  54.        # -0 = 0
  55.        return None
  56.    x, y = point
  57.    result = (x, -y % curve.p)
  58.    assert is_on_curve(result)
  59.    return result
  60. def point_add(point1, point2):
  61.    """Returns the result of point1 + point2 according to the group law."""
  62.    assert is_on_curve(point1)
  63.    assert is_on_curve(point2)
  64.    if point1 is None:
  65.        # 0 + point2 = point2
  66.        return point2
  67.    if point2 is None:
  68.        # point1 + 0 = point1
  69.        return point1
  70.    x1, y1 = point1
  71.    x2, y2 = point2
  72.    if x1 == x2 and y1 != y2:
  73.        # point1 + (-point1) = 0
  74.        return None
  75.    if x1 == x2:
  76.        # This is the case point1 == point2.
  77.        m = (3 * x1 * x1 + curve.a) * inverse_mod(2 * y1, curve.p)
  78.    else:
  79.        # This is the case point1 != point2.
  80.        m = (y1 - y2) * inverse_mod(x1 - x2, curve.p)
  81.    x3 = m * m - x1 - x2
  82.    y3 = y1 + m * (x3 - x1)
  83.    result = (x3 % curve.p,
  84.              -y3 % curve.p)
  85.    assert is_on_curve(result)
  86.    return result
  87. def scalar_mult(k, point):
  88.    """Returns k * point computed using the double and point_add algorithm."""
  89.    assert is_on_curve(point)
  90.    if k < 0:
  91.        # k * point = -k * (-point)
  92.        return scalar_mult(-k, point_neg(point))
  93.    result = None
  94.    addend = point
  95.    while k:
  96.        if k & 1:
  97.            # Add.
  98.            result = point_add(result, addend)
  99.        # Double.
  100.        addend = point_add(addend, addend)
  101.        k >>= 1
  102.    assert is_on_curve(result)
  103.    return result
  104. # Keypair generation and ECDHE ################################################
  105. def make_keypair():
  106.    """Generates a random private-public key pair."""
  107.    private_key = curve.n
  108.    public_key = scalar_mult(private_key, curve.g)
  109.    return private_key, public_key
  110. private_key, public_key = make_keypair()
  111. print("private key:", hex(private_key))
  112. #print("public key: (0x{:x}, 0x{:x})".format(*public_key))
  113. #print("public key".public_key)
  114. print(public_key)
复制代码




回复

使用道具 举报

gclome

991

主题

1063

帖子

4315

积分

论坛元老

Rank: 8Rank: 8

积分
4315
 楼主| 发表于 2021-11-8 19:46:01 | 显示全部楼层

easy_RSA

8、easy_RSA


在一次RSA密钥对生成中,假设p=473398607161,q=4511491,e=17求解出d

这个题目很简单,思路如下:
1、知道p和q,根据公式φ(n)=(p-1)*(q-1) , 就可以求出φ(n)

φ(n) =473398607160*4511490= 2135733082216268400

2、知道e和φ(n),根据公式 ed = 1 mod φ(n) ,就可以得到d的值

2135733082216268400+1=2135733082216268401

d=2135733082216268401 / 17 = 125631357777427553



回复

使用道具 举报

gclome

991

主题

1063

帖子

4315

积分

论坛元老

Rank: 8Rank: 8

积分
4315
 楼主| 发表于 2021-11-8 19:49:51 | 显示全部楼层
本帖最后由 gclome 于 2021-11-9 14:45 编辑


11、Normal_RSA

题目给了这两个文件
flag.enc 是经过rsa加密后的密文, pubkey.pem 是rsa的公钥文件
  1. -----BEGIN PUBLIC KEY-----
  2. MDwwDQYJKoZIhvcNAQEBBQADKwAwKAIhAMJjauXD2OQ/+5erCQKPGqxsC/bNPXDr
  3. yigb/+l/vjDdAgMBAAE=
  4. -----END PUBLIC KEY-----
复制代码

可以用记事本打开pubkey.pem文件,把文件内容放到rsa解密网站上分析

得到分析结果如下:

  1. n = 87924348264132406875276140514499937145050893665602592992418171647042491658461
  2. e = 65537
复制代码


对n进行质因数分解 ,即可得到质因式,使用在线工具factordb.com
分解之后,得到p和q:
  1. 275127860351348928173285174381581152299
  2. 319576316814478949870590164193048041239
复制代码


计算欧拉函数:

φ(n)=(p-1)*(q-1) =87924348264132406875276140514499937144456189488436765114374296308467862464924

再利用 gmpy2 计算出 e 模 φ(n) 的逆元 d
gmpy2.invert()方法中第一个参数为 e ,第二个参数为 φ(n),通过此方法计算可以得到 d
  1. import gmpy2
  2. p=275127860351348928173285174381581152299
  3. q=319576316814478949870590164193048041239
  4. fn=(p-1)*(q-1)
  5. e=65537
  6. d=gmpy2.invert(e,fn)
  7. print(d)
复制代码

现在得到:
  1. n = 87924348264132406875276140514499937145050893665602592992418171647042491658461
  2. e = 65537
  3. d = 10866948760844599168252082612378495977388271279679231539839049698621994994673
复制代码
现在是已经知道n,e,d,p,q,φ(n) 如果要求明文m,还必须知道密文c,根据RSA的加解密公式:
​​


密文c在flag.enc文件中,打开文件看到是这样的

但根据公式, c 需要为数字,可以先将文件中读出的二进制Byte类型数据转为数值,在求解,代码如下
  1. import gmpy2
  2. def bytes2num(b):
  3.     s='0x'
  4.     for x in b:
  5.         tmp=str(hex(x))[2:]
  6.         if len(tmp)==2:
  7.             pass
  8.         else:
  9.             tmp='0'+tmp
  10.         #print(tmp)
  11.         s+=tmp
  12.         num=int(s,16)
  13.     return num
  14. #将 10 进制数值按照 ascii 码转为字符串
  15. def num2str(n):
  16.     tmp=str(hex(n))[2:]
  17.     if len(tmp)%2==0:
  18.         pass
  19.     else:
  20.         tmp='0'+tmp
  21.     s=''
  22.     for i in range(0,len(tmp),2):
  23.         temp=tmp[i]+tmp[i+1]
  24.         s+=chr(int(temp,16))
  25.     return s
  26. c=open("flag.enc","rb")
  27. c=c.read()
  28. c=bytes2num(c)
  29. e=65537
  30. n=87924348264132406875276140514499937145050893665602592992418171647042491658461
  31. p=275127860351348928173285174381581152299
  32. q=319576316814478949870590164193048041239
  33. d=gmpy2.invert(e,(p-1)*(q-1))
  34. print(c)
  35. m=pow(c,int(d),n)
  36. print(num2str(m))
复制代码

得到flag!



回复

使用道具 举报

gclome

991

主题

1063

帖子

4315

积分

论坛元老

Rank: 8Rank: 8

积分
4315
 楼主| 发表于 2021-11-21 16:22:14 | 显示全部楼层
本帖最后由 gclome 于 2021-11-21 16:24 编辑

12、best-rsa(共模攻击)
​​
  1. *************publickey1**************************

  3. -----BEGIN PUBLIC KEY-----
  4. MIIBHzANBgkqhkiG9w0BAQEFAAOCAQwAMIIBBwKCAQBndV+JB5VkTsJ+aIkrlAQs
  5. eDNMNPmm2LaqSI2bQk1kqLmy3MkbHQmKCdesT5oGpLUmf4j4lotLrSkjXZqAMwhF
  6. 8Sa5qGX0THp333L3Y/VT6ZAgdF9AyNl/CrkGFU+7ECC1iPRB9xKyN3UFtkT+NqeH
  7. Q+5JlbQsexe430eC67WVCX7hvnQUMmGJPE7iwUDcRp4ysX+Ksw4l8HFkUGtOeca0
  8. 469b6gJoQn/7ETT7kKUSJynE7vF7bQsSz7pOfxTieqPCtPl451FjJC69XL1zgpM2
  9. +aEg6G4l1pyuAin9zOtbNdxjAYew7vFTLuxUb0A3puqw0CBxmblWYBGlL46azXJh
  10. AgF1
  11. -----END PUBLIC KEY-----
  12.         
  13. *************publickey2**************************

  15. -----BEGIN PUBLIC KEY-----
  16. MIIBITANBgkqhkiG9w0BAQEFAAOCAQ4AMIIBCQKCAQBndV+JB5VkTsJ+aIkrlAQs
  17. eDNMNPmm2LaqSI2bQk1kqLmy3MkbHQmKCdesT5oGpLUmf4j4lotLrSkjXZqAMwhF
  18. 8Sa5qGX0THp333L3Y/VT6ZAgdF9AyNl/CrkGFU+7ECC1iPRB9xKyN3UFtkT+NqeH
  19. Q+5JlbQsexe430eC67WVCX7hvnQUMmGJPE7iwUDcRp4ysX+Ksw4l8HFkUGtOeca0
  20. 469b6gJoQn/7ETT7kKUSJynE7vF7bQsSz7pOfxTieqPCtPl451FjJC69XL1zgpM2
  21. +aEg6G4l1pyuAin9zOtbNdxjAYew7vFTLuxUb0A3puqw0CBxmblWYBGlL46azXJh
  22. AgMBAAE=
  23. -----END PUBLIC KEY-----
复制代码


先把两个publickey.pem文件的内容放到rsa解密网站上分析,得到:
*************publickey1**************************
​​
*************publickey2**************************

到了这一步,因为n的值是一样的,模数相同我们猜测是共模攻击。
共模攻击适用情况:明文m、模数n相同,公钥指数e、密文c不同,gcd(e1,e2)==1也就是e1和e2互质  
  1. #判断两个数是否互素
  2. def gcd(a,b):
  3.     if(b==0):
  4.         return a
  5.     else:
  6.         return gcd(b,a%b)
  7. def main():
  8.     x = 117
  9.     y = 65537
  10.     if gcd(x,y) == 1 :
  11.         print(str(x)+" "+str(y)+" 互素")
  12.     else:
  13.         print(str(x)+" "+str(y)+" 不互素")
  14. if __name__ =="__main__":
  15.     main()
复制代码

共模攻击python3解密脚本如下:



  1. from general_project.sameNAttack import same_n_attack
  2. from Crypto.Util.number import *

  4. n = 13060424286033164731705267935214411273739909173486948413518022752305313862238166593214772698793487761875251030423516993519714215306808677724104692474199215119387725741906071553437840256786220484582884693286140537492541093086953005486704542435188521724013251087887351409946184501295224744819621937322469140771245380081663560150133162692174498642474588168444167533621259824640599530052827878558481036155222733986179487577693360697390152370901746112653758338456083440878726007229307830037808681050302990411238666727608253452573696904083133866093791985565118032742893247076947480766837941319251901579605233916076425572961
  5. e1 = 117
  6. e2 = 65537
  7. c1 = open("cipher1.txt","rb").read()
  8. c2 = open("cipher2.txt","rb").read()
  9. m = same_n_attack(n,e1,e2,bytes_to_long(c1),bytes_to_long(c2))
  10. print long_to_bytes(m)
  11.    //注意这里需要以二进制形式读入密文,在共模攻击时还需将字节流转成数字。
复制代码
或者
  1. from Crypto.PublicKey import RSA
  2. import libnum
  3. import gmpy2

  5. c1= libnum.s2n(open('cipher1.txt','rb').read())
  6. c2= libnum.s2n(open('cipher2.txt','rb').read())

  8. pub1 = RSA.importKey(open('publicKey1.pem').read())
  9. pub2 = RSA.importKey(open('publicKey2.pem').read())

  11. n = pub1.n
  12. e1 = pub1.e
  13. e2 = pub2.e

  15. s = gmpy2.gcdext(e1,e2)
  16. s1 = s[1]
  17. s2 = s[2]

  19. if s1<0:
  20.     s1 = -s1
  21.     c1 = gmpy2.invert(c1,n)
  22. elif s2<0:
  23.     s2 = -s2
  24.     c2 = gmpy2.invert(c2,n)
  25. m = pow(c1,s1,n)*pow(c2,s2,n) % n
  26. flag = libnum.n2s(m)
  27. print(flag)
复制代码



回复

使用道具 举报

gclome

991

主题

1063

帖子

4315

积分

论坛元老

Rank: 8Rank: 8

积分
4315
 楼主| 发表于 2021-11-21 16:27:23 | 显示全部楼层
​wtc_rsa_bbq



1、下载得一个压缩文件,解压后得cry200,用二进制文件查看器发现,是504B0304开头,这不还是压缩文件嘛!

2、 改成cry200.zip,解压得两个文件:cipher.bin和key.pem,
key.pem是一个公钥文件,将其放置在kali,使用openssl获得其信息
openssl rsa -pubin -in key.pem -text -modulus > out.txt
得到out.txt:
  1. RSA Public-Key: (8587 bit)
  2. Modulus:
  3.     06:2d:3d:61:c9:24:52:63:01:47:e8:96:70:ff:ff:
  4.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  5.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  6.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  7.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  8.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  9.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  10.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  11.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  12.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  13.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  14.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  15.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  16.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  17.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  18.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  19.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  20.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  21.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  22.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  23.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  24.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  25.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  26.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  27.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  28.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  29.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  30.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  31.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  32.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  33.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  34.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  35.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  36.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  37.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  38.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  39.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  40.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  41.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  42.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  43.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  44.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  45.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  46.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  47.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  48.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  49.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  50.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  51.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  52.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  53.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  54.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  55.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  56.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  57.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  58.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  59.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  60.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  61.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  62.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  63.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  64.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  65.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  66.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  67.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  68.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  69.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  70.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  71.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  72.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  73.     ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
  74.     ff:ff:ff:ff:ff:ff:ff:ff:ff
  75. Exponent: 65537 (0x10001)
  76. Modulus=62D3D61C92452630147E89670FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
  77. -----BEGIN PUBLIC KEY-----
  78. MIIEUzANBgkqhkiG9w0BAQEFAAOCBEAAMIIEOwKCBDIGLT1hySRSYwFH6JZw////
  79. ////////////////////////////////////////////////////////////////
  80. ////////////////////////////////////////////////////////////////
  81. ////////////////////////////////////////////////////////////////
  82. ////////////////////////////////////////////////////////////////
  83. ////////////////////////////////////////////////////////////////
  84. ////////////////////////////////////////////////////////////////
  85. ////////////////////////////////////////////////////////////////
  86. ////////////////////////////////////////////////////////////////
  87. ////////////////////////////////////////////////////////////////
  88. ////////////////////////////////////////////////////////////////
  89. ////////////////////////////////////////////////////////////////
  90. ////////////////////////////////////////////////////////////////
  91. ////////////////////////////////////////////////////////////////
  92. ////////////////////////////////////////////////////////////////
  93. ////////////////////////////////////////////////////////////////
  94. ////////////////////////////////////////////////////////////////
  95. ////////////////////////////////////////////////////////////////
  96. ////////////////////////////////////////////////////////////////
  97. ////////////////////////////////////////////////////////////////
  98. ////////////////////////////////////////////////////////////////
  99. ////////////////////////////////////////////////////////////////
  100. ////////////////////////////////////////////////////////////////
  101. //8CAwEAAQ==
  102. -----END PUBLIC KEY-----
复制代码

3.可知模数和指数,尝试将该模数分解,可在网上因子库查找


Exponent: 65537 (0x10001)
Modulus=62D3D61C92452630147E89670

p=2^4244*699549860111847-1
q=2^4244*699549860111847+1

  1. import gmpy2
  2. from Crypto.PublicKey import RSA

  4. n=0x62D3D61C92452630147E89670FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
  5. e=65537

  7. a=(2**4244)*699549860111847-1
  8. b=(2**4244)*699549860111847+1

  10. fn=(a-1)*(b-1)
  11. d=gmpy2.invert(e,fn)

  13. with open("cipher.bin","rb") as f:
  14.         datas = int.from_bytes(f.read(),byteorder='big',signed=False)
  15.         out = pow(datas,d,n)
  16.         print(int(out).to_bytes(72, byteorder='big',signed=False).decode("ascii"))
复制代码


        


回复

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

小黑屋|安全矩阵

GMT+8, 2024-11-27 22:44 , Processed in 0.025491 second(s), 18 queries .

Powered by Discuz! X4.0

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表