Venom ctf crypto RRSA

时间：2024-03-18 22:23:18浏览次数：23

标签：r1 r2 ctf print Venom RRSA import o2 o1

题目：
`from flag import flag
import random
from Crypto.Util.number import *

def genprime():
o = getPrime(300)
while True:
r = random.randint(2211,2212) # 返回参数1参数2中任意一个值
if isPrime(o * r+1):
return o,o * r+1

o1,p = genprime() # p = o1 * r1 + 1
o2,q = genprime()
n = p * q

g = random.randint(2,n)
order = o1 * o2

a = pow(g, (p-1)*(q-1)//order, n) # a,n互质
assert pow(a,order,n)==1 # (g^r2 mod n) ^ order mod n = 1
# a ^ n-1 % n = 1 a ^ o = x * n + 1

m = bytes_to_long (flag)
e = 65537
c = pow(m,e,n)
print(f'n={n}')
print(f'c={c}')
print(f'a={a}')
print(f'o={order}')
n=44435425447782114838897637647733409614831121089064725526413247701631122523646623518523253532066782191116739274354991533158902831935676078270115998050827358178237970133151467497051097694866238654012042884894924846645692294679774577780414805605811029994570132760841672754334836945991390844881416693502552870759
c=41355409695119524180275572228024314281790321005050664347253778436753663918879919757571129194249071204946415158483084730406579433518426895158142068246063333111438863836668823874266012696265984976829088976346775293102571794377818611709336242495598331872036489022428750111592728015245733975923531682859930386731
a=39844923600973712577104437232871220768052114284995840460375902596405104689968610170336151307934820030811039502338683925817667771016288030594299464019664781911131177394369348831163266849069740191783143327911986419528382896919157135487360024877230254274474109707112110411601273850406237677432935818199348150470
o=1745108106200960949680880500144134006212310627077303652648249235148621661187609612344828833696608872318217367008018829485062303972702933973340909520462917612611270028511222134076453
`

典型的rsa算法题，简单推导一下，关键是求phi n 的值，所以利用 n 与o1， o2 ， r1， r2的关系进行数学推导
n = (o1 r1 +1)(o2 *r2 +1)
= o1 * o2 * r1 * r2 + o1 * r1 + o2 * r2 + 1
n // o = (r1 * r2) + (r1 / o2) + (r2 / o1) + 1/(o1 * o2)
现在如果能证明 (r1 / o2) + (r2 / o1) + 1/(o1 * o2) < 1，那么整除后的结果就只剩r1 * r22
所以先通分，得[(r1 * o1) + (r2 * o2) + 1]/(o1 * o2)]
令其等于1，得[(r1 * o1) + (r2 * o2) + 1]/(o1 * o2)] = 1
有 r1 * o1 + r2 * o2 = o1 * o2
又因为o > r 可见前 << 后
所以 n // o = r1 * r2 整除性质
phi = o1 * o2 * r1 * r2 = o * (n // o)
后面根据定义算就行
代码如下:
`import gmpy2
from Crypto.Util.number import long_to_bytes

e=65537
n=44435425447782114838897637647733409614831121089064725526413247701631122523646623518523253532066782191116739274354991533158902831935676078270115998050827358178237970133151467497051097694866238654012042884894924846645692294679774577780414805605811029994570132760841672754334836945991390844881416693502552870759
c=41355409695119524180275572228024314281790321005050664347253778436753663918879919757571129194249071204946415158483084730406579433518426895158142068246063333111438863836668823874266012696265984976829088976346775293102571794377818611709336242495598331872036489022428750111592728015245733975923531682859930386731
a=39844923600973712577104437232871220768052114284995840460375902596405104689968610170336151307934820030811039502338683925817667771016288030594299464019664781911131177394369348831163266849069740191783143327911986419528382896919157135487360024877230254274474109707112110411601273850406237677432935818199348150470
o=1745108106200960949680880500144134006212310627077303652648249235148621661187609612344828833696608872318217367008018829485062303972702933973340909520462917612611270028511222134076453

phi = (n // o) * o
d = gmpy2.invert(e,phi)
m = pow(c, d, n)
print(long_to_bytes(m))`

运行得到结果：b'flag{0228FC7F-C865-BD0F-F124-9F9860B3542B}'

标签：r1,r2,ctf,print,Venom,RRSA,import,o2,o1
From： https://www.cnblogs.com/futihuanhuan/p/18081595

Venom ctf 密码题狂飙
题目如下，懒得找题目qaqimportosfromflagimportflagfromCrypto.Util.numberimport*fromCrypto.CipherimportAESm=88007513702424243702066490849596817304827839547007641526433597788800212065249key=os.urandom(24)key=bytes_to_long(key)n=m%keyfl......
VCTF-archived elephant
vctf-archivedelephant官方wp：Venom-WP/2024VenomCTF/2024_vctf_web_archived-elephant/writeup/readme.mdatmain·ChaMd5Team/Venom-WP·GitHub一道0day题目，挺好玩的，赛后复现一下。由于预期解官方写的已经非常详细了，这里就复现了一下非预期解:利用这个漏洞的触发点其......
从0到1：CTFer成长之路网上平台的使用以及docker环境配置
1.首先安装docker（这里在kali里演示）sudosu#以root身份运行aptinstalldocker.io#安装dockersystemctlstartdocker#启动dockersystemctlenabledocker.service#将docker服务设置为开机自启docker-v#查看是否安装成功，回显版本号说明安装成功2.配置yml文件并启动ap......
CTF练习日记——[SUCTF 2019]EasySQL 1
查询1试试试试堆叠注入1;showdatabases;#来查询数据库，以及1;showtables;#查询表再看看表里面的字段名1,showcolumnsfromFlag;#显示nonono，到这里之后我不太懂就参考了http://t.csdnimg.cn/MHwz1，利用1;setsql_mode=PIPES_AS_CONCAT;select1，得到flag：flag......
CTF练习日记——[强网杯 2019]随便注 1
先点查询1试试：再试试查询1'，看是否存在字符注入：?inject=1'#利用orderby查看有几个字段：?inject=1'orderby3#，?inject=1'orderby2#可以知道有两个字段，接下来利用联合查询：?inject=1'unionselect1,2#发现select被过滤了，那咱们利用堆叠注入来查看数据库，表名，?inject=1......
VCTF-Forensics
这个取证有点意思，也没有套太多。下载附件，直接FTK打开，我们发现两个分区，其中一个又hint.zip和一个图片，发现里面图片一致，一眼丁真明文攻击：打开见key:直接PasswordkitForensics开梭：然后FTK继续开，找到flag.txt，里面是个字符串，一眼十六进制转出摩斯密码：解密，是个奶牛快传：......
buuctf靶机笔记3
BUUXSSCOURSE首页如此显然是持久性xss将数据存储到后台管理员访问后台触发xss后可以盗取cookie对后台进行登录但我们还不知道后台地址先尝试：<script>alert(1)</script>提交成功尝试访问没有触发弹窗可能后台存在过滤尝试用img标签：<imgsrc='11'onerror=alert(11......
CTF 题型 python原型链污染题记和总结
CTF题型python原型链污染题记和总结文章目录一般特征关键函数(判断python原型链污染依据)1.[GeekChanlleng2023ezpython]解题思路反思总结2.[DASCTF2023七月挑战赛]json识别`unicode`**全局变量获取**解题思路1读env：污染__globals____file__-->../../../......
2024年VCTF纳新赛 crypto 狂飙
题目：importosfromflagimportflagfromCrypto.Util.numberimport*fromCrypto.CipherimportAESm=88007513702424243702066490849596817304827839547007641526433597788800212065249key=os.urandom(24)key=bytes_to_long(key)n=m%keyflag+=(16-len(......
NSSCTF_pwn_notepage(1)
NSSCTF_pwn_刷题笔记page(1)[SWPUCTF2021新生赛]gift_pwnfrompwnimport*io=remote('node4.anna.nssctf.cn',28991)padding=16+8shell=0x4005B6payload=b'A'*padding+p64(shell)io.sendline(payload)io.interactive()[SWPUCTF2021新生赛]......

Venom ctf crypto RRSA

相关文章

赞助商

阅读排行