首页 > 其他分享 >Venom ctf crypto RRSA

Venom ctf crypto RRSA

时间:2024-03-18 22:23:18浏览次数:25  
标签:r1 r2 ctf print Venom RRSA import o2 o1

题目:
`from flag import flag
import random
from Crypto.Util.number import *

def genprime():
o = getPrime(300)
while True:
r = random.randint(2211,2212) # 返回参数1参数2中任意一个值
if isPrime(o * r+1):
return o,o * r+1

o1,p = genprime() # p = o1 * r1 + 1
o2,q = genprime()
n = p * q

g = random.randint(2,n)
order = o1 * o2

a = pow(g, (p-1)*(q-1)//order, n) # a,n互质
assert pow(a,order,n)==1 # (g^r2 mod n) ^ order mod n = 1
# a ^ n-1 % n = 1 a ^ o = x * n + 1

m = bytes_to_long (flag)
e = 65537
c = pow(m,e,n)
print(f'n={n}')
print(f'c={c}')
print(f'a={a}')
print(f'o={order}')
n=44435425447782114838897637647733409614831121089064725526413247701631122523646623518523253532066782191116739274354991533158902831935676078270115998050827358178237970133151467497051097694866238654012042884894924846645692294679774577780414805605811029994570132760841672754334836945991390844881416693502552870759
c=41355409695119524180275572228024314281790321005050664347253778436753663918879919757571129194249071204946415158483084730406579433518426895158142068246063333111438863836668823874266012696265984976829088976346775293102571794377818611709336242495598331872036489022428750111592728015245733975923531682859930386731
a=39844923600973712577104437232871220768052114284995840460375902596405104689968610170336151307934820030811039502338683925817667771016288030594299464019664781911131177394369348831163266849069740191783143327911986419528382896919157135487360024877230254274474109707112110411601273850406237677432935818199348150470
o=1745108106200960949680880500144134006212310627077303652648249235148621661187609612344828833696608872318217367008018829485062303972702933973340909520462917612611270028511222134076453
`

典型的rsa算法题,简单推导一下,关键是求phi n 的值,所以利用 n 与o1, o2 , r1, r2的关系进行数学推导
n = (o1 r1 +1)(o2 *r2 +1)
= o1 * o2 * r1 * r2 + o1 * r1 + o2 * r2 + 1
n // o = (r1 * r2) + (r1 / o2) + (r2 / o1) + 1/(o1 * o2)
现在如果能证明 (r1 / o2) + (r2 / o1) + 1/(o1 * o2) < 1,那么整除后的结果就只剩r1 * r22
所以先通分,得[(r1 * o1) + (r2 * o2) + 1]/(o1 * o2)]
令其等于1,得[(r1 * o1) + (r2 * o2) + 1]/(o1 * o2)] = 1
有 r1 * o1 + r2 * o2 = o1 * o2
又因为o > r 可见前 << 后
所以 n // o = r1 * r2 整除性质
phi = o1 * o2 * r1 * r2 = o * (n // o)
后面根据定义算就行
代码如下:
`import gmpy2
from Crypto.Util.number import long_to_bytes

e=65537
n=44435425447782114838897637647733409614831121089064725526413247701631122523646623518523253532066782191116739274354991533158902831935676078270115998050827358178237970133151467497051097694866238654012042884894924846645692294679774577780414805605811029994570132760841672754334836945991390844881416693502552870759
c=41355409695119524180275572228024314281790321005050664347253778436753663918879919757571129194249071204946415158483084730406579433518426895158142068246063333111438863836668823874266012696265984976829088976346775293102571794377818611709336242495598331872036489022428750111592728015245733975923531682859930386731
a=39844923600973712577104437232871220768052114284995840460375902596405104689968610170336151307934820030811039502338683925817667771016288030594299464019664781911131177394369348831163266849069740191783143327911986419528382896919157135487360024877230254274474109707112110411601273850406237677432935818199348150470
o=1745108106200960949680880500144134006212310627077303652648249235148621661187609612344828833696608872318217367008018829485062303972702933973340909520462917612611270028511222134076453

phi = (n // o) * o
d = gmpy2.invert(e,phi)
m = pow(c, d, n)
print(long_to_bytes(m))`

运行得到结果:b'flag{0228FC7F-C865-BD0F-F124-9F9860B3542B}'

标签:r1,r2,ctf,print,Venom,RRSA,import,o2,o1
From: https://www.cnblogs.com/futihuanhuan/p/18081595

相关文章

  • Venom ctf 密码题 狂飙
    题目如下,懒得找题目qaqimportosfromflagimportflagfromCrypto.Util.numberimport*fromCrypto.CipherimportAESm=88007513702424243702066490849596817304827839547007641526433597788800212065249key=os.urandom(24)key=bytes_to_long(key)n=m%keyfl......
  • VCTF-archived elephant
    vctf-archivedelephant官方wp:Venom-WP/2024VenomCTF/2024_vctf_web_archived-elephant/writeup/readme.mdatmain·ChaMd5Team/Venom-WP·GitHub一道0day题目,挺好玩的,赛后复现一下。由于预期解官方写的已经非常详细了,这里就复现了一下非预期解:利用这个漏洞的触发点其......
  • 从0到1:CTFer成长之路网上平台的使用以及docker环境配置
    1.首先安装docker(这里在kali里演示)sudosu#以root身份运行aptinstalldocker.io#安装dockersystemctlstartdocker#启动dockersystemctlenabledocker.service#将docker服务设置为开机自启docker-v#查看是否安装成功,回显版本号说明安装成功2.配置yml文件并启动ap......
  • CTF练习日记——[SUCTF 2019]EasySQL 1
    查询1试试试试堆叠注入1;showdatabases;#来查询数据库,以及1;showtables;#查询表再看看表里面的字段名1,showcolumnsfromFlag;#显示nonono,到这里之后我不太懂就参考了http://t.csdnimg.cn/MHwz1,利用1;setsql_mode=PIPES_AS_CONCAT;select1,得到flag:flag......
  • CTF练习日记——[强网杯 2019]随便注 1
    先点查询1试试:再试试查询1',看是否存在字符注入:?inject=1'#利用orderby查看有几个字段:?inject=1'orderby3#,?inject=1'orderby2#可以知道有两个字段,接下来利用联合查询:?inject=1'unionselect1,2#发现select被过滤了,那咱们利用堆叠注入来查看数据库,表名,?inject=1......
  • VCTF-Forensics
    这个取证有点意思,也没有套太多。下载附件,直接FTK打开,我们发现两个分区,其中一个又hint.zip和一个图片,发现里面图片一致,一眼丁真明文攻击:打开见key:直接PasswordkitForensics开梭:然后FTK继续开,找到flag.txt,里面是个字符串,一眼十六进制转出摩斯密码:解密,是个奶牛快传:......
  • buuctf靶机笔记3
    BUUXSSCOURSE首页如此显然是持久性xss将数据存储到后台管理员访问后台触发xss后可以盗取cookie对后台进行登录但我们还不知道后台地址先尝试:<script>alert(1)</script>提交成功尝试访问没有触发弹窗可能后台存在过滤尝试用img标签:<imgsrc='11'onerror=alert(11......
  • CTF 题型 python原型链污染 题记和总结
    CTF题型python原型链污染题记和总结文章目录一般特征关键函数(判断python原型链污染依据)1.[GeekChanlleng2023ezpython]解题思路反思总结2.[DASCTF2023七月挑战赛]json识别`unicode`**全局变量获取**解题思路1读env:污染__globals____file__-->../../../......
  • 2024年VCTF纳新赛 crypto 狂飙
    题目:importosfromflagimportflagfromCrypto.Util.numberimport*fromCrypto.CipherimportAESm=88007513702424243702066490849596817304827839547007641526433597788800212065249key=os.urandom(24)key=bytes_to_long(key)n=m%keyflag+=(16-len(......
  • NSSCTF_pwn_notepage(1)
    NSSCTF_pwn_刷题笔记page(1)[SWPUCTF2021新生赛]gift_pwnfrompwnimport*io=remote('node4.anna.nssctf.cn',28991)padding=16+8shell=0x4005B6payload=b'A'*padding+p64(shell)io.sendline(payload)io.interactive()[SWPUCTF2021新生赛]......