首页 > 其他分享 >第五天---RSA进阶题型(二)

第五天---RSA进阶题型(二)

时间:2024-09-01 23:37:19浏览次数:12  
标签:进阶 bytes RSA --- flag getPrime print import dp

还是先复习前面内容,再学习新知识。

..............

.............

............

T10.dp泄露

一.题目:

from Crypto.Util.number import *

flag = b'NSSCTF{******}' + b'1'*100

p = getPrime(512)
q = getPrime(512)

n = p*q
e = 65537
d = inverse(e, (p-1)*(q-1))

dp = d % (p-1)

m = bytes_to_long(flag)

c = pow(m, e, n)

print(f'n = {n}')
print(f'c = {c}')
print(f'dp = {dp}')

'''
n = 79201858340517902370077926747686673001645933420450220163567700296597652438275339093680329918615445030212417351430952656177171126427547284822789947152085534939195866096891005587613262293569611913019639653984932469691636338705418303482885987114085769045348074530172292982433373154900841135911548332400167290083
c = 70109332985937768446301118795636999352761371683181615470371772202170324747707233792154935611826981798791499937601162039878070094663516868746240133223110650205575807753345252087103328657073552992431511929172241702073381723302143955977662087561904058172777520360991685289300855900793806183473523998422682944404
dp = 3098334089252415941833934532457314870210700261428241562420857845879512952043729097866485406309479489101668423603305497982177150304625615059119312238777275
'''

关键步骤:给了dp,也了给e,失去了dq

dp = d % (p-1)

二.解题思路以及wp:

1.思路:化简dp解p,

img

img

2.条件: e小且X属于(0,e)

from Crypto.Util.number import *
from gmpy2 import *

n = 79201858340517902370077926747686673001645933420450220163567700296597652438275339093680329918615445030212417351430952656177171126427547284822789947152085534939195866096891005587613262293569611913019639653984932469691636338705418303482885987114085769045348074530172292982433373154900841135911548332400167290083
c = 70109332985937768446301118795636999352761371683181615470371772202170324747707233792154935611826981798791499937601162039878070094663516868746240133223110650205575807753345252087103328657073552992431511929172241702073381723302143955977662087561904058172777520360991685289300855900793806183473523998422682944404
dp = 3098334089252415941833934532457314870210700261428241562420857845879512952043729097866485406309479489101668423603305497982177150304625615059119312238777275
e = 65537

for k in range(1, e):
    if (e * dp - 1) % k == 0:
        p = (e * dp - 1) // k + 1
        if n % p == 0:
            q = n // p
            d = invert(e, (p - 1) * (q - 1))
            m = powmod(c, d, n)
            break

print(long_to_bytes(m))

T11.e很大的dp泄露攻击

一.题目:

from Crypto.Util.number import *

flag = b'NSSCTF{******}' + b'1'*80

p = getPrime(512)
q = getPrime(512)

n = p*q
e = getPrime(128)
d = inverse(e, (p-1)*(q-1))

dp = d % (p-1)

m = bytes_to_long(flag)

c = pow(m, e, n)

print(f'n = {n}')
print(f'e = {e}')
print(f'c = {c}')
print(f'dp = {dp}')

'''
n = 108280026722298796068968170303156759745471686664814404724171434502249429011870583595808692893118419248225924869164875379709992190884930717654004006466664403479467573176438601715156464950045121937338569942817256182277141174728470067308962244296992229214749863655518517510026063088263849891990324547823192559069
e = 305691242207901867366357529364270390903
c = 26537258289122728220745496185201994733321402056894636636642710319261241111675937946139938310952968353253866895253865273981912174303818938005932883052177988834834575591342856235464380238486868448329727891268391728758132913642966389278296932186703733187105516710825918064228397602264185334108934765627411913661
dp = 2656631506624565349527023729530989647164022271235521672257622068579788839123502046687139927161669209201953909023994372208117081512139181611949631467292513
'''

关键步骤: 有dp,但是e很大,比起T10来说

e = getPrime(128)
d = inverse(e, (p-1)*(q-1))

dp = d % (p-1)

二.解题思路以及代码:

1.思路:

img

img

得到公式

img

代到下面公式

img

img

得到

img

2.解题代码

from Crypto.Util.number import *
from gmpy2 import *

n = 108280026722298796068968170303156759745471686664814404724171434502249429011870583595808692893118419248225924869164875379709992190884930717654004006466664403479467573176438601715156464950045121937338569942817256182277141174728470067308962244296992229214749863655518517510026063088263849891990324547823192559069
e = 305691242207901867366357529364270390903
c = 26537258289122728220745496185201994733321402056894636636642710319261241111675937946139938310952968353253866895253865273981912174303818938005932883052177988834834575591342856235464380238486868448329727891268391728758132913642966389278296932186703733187105516710825918064228397602264185334108934765627411913661
dp = 2656631506624565349527023729530989647164022271235521672257622068579788839123502046687139927161669209201953909023994372208117081512139181611949631467292513

m = 10007
p = gcd(powmod(m, e*dp, n) - m, n)
q = n // p
d = invert(e, (p - 1) * (q - 1))
m = powmod(c, d, n)
print(long_to_bytes(m))
#NSSCTF{p_leak_but_with_huge_e}

利用风佬工具一把梭

img

第一步:填入n,c,e,dp填在d那行,选择仅dp攻击

img

第二步,现在以及有了p,q,直接计算d,再计算明文,明文转字符得到flag

结语:

看一些详细算法耽误了时间,有一些新算法没有理解,换以前可以就停下来了,但是现在,需要去想要怎样解决,觉得实在是有点难,就先学其他的,后面再来深究。

标签:进阶,bytes,RSA,---,flag,getPrime,print,import,dp
From: https://www.cnblogs.com/yanxiao777/p/18391956

相关文章

  • docker save -o保存镜像
    最近一次实验中,使用daemonset控制器创建pod后一直是ImagePullBackOff查看镜像存在describe查看pod的详细信息这是因为用containerd做容器运行时,得ctr-n=k8s.ioimages解压镜像,才能被pod找到以下是解决方法:1.保存镜像:dockersave-ofluentd1xianchao/fluentd:v2.5.12.导入镜像......
  • ShardingSphere-JDBC实现数据加解密
    一、什么是ShardingSphere?        ShardingSphere定位为轻量级Java框架,在Java的JDBC层提供的额外服务。它使用客户端直连数据库,以jar包形式提供服务,无需额外部署和依赖,可理解为增强版的JDBC驱动,完全兼容JDBC和各种ORM框架。ApacheShardingSphere旨......
  • Java性能优化传奇之旅--Java万亿级性能优化之Java 性能优化逆袭:常见错误不再是阻碍
           ......
  • 【机器学习】8. 逻辑斯蒂回归 Logistic function(sigmoid),cross-entropy error,Log-l
    Logisticfunction线性分类器Logisticfunction(sigmoid)极大似然估计Log-likelihoodloss线性分类器Logisticregression是一个线性分类器。如图,1为蓝色,0为红色。这条直线叫做直线边界Logisticfunction(sigmoid)......
  • 代码随想录算法day4 - 哈希表2
    题目1454.四数相加II给你四个整数数组nums1、nums2、nums3和nums4,数组长度都是n,请你计算有多少个元组(i,j,k,l)能满足:0<=i,j,k,l<nnums1[i]+nums2[j]+nums3[k]+nums4[l]==0示例1:输入:nums1=[1,2],nums2=[-2,-1],nums3=[-1,2],nums4......
  • 安徽省专业技术人员继续教育培训平台刷课脚本-JavaScript编写
    脚本学习网站:安徽省专业技术人员继续教育公需课培训平台jxjy.ahhjsoft.com/index脚本地址:安徽省专业技术人员继续教育公需课培训平台-刷课脚本教程1.插件安装(以MicrosoftEdge浏览器为例)打开最中间那个蓝色绿色的浏览器,谷歌之类的浏览器也可以点击屏幕右上角三个点,图......
  • 【工具分享】P1finger v0.02(最新版本)--红队重点资产指纹识别
    工具介绍:P1finger红队行动下的重点资产指纹识别工具。P1finger是一个重点资产指纹识别的工具,旨在通过HTTP请求特征来识别目标系统。其主要特点包括:语言和实现:语言:使用Go语言(Golang)实现。目的:强调跨平台能力和易于集成。指纹库和检测策略:指纹库:通过人工过滤和收集,确保高准......
  • 四川省专业技术人员继续教育网刷课脚本-JavaScript编写
    脚本学习网站:四川省专业技术人员继续教育网edu.scjxjypx.com/脚本地址:chinahrt.com-刷课脚本教程1.插件安装(以MicrosoftEdge浏览器为例)打开最中间那个蓝色绿色的浏览器,谷歌之类的浏览器也可以点击屏幕右上角三个点,图示位置,然后点击扩展点击获取扩展搜索Tampermon......
  • 呼伦贝尔市专业技术人员继续教育刷课脚本-JavaScript编写
    脚本学习网站:呼伦贝尔市专业技术人员继续教育在线学习平台-地区列表hlbe.chinahrt.cn/area.asp?platid=17脚本地址:呼伦贝尔市专业技术人员继续教育在线学习平台-刷课脚本教程1.插件安装(以MicrosoftEdge浏览器为例)打开最中间那个蓝色绿色的浏览器,谷歌之类的浏览器也可以......
  • 丽水人社公需科目刷课脚本-JavaScript编写
    脚本学习网站:rlzy.lshrss.cn/Service/Index脚本地址:丽水市专业技术人员继续教育公需科目-刷课脚本教程1.插件安装(以MicrosoftEdge浏览器为例)打开最中间那个蓝色绿色的浏览器,谷歌之类的浏览器也可以点击屏幕右上角三个点,图示位置,然后点击扩展点击获取扩展搜索Tamperm......