jarvisoj-very hard RSA

encrypt1 = pow(data_num,e1,N)
encrypt2 = pow(data_num,e2,N)

根据他的加密算法发现题目用了同一个N去加密同一个明文，所以可以想到共模攻击，用网上已有的脚本改改参数直接跑出来

import gmpy2
from libnum import n2s,s2n
n = 0x00b0bee5e3e9e5a7e8d00b493355c618fc8c7d7d03b82e409951c182f398dee3104580e7ba70d383ae5311475656e8a964d380cb157f48c951adfa65db0b122ca40e42fa709189b719a4f0d746e2f6069baf11cebd650f14b93c977352fd13b1eea6d6e1da775502abff89d3a8b3615fd0db49b88a976bc20568489284e181f6f11e270891c8ef80017bad238e363039a458470f1749101bc29949d3a4f4038d463938851579c7525a69984f15b5667f34209b70eb261136947fa123e549dfff00601883afd936fe411e006e4e93d1a00b0fea541bbfc8c5186cb6220503a94b2413110d640c77ea54ba3220fc8f4cc6ce77151e29b3e06578c478bd1bebe04589ef9a197f6f806db8b3ecd826cad24f5324ccdec6e8fead2c2150068602c8dcdc59402ccac9424b790048ccdd9327068095efa010b7f196c74ba8c37b128f9e1411751633f78b7b9e56f71f77a1b4daad3fc54b5e7ef935d9a72fb176759765522b4bbc02e314d5c06b64d5054b7b096c601236e6ccf45b5e611c805d335dbab0c35d226cc208d8ce4736ba39a0354426fae006c7fe52d5267dcfb9c3884f51fddfdf4a9794bcfe0e1557113749e6c8ef421dba263aff68739ce00ed80fd0022ef92d3488f76deb62bdef7bea6026f22a1d25aa2a92d124414a8021fe0c174b9803e6bb5fad75e186a946a17280770f1243f4387446ccceb2222a965cc30b3929L

e1 = 17

e2 = 65537

fo1 = open('flag.enc1', 'rb')
fo2 = open('flag.enc2', 'rb')
datafo1 = fo1.read()
message1 = s2n(datafo1)
fo1.close()
datafo2 = fo2.read()
message2 = s2n(datafo2)
fo2.close()
print  message1
print message2
#message1 = 3453520592723443935451151545245025864232388871721682326408915024349804062041976702364728660682912396903968193981131553111537349

#message2 = 5672818026816293344070119332536629619457163570036305296869053532293105379690793386019065754465292867769521736414170803238309535
# s & t
gcd, s, t = gmpy2.gcdext(e1, e2)
if s < 0:
    s = -s
    message1 = gmpy2.invert(message1, n)
if t < 0:
    t = -t
    message2 = gmpy2.invert(message2, n)
plain = gmpy2.powmod(message1, s, n) * gmpy2.powmod(message2, t, n) % n
print plain
print n2s(plain)

# i = 0
# flag = ""
# plain = str(plain)
# while i < len(plain):
#     if plain[i] == '1':
#         flag += chr(int(plain[i:i + 3]))
#         i += 3
#     else:
#         flag += chr(int(plain[i:i + 2]))
#         i += 2
# print flag

image.png