一道关于RSA算法的CTF题

我感觉是非常好的一道题,关于rsa算法,且我刚刚学完。
0x00

  • 下载好附件和拿到提示:X老师知道Alice的RSA密钥为(n, e) =(0x53a121a11e36d7a84dde3f5d73cf, 0x10001) (192.168.0.13)?,
    Bob的RSA密钥为(n, e) =(0x99122e61dc7bede74711185598c7, 0x10001) (192.168.0.37)

  • 附件是一个包,用wireshark打开右键追踪tcp流如下:
    一道关于RSA算法的CTF题_第1张图片发现是BASE64编码:将其解码如图:
    一道关于RSA算法的CTF题_第2张图片0x01

  • 这里包含了序列号、数据和签名。根据提示的公钥解出私钥:先通过一个分解大整数的网站http://factordb.com/将能分解分别为一道关于RSA算法的CTF题_第3张图片

  • 再通过RSA的公式:ExD=1MOD(FN) (FN)=(p-1)x(q-1)解得D

  • 这里我们写一个脚本来跑出D,脚本如下:

from Crypto.PublicKey import RSA
import gmpy
n =long(3104649130901425335933838103517383)
e = long(65537)
p = 49662237675630289
q = 62515288803124247
d = long(gmpy.invert(e, (p-1)*(q-1)))
rsa = RSA.construct( (n, e, d) )

0x02
通过私钥我们就可以解除数据:
decrypted = rsa.decrypt(long(‘0x2c29150f1e311ef09bc9f06735acL’,16))
printstr(hex(decrypted)).strip(‘0x’).rstrip(‘L’).decode(‘hex’)
0x03

完整的代码如下:

fromCrypto.PublicKey import RSA
import gmpy
# Alice's publicencryption parameters
n1 =long(1696206139052948924304948333474767)
e = long(65537)
# Bob's
n2 =long(3104649130901425335933838103517383)
# Yes! We canfactorize the n
p1 = 38456719616722997
q1 =44106885765559411
p2 =49662237675630289
q2 =62515288803124247
# that means we canfind the decryption exponent d
phi1 =(p1-1)*(q1-1)
phi2 =(p2-1)*(q2-1)
d1 =long(gmpy.invert(e, phi1))
d2 =long(gmpy.invert(e, phi2))
# now construct theRSA with all the parameters
rsa1 =RSA.construct( (n1, e, d1) )
rsa2 =RSA.construct( (n2, e, d2) )
# and decrypt themessages from a pcap file!
from pcapfileimport savefile
cf =savefile.load_savefile(open("bob_alice_encrypted.pcap"))
output = {}
for p incf.packets:
    pack =str(p.packet)[136:].decode('hex').decode('base64')
    if 'DATA' in pack:
        seq = int(pack.split(';')[0].split('')[2])
        data = pack[16:].split(';')[0][:-1]
        sig = long(pack.split(';')[2].split(' =')[1], 16)
        m = long(data, 16)
        decrypted = rsa2.decrypt(m)
        sigcheck = rsa1.sign(decrypted, '')[0]
        val =str(hex(decrypted)).strip('0x').rstrip('L').zfill(2).decode('hex')
        if sig == sigcheck:
            output[seq] = val
print ''.join(output.values())

你可能感兴趣的:(CTF涉及的各类杂项工具)