window.onload=function(){ /*页面加载完成之后生成博客目录*/ BlogDirectory.createBlogDirectory("cnblogs_post_body","h2","h3",20); }

TAMUctf 2024 RSA-证书修复-总结

上周末跟朋友们参加了TAMUctf 2024国际赛,最终排在了第14名,还是很不错的成绩。

本次比赛Monk师傅也是出了三个RSA证书修复问题的题目,质量很不错。这里给大家整理一下供学习。

Truncated 1

题目:

Author: Monk

Only part of the private key was able to be retrieved. Decrypt the flag.txt.enc file.

附件信息:

flag.txt.enc

qD?_跾X踙?虚й眭XW?C%I轚u?迂vf=繒巔Q媥燔[瓨轂R*熗支S*嬲Y?^宒投s霊,藮茺糪x期轒y瞿B緪2k_围犀%宪??p烴疿?#諐!V?烷嗥艍倔蒉q==篣4*虓rh亐cPXs秙?E劵?釦k;桠Oh?嬝納劀炙x謲?{Z?虚?蝣頣 哆2!_<?)u/?篢煸粺憚?澈鴍Pn?辇

private.pem

ZXPI0zfM5EJkeooRvNr3RKQEoQKBgQD0WrYbxhBveSRYvkOV0+omfutwS6wIoCme
CYCq5MboHdZn8NDCHy+Y66b+G/GMZJewqEKQSLwHcAjKHxouneFXp6AxV0rkBWtO
RNnjXfthsWXvOgBJzGm8CJQS+xVtUpYc4l1QnYaQpc0/SClSTPG775H5DnJ8t4rK
oNQur+/pcwKBgD1BU0AjW6x+GYPXUzA0/tXQpu5XaAMxkinhiiOJWT/AExzJU8Jt
eQULJ3EDENG6acSuwMhm0WMLhQ0JG6gIejRyOBZSIqjESWGHPmkU1XbUDz0iLb1h
HTqJMAWYKWJs4RnJbx6NGJAhd2Ni4CyOGmujYpqNnp1qfZNhmcj/VOeBAoGBAJgD
stU2c9UVlTIMM7mLG1kVjlzPBtha42ko2j32k3Ol1FPXcdfCVPcaa0ockjnX/rJt
CvP9+9PYs+8iSESF/cFtS/BGMRYH9Qi9NpwHRLMzDIo2GCXRIFpVL+FbCKp5PV/8
xza2uRdVvolG2EYWDjDvym0Zusmx2YtTYI0m8ObXAoGAZ6T8aF6GAZ0s814ZfEcy
zZGrZZQ/MJ7W8ZGdU1/y+204LzfGsW+d+sTPfQPYhn03/qU3SFhP095sYzELeOOZ
3yITOftHEdMP3XffnAudgn3tBHrtu0EsVFL44H7CWe4hx3M49M0lfERD60lPwUG1
8hY5qcthSko1f1WkTgN7Rrs=
-----END PRIVATE KEY-----

public.pem

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64u2qOSKwRf6GWPrq9ZX
uWqvooTq2uz/3obioiWMY2l2tLpi2Jgiq7F40t9QHLuIzcggU6bRH5Cn2gsh1DtE
UQYLMkszbp88akQqpPEa7t6leIqnT8Z4rFqj6sRpdYSQS8U2FzAzWDRvhY4oEliw
comX84WCVh8BKe38qOqN1QvhZVBY00JoUk2x/HBFNCA8VpEZIeTSKvH0Rc/Dzy5h
KoHBRaL8bBLYjhqO2PNfAkvHewJIqRyqtXXbedqqDn6vp9JX4lVcS5n/i95kQN98
JYn2RSuhTxk+v1ZHpEiSLImzc+9aOAPPtsikZPsah6JOnjDbhctfZGRn1MfFfzOd
UwIDAQAB
-----END PUBLIC KEY-----

我的解答:

第一道是个开胃菜,标准的私钥缺失问题。

关于RSA证书修复问题我也是总结过的。具体讲解参考博客文章:RSA进阶(一)

我们了解了结构以后,就好操作了。

首先我们将证书解Base64后再转换为16进制输出。
from base64 import b64decode
import binascii

s = '''ZXPI0zfM5EJkeooRvNr3RKQEoQKBgQD0WrYbxhBveSRYvkOV0+omfutwS6wIoCme
CYCq5MboHdZn8NDCHy+Y66b+G/GMZJewqEKQSLwHcAjKHxouneFXp6AxV0rkBWtO
RNnjXfthsWXvOgBJzGm8CJQS+xVtUpYc4l1QnYaQpc0/SClSTPG775H5DnJ8t4rK
oNQur+/pcwKBgD1BU0AjW6x+GYPXUzA0/tXQpu5XaAMxkinhiiOJWT/AExzJU8Jt
eQULJ3EDENG6acSuwMhm0WMLhQ0JG6gIejRyOBZSIqjESWGHPmkU1XbUDz0iLb1h
HTqJMAWYKWJs4RnJbx6NGJAhd2Ni4CyOGmujYpqNnp1qfZNhmcj/VOeBAoGBAJgD
stU2c9UVlTIMM7mLG1kVjlzPBtha42ko2j32k3Ol1FPXcdfCVPcaa0ockjnX/rJt
CvP9+9PYs+8iSESF/cFtS/BGMRYH9Qi9NpwHRLMzDIo2GCXRIFpVL+FbCKp5PV/8
xza2uRdVvolG2EYWDjDvym0Zusmx2YtTYI0m8ObXAoGAZ6T8aF6GAZ0s814ZfEcy
zZGrZZQ/MJ7W8ZGdU1/y+204LzfGsW+d+sTPfQPYhn03/qU3SFhP095sYzELeOOZ
3yITOftHEdMP3XffnAudgn3tBHrtu0EsVFL44H7CWe4hx3M49M0lfERD60lPwUG1
8hY5qcthSko1f1WkTgN7Rrs='''

s = b64decode(s)

print(binascii.hexlify(s))

得到:

6573c8d337cce442647a8a11bcdaf744a404a102818100f45ab61bc6106f792458be4395d3ea267eeb704bac08a0299e0980aae4c6e81dd667f0d0c21f2f98eba6fe1bf18c6497b0a8429048bc077008ca1f1a2e9de157a7a031574ae4056b4e44d9e35dfb61b165ef3a0049cc69bc089412fb156d52961ce25d509d8690a5cd3f4829524cf1bbef91f90e727cb78acaa0d42eafefe9730281803d415340235bac7e1983d7533034fed5d0a6ee576803319229e18a2389593fc0131cc953c26d79050b27710310d1ba69c4aec0c866d1630b850d091ba8087a347238165222a8c44961873e6914d576d40f3d222dbd611d3a8930059829626ce119c96f1e8d189021776362e02c8e1a6ba3629a8d9e9d6a7d936199c8ff54e781028181009803b2d53673d51595320c33b98b1b59158e5ccf06d85ae36928da3df69373a5d453d771d7c254f71a6b4a1c9239d7feb26d0af3fdfbd3d8b3ef22484485fdc16d4bf046311607f508bd369c0744b3330c8a361825d1205a552fe15b08aa793d5ffcc736b6b91755be8946d846160e30efca6d19bac9b1d98b53608d26f0e6d702818067a4fc685e86019d2cf35e197c4732cd91ab65943f309ed6f1919d535ff2fb6d382f37c6b16f9dfac4cf7d03d8867d37fea53748584fd3de6c63310b78e399df221339fb4711d30fdd77df9c0b9d827ded047aedbb412c5452f8e07ec259ee21c77338f4cd257c4443eb494fc141b5f21639a9cb614a4a357f55a44e037b46bb

然后根据原理进行拆分,最终得到:

6573c8d337cce442647a8a11bcdaf744a404a1

q:028181

00f45ab61bc6106f792458be4395d3ea267eeb704bac08a0299e0980aae4c6e81dd667f0d0c21f2f98eba6fe1bf18c6497b0a8429048bc077008ca1f1a2e9de157a7a031574ae4056b4e44d9e35dfb61b165ef3a0049cc69bc089412fb156d52961ce25d509d8690a5cd3f4829524cf1bbef91f90e727cb78acaa0d42eafefe973

dp:028180

3d415340235bac7e1983d7533034fed5d0a6ee576803319229e18a2389593fc0131cc953c26d79050b27710310d1ba69c4aec0c866d1630b850d091ba8087a347238165222a8c44961873e6914d576d40f3d222dbd611d3a8930059829626ce119c96f1e8d189021776362e02c8e1a6ba3629a8d9e9d6a7d936199c8ff54e781

inv(q,p):028181

009803b2d53673d51595320c33b98b1b59158e5ccf06d85ae36928da3df69373a5d453d771d7c254f71a6b4a1c9239d7feb26d0af3fdfbd3d8b3ef22484485fdc16d4bf046311607f508bd369c0744b3330c8a361825d1205a552fe15b08aa793d5ffcc736b6b91755be8946d846160e30efca6d19bac9b1d98b53608d26f0e6d7

dq:028180

67a4fc685e86019d2cf35e197c4732cd91ab65943f309ed6f1919d535ff2fb6d382f37c6b16f9dfac4cf7d03d8867d37fea53748584fd3de6c63310b78e399df221339fb4711d30fdd77df9c0b9d827ded047aedbb412c5452f8e07ec259ee21c77338f4cd257c4443eb494fc141b5f21639a9cb614a4a357f55a44e037b46bb

这样一来就得到了q,我们分解RSA公钥可以得到n和e,如此一来就可以直接打了。

import gmpy2
from Crypto.Util.number import *
from base64 import b64decode
import binascii

n = 29734896968835471849519668982209749626034019091045121453339204371033525547365934320858691041200454999076622505201136057407298827285395741532551534518463484678760035869990291983949525266914043458453940075436588024861403406949534792381108334145299173773264570084046647961072439989133604778249265945328909511017535287801325822208335050548292353849014700030433786853362747592975935470977637859711752376734809094538170961169739693665960562409901877803453161486673058941355274194631255810710502049768661315142732397148462212204222004648325598030904035645361477163752982132033922762048054507550272426225368721428080326057299
e = 65537
c = open('flag.txt.enc', 'rb').read()
c = bytes_to_long(c)
#print(c)
# c = 14298740180241083781630250264638271660764643371454955952641858818111890732310896356808689862359666266307185067597586093165499085225645736528029857365624835666691035754076010180458847775229894279857571477099085666753551250627736281179165577917356945885657685000468399216693857751650111925131685801816703832880631609065393464963893504989908420186840889525181016331791969994643974381256252184563604380030897351418732752526494183142211207271578298816508262144357136170656996194621027593511817563103049579264340501780444130370976119472864862925200393432945928697758491856437504369132975669688193220702149090909802375801341

""" s = '''ZXPI0zfM5EJkeooRvNr3RKQEoQKBgQD0WrYbxhBveSRYvkOV0+omfutwS6wIoCme
CYCq5MboHdZn8NDCHy+Y66b+G/GMZJewqEKQSLwHcAjKHxouneFXp6AxV0rkBWtO
RNnjXfthsWXvOgBJzGm8CJQS+xVtUpYc4l1QnYaQpc0/SClSTPG775H5DnJ8t4rK
oNQur+/pcwKBgD1BU0AjW6x+GYPXUzA0/tXQpu5XaAMxkinhiiOJWT/AExzJU8Jt
eQULJ3EDENG6acSuwMhm0WMLhQ0JG6gIejRyOBZSIqjESWGHPmkU1XbUDz0iLb1h
HTqJMAWYKWJs4RnJbx6NGJAhd2Ni4CyOGmujYpqNnp1qfZNhmcj/VOeBAoGBAJgD
stU2c9UVlTIMM7mLG1kVjlzPBtha42ko2j32k3Ol1FPXcdfCVPcaa0ockjnX/rJt
CvP9+9PYs+8iSESF/cFtS/BGMRYH9Qi9NpwHRLMzDIo2GCXRIFpVL+FbCKp5PV/8
xza2uRdVvolG2EYWDjDvym0Zusmx2YtTYI0m8ObXAoGAZ6T8aF6GAZ0s814ZfEcy
zZGrZZQ/MJ7W8ZGdU1/y+204LzfGsW+d+sTPfQPYhn03/qU3SFhP095sYzELeOOZ
3yITOftHEdMP3XffnAudgn3tBHrtu0EsVFL44H7CWe4hx3M49M0lfERD60lPwUG1
8hY5qcthSko1f1WkTgN7Rrs='''

s = b64decode(s)

print(binascii.hexlify(s)) """

c = 14298740180241083781630250264638271660764643371454955952641858818111890732310896356808689862359666266307185067597586093165499085225645736528029857365624835666691035754076010180458847775229894279857571477099085666753551250627736281179165577917356945885657685000468399216693857751650111925131685801816703832880631609065393464963893504989908420186840889525181016331791969994643974381256252184563604380030897351418732752526494183142211207271578298816508262144357136170656996194621027593511817563103049579264340501780444130370976119472864862925200393432945928697758491856437504369132975669688193220702149090909802375801341

q = int('00f45ab61bc6106f792458be4395d3ea267eeb704bac08a0299e0980aae4c6e81dd667f0d0c21f2f98eba6fe1bf18c6497b0a8429048bc077008ca1f1a2e9de157a7a031574ae4056b4e44d9e35dfb61b165ef3a0049cc69bc089412fb156d52961ce25d509d8690a5cd3f4829524cf1bbef91f90e727cb78acaa0d42eafefe973',16)
p = n //q
phi = (p-1)*(q-1)
d = gmpy2.invert(e,phi)
m = pow(c,d,n)
print(long_to_bytes(m))
# gigem{Q_Fr0M_Pr1V473_K3Y_89JD54}

这道题总结下来就是我们可以根据缺失的私钥来获取q等信息。懂了原理后,相对来说并不难。

Truncated 2

题目:

Author: Monk

It seems even less was able to be retrieved this time. Decrypt the flag.txt.enc file.

附件信息:

flag.txt.enc

徛ak&??躪穉?譿+4?RL2枴_硄aH?芔Gf戅V=Jb?s硶]焵}%斨?仞n囙旄诃
U?沦駼鶑帀肈シb賆'?皶喜?"+硥]v鬡=~沙
犕爯|e缜龣?╬恇? A輊h祛P挌S挂鈰??观A?篌蹆?町瘑
T蝻諒剼vw!{毂9腀'餇?杵??廿酑A鬢襊?D濩吭a縰)癞鶍礧4d┺釒{?D綣4

 private.pem

WXH2tecCgYBIlOn6LCaw4cYxztL4a+AgeoJ1HXB7AYg5Vl6T9VHfWW6dFvBVmaK/
sLuzAAZBOfOD3oXHk+BY2izOQamgOY5AvgW7m4JwP+gEFk9f9NdmI9DkxyD9cFzm
76zpeUiaizor1mMAd2mcCqjaYlDB3ohA0+Wvw024ZeBlDOCPgotJrQKBgFTU0ZgY
cNeZM05a5RdFJtKXnhTG7MdNe1lgD799tMBgSBw9OMg6pASOTGrUg6QW1DrsxY23
/ouePRFBh1OMArIskZf+Ov0jqD9umsM/q1XIR3ax3iOmBX6RxH42qyrHYArbv+tB
WdiwnYGJj5oE5HtnnL5pDa9qYFUfK4InhjN3AoGAZ2q2zPPhW9v75hq8fwVvLGjP
yDT4gGIz168dnCBLLMHsNv8y0twKQMY8UnqKBBIIkaC+j6zdCM+9CU3SEGC/TwQc
5iTOHmknFfuvRYN6WKOXbTQZJIx2aDHaRz4MZlpHOVFeHrmY9/s+y24U2nOG9kAC
zBzyXKI5PxT40b/mIGs=
-----END PRIVATE KEY-----

 public.pem

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+KEz83nu2HZ1fy9jec/
twHw1bkdZJStKl9J2wIo21gvJmcr+VyUcozF8mJgZKTVBvu57GTd6PhcCjyqnbH3
KB63Nji2imT8DVzHaNVTBHu1c3jm/9dNBe6qp3SxSGozO00pE/27VOrEIRwM+595
kHIO7YKWfPbdXuSp5XyVAdX9+I1gtGNYLc+yjO5h5bwHm95Le0sW8/T/Sl2i/M5d
wlYwpidyBhIJ7WPKBcgiAe0etC9XKoA5JPmtv+U3BQ5k/75hGq6pL0vxYIS4WlU8
fij2aD3QooEQJyV+8dleXQ2q0MBKRPcQGLzuM6hFVc8DesPm3g84FiNeR+jdtNNQ
iwIDAQAB
-----END PUBLIC KEY-----

我的解答:

这道题跟上题几乎一模一样,那接下来依然按同样方法拆分。

5971f6b5e7

dq:028180

4894e9fa2c26b0e1c631ced2f86be0207a82751d707b018839565e93f551df596e9d16f05599a2bfb0bbb300064139f383de85c793e058da2cce41a9a0398e40be05bb9b82703fe804164f5ff4d76623d0e4c720fd705ce6eface979489a8b3a2bd6630077699c0aa8da6250c1de8840d3e5afc34db865e0650ce08f828b49ad

dp:028180

54d4d1981870d799334e5ae5174526d2979e14c6ecc74d7b59600fbf7db4c060481c3d38c83aa4048e4c6ad483a416d43aecc58db7fe8b9e3d114187538c02b22c9197fe3afd23a83f6e9ac33fab55c84776b1de23a6057e91c47e36ab2ac7600adbbfeb4159d8b09d81898f9a04e47b679cbe690daf6a60551f2b8227863377

028180

676ab6ccf3e15bdbfbe61abc7f056f2c68cfc834f8806233d7af1d9c204b2cc1ec36ff32d2dc0a40c63c527a8a04120891a0be8facdd08cfbd094dd21060bf4f041ce624ce1e692715fbaf45837a58a3976d3419248c766831da473e0c665a4739515e1eb998f7fb3ecb6e14da7386f64002cc1cf25ca2393f14f8d1bfe6206b

会很明显发现并没有我们想要的q,而是只有dp,dq。那该如何做呢?我们还知道RSA公钥分解可以得到n和e。

那么这个问题就转化为已知n,e,c,dp,dq求解flag了。

参考la佬博客板子直接打(推理也在其中,这里就不讲了):给n,e,dp,c

import gmpy2
from Crypto.Util.number import *
from base64 import b64decode
import binascii

n = 25738076489477390048107389684996103882556969202513166288259522036337632736404168235030854616722305580161628671792338702584031628109920559959142086244929697000719839651284769225292474824312234101039383526660410096665677108899401181859913502426847877961086164703198858818644081120668614573404426468513602005820885294275008357193783600514925643269093575426795017766522751748746504263462858714066992146006524560800527477669712171172719903914727042988942644713692028132153937805550877286612258743238152980687480412165259102950423845139742038860174525053539636028083341480124394591958643772596948645492958078465902879395979
e = 65537
c = open('flag.txt.enc', 'rb').read()
c = bytes_to_long(c) 
#print(c)
# c = 18147789538491672247014835915533602634489783982570184852263130618880895586248510445762793030371772706661903854549522471443489220781151105324395882066129000312901593158718085272159445937780138941087393906131816926837889736944766699516384704335490626882966822721575551789099653648497421444960166756605357079875531002141548345722807396537903265766533712341901884965838493489973962274253970778333560877488158894465781306717489093950490283941677862290948756892133460933354821306503592346279215675049394535928238443884190882236936573982447875998833104600427426373831025442349266689261023328525768063776127379020358376633359

""" s = '''WXH2tecCgYBIlOn6LCaw4cYxztL4a+AgeoJ1HXB7AYg5Vl6T9VHfWW6dFvBVmaK/
sLuzAAZBOfOD3oXHk+BY2izOQamgOY5AvgW7m4JwP+gEFk9f9NdmI9DkxyD9cFzm
76zpeUiaizor1mMAd2mcCqjaYlDB3ohA0+Wvw024ZeBlDOCPgotJrQKBgFTU0ZgY
cNeZM05a5RdFJtKXnhTG7MdNe1lgD799tMBgSBw9OMg6pASOTGrUg6QW1DrsxY23
/ouePRFBh1OMArIskZf+Ov0jqD9umsM/q1XIR3ax3iOmBX6RxH42qyrHYArbv+tB
WdiwnYGJj5oE5HtnnL5pDa9qYFUfK4InhjN3AoGAZ2q2zPPhW9v75hq8fwVvLGjP
yDT4gGIz168dnCBLLMHsNv8y0twKQMY8UnqKBBIIkaC+j6zdCM+9CU3SEGC/TwQc
5iTOHmknFfuvRYN6WKOXbTQZJIx2aDHaRz4MZlpHOVFeHrmY9/s+y24U2nOG9kAC
zBzyXKI5PxT40b/mIGs='''

s = b64decode(s)

print(binascii.hexlify(s))  """


#解码,参考:https://lazzzaro.github.io/2020/05/06/crypto-RSA/  给n,e,dp,c
from Crypto.Util.number import *
import gmpy2
e = 65537
n = 25738076489477390048107389684996103882556969202513166288259522036337632736404168235030854616722305580161628671792338702584031628109920559959142086244929697000719839651284769225292474824312234101039383526660410096665677108899401181859913502426847877961086164703198858818644081120668614573404426468513602005820885294275008357193783600514925643269093575426795017766522751748746504263462858714066992146006524560800527477669712171172719903914727042988942644713692028132153937805550877286612258743238152980687480412165259102950423845139742038860174525053539636028083341480124394591958643772596948645492958078465902879395979
dp = int('54d4d1981870d799334e5ae5174526d2979e14c6ecc74d7b59600fbf7db4c060481c3d38c83aa4048e4c6ad483a416d43aecc58db7fe8b9e3d114187538c02b22c9197fe3afd23a83f6e9ac33fab55c84776b1de23a6057e91c47e36ab2ac7600adbbfeb4159d8b09d81898f9a04e47b679cbe690daf6a60551f2b8227863377',16)
c = 18147789538491672247014835915533602634489783982570184852263130618880895586248510445762793030371772706661903854549522471443489220781151105324395882066129000312901593158718085272159445937780138941087393906131816926837889736944766699516384704335490626882966822721575551789099653648497421444960166756605357079875531002141548345722807396537903265766533712341901884965838493489973962274253970778333560877488158894465781306717489093950490283941677862290948756892133460933354821306503592346279215675049394535928238443884190882236936573982447875998833104600427426373831025442349266689261023328525768063776127379020358376633359

for x in range(1, e):
	if(e*dp%x==1):
		p=(e*dp-1)//x+1
		if(n%p!=0):
			continue
		q=n//p
		phin=(p-1)*(q-1)
		print(phin)
		d=gmpy2.invert(e, phin)
		m=pow(c, d, n)
		print(long_to_bytes(m))
# gigem{DP_DQ_r54_7rUNC473D_SDA79}

 总结下来这道题目其实在1的基础上更进一步了。缺失的较多,直接把q也给丢了。但好在是可以得到dp/dq的。这也是一种证书修复变种。

Jumbled

题目:

Author: Monk

The RSA Public and Private keys are provided. However, the private key seems to be jumbled in a block size of 10 hex characters. Can you get the flag?

附件信息:

flag.txt.enc

C?A酘X=榐親砺.K'?蚳Eh?徍#礕毎V?堳N_揔r1駄[o$戩J6蠙襢~劳槾Rv呂郴?c颦2碥谒BFn仪﹍幜3樆榙H,Ui52笹銢?x柫Z鞆庁`倬?s:Bx^$"搯顶鋂?蕄2y氳甦?劭誷)sp?潥?饝@s	计锉?訽?Kq瘸蓢芑竌讹5qjO駣 嚤暋=磕K?P钳栋ex播i仚?

private

49 45 4e 42 47 2d 2d 2d 2d 2d 20 54 4b 41 45 49 50 56 20 52 0a 2d 4d 2d 0d 2d 59 2d 45 2d 44 42 41 49 41 76 49 41 49 45 47 6b 39 68 69 6b 42 71 4e 67 41 46 53 45 41 41 30 51 77 42 69 67 41 67 53 59 42 77 43 4b 51 42 43 49 41 41 45 6f 67 41 34 50 30 68 76 69 5a 46 71 4e 38 75 6f 4f 78 0d 4e 0a 48 6b 74 75 78 32 30 72 6a 37 50 67 69 59 2b 70 64 35 74 56 6b 50 44 39 74 66 2b 6e 77 31 66 47 79 50 77 6b 6f 6d 59 58 4f 72 51 31 59 79 6f 74 7a 6e 58 32 70 48 0d 54 36 4c 6b 36 55 2f 43 6b 45 33 5a 34 53 37 0a 6f 50 66 56 43 51 63 5a 44 7a 4a 63 6d 62 4a 36 31 6b 70 4d 70 6c 76 76 64 36 78 71 44 54 6c 2f 6a 74 6e 63 68 59 69 6b 4e 44 49 59 64 4c 79 42 41 71 53 79 0a 7a 0d 38 31 55 54 34 4b 56 50 30 61 6e 43 63 4c 6e 54 69 36 6e 75 6f 77 2f 70 53 37 7a 4c 50 76 63 62 67 4d 59 34 62 4d 58 4e 69 56 69 4f 48 76 4c 36 79 56 6a 6c 4f 56 77 65 49 32 4b 56 63 5a 32 74 77 31 38 75 2b 6f 63 68 0d 6a 30 0a 61 36 74 58 4e 34 5a 6e 79 6f 6b 32 68 64 6c 30 43 4f 61 2f 73 33 71 4e 56 36 4d 6a 34 36 52 72 38 67 61 46 30 34 57 73 62 4f 35 5a 42 47 65 69 57 6a 0a 66 2b 75 0d 76 42 69 49 49 6e 6f 6b 54 4a 31 4f 7a 69 6f 75 48 45 49 4a 63 34 4d 76 71 44 62 52 4b 50 42 65 4f 62 79 51 66 57 62 6d 4c 79 6b 41 74 59 2f 63 76 78 63 61 7a 2f 58 71 4a 59 4a 6b 61 4a 6c 36 64 36 78 2f 4f 74 0d 72 0a 71 56 41 42 45 4d 41 41 75 67 36 58 67 55 43 41 38 45 67 41 43 67 57 4b 69 47 2b 55 71 77 4c 53 47 74 79 49 72 61 65 6a 6f 33 78 6b 56 73 44 37 71 65 73 4d 2b 2f 0d 52 36 4d 2b 77 6a 6d 45 77 49 35 6e 47 5a 61 0a 74 64 77 5a 39 37 59 46 70 6b 33 2b 6b 72 4f 38 6b 45 6d 4f 2f 52 6e 63 47 6f 54 53 6f 53 63 33 4f 51 75 53 42 6c 67 65 42 64 42 5a 37 33 57 6e 48 75 31 58 0a 42 0d 75 74 51 6f 78 42 33 52 59 74 6a 71 2b 69 4e 72 42 41 49 52 6e 6a 36 78 4a 56 73 6f 49 31 6a 34 57 61 30 42 70 6d 4e 68 78 7a 70 46 2f 34 78 44 42 2b 71 57 59 6b 71 2f 61 39 47 48 37 57 69 4d 70 4c 32 68 43 51 52 55 0d 63 38 0a 56 2f 38 4f 45 30 4c 39 74 50 68 43 45 4e 74 49 44 31 46 43 43 6b 73 76 57 58 52 39 30 59 68 45 78 51 74 4e 45 39 44 62 55 4a 4b 79 4b 67 38 51 71 6c 0a 71 76 34 0d 59 4b 6c 61 33 73 4b 41 50 67 6a 62 34 32 61 41 4b 59 39 4a 78 48 39 4a 74 74 6b 73 30 59 58 44 70 6b 34 75 45 5a 6a 44 54 4b 4f 57 30 4a 31 78 31 51 68 53 42 50 63 7a 47 2b 52 39 68 71 5a 69 75 65 55 45 54 34 0d 65 0a 67 6f 2b 51 39 37 33 71 50 6a 47 58 58 49 46 71 4d 6a 4b 49 64 48 43 54 58 4a 2b 46 30 4b 45 2f 42 51 67 35 4b 32 5a 33 6e 55 42 74 64 2b 6a 6d 44 63 51 46 53 63 0d 2f 6a 66 77 62 55 4c 46 64 4b 6f 30 51 4d 38 0a 33 55 64 6c 34 42 49 56 45 52 34 7a 46 55 68 4c 4e 52 6a 79 50 46 52 41 68 44 53 7a 63 76 75 66 4d 2b 37 41 55 63 7a 52 4e 39 50 70 4d 2f 4d 42 63 45 41 63 0a 58 0d 4b 79 4b 50 6a 58 42 45 68 4b 49 71 61 6d 43 53 73 42 61 2f 69 55 4e 52 6a 4e 38 42 43 78 75 6f 4e 6b 62 6c 2b 67 66 6c 58 45 73 39 6f 75 33 4b 46 63 44 70 6d 35 38 62 4b 51 6d 31 57 68 6a 38 6e 71 48 4e 56 67 64 4c 0d 74 36 0a 6d 49 49 32 67 6e 6a 7a 48 37 77 70 4b 67 67 58 32 63 61 68 45 4a 68 77 6e 44 67 63 42 51 46 49 63 37 55 72 65 69 69 71 32 4b 78 7a 36 70 66 6e 34 45 0a 79 68 31 0d 36 54 43 74 67 69 4c 53 42 4b 71 55 74 43 6f 6e 36 52 34 74 5a 45 49 65 5a 2f 37 59 59 35 42 45 78 67 5a 62 68 50 4d 50 77 2b 76 71 6e 37 45 57 47 61 48 58 52 73 37 30 72 68 64 34 59 56 39 79 63 69 4e 4e 54 54 0d 4b 0a 31 73 54 6e 6c 34 30 75 77 65 72 66 5a 69 70 2f 38 75 64 76 69 47 30 51 42 64 44 30 78 69 36 53 2b 76 4a 70 49 58 36 72 4c 58 70 7a 69 53 31 56 6f 4b 44 55 39 4e 0d 75 76 4a 6f 39 64 52 64 72 58 45 78 53 75 72 0a 50 33 41 72 78 59 67 4b 42 51 42 50 6e 6b 65 51 74 6e 56 79 70 74 63 62 47 75 31 6a 6f 74 4b 4c 71 6a 42 63 66 43 45 30 73 4e 76 53 42 65 2b 61 51 48 7a 42 0a 73 0d 34 68 4e 79 6c 74 57 35 36 74 37 51 59 38 47 61 7a 69 73 59 5a 69 6b 7a 4a 70 43 59 64 44 63 37 58 79 77 32 45 32 6d 30 4d 7a 33 32 2b 56 63 51 36 74 69 59 67 37 37 44 72 75 42 73 74 4e 78 76 4d 6b 6a 4c 64 42 41 36 0d 59 70 0a 77 4e 42 6b 36 48 50 55 50 77 76 66 47 65 4e 47 4f 50 62 4f 69 69 56 2b 4c 78 32 73 58 35 74 4f 68 53 7a 6d 70 46 61 48 31 6b 41 43 41 68 31 51 30 44 0a 31 45 62 0d 62 47 69 6f 41 4a 41 66 65 74 6c 6c 63 36 56 62 58 4a 4f 42 39 54 48 53 65 4b 71 41 7a 63 4d 30 47 66 6c 36 74 6d 64 67 55 34 4a 62 71 36 4d 57 48 76 50 31 6b 56 78 5a 2f 54 72 76 6f 32 38 67 70 49 72 54 56 65 0d 7a 0a 43 64 37 31 78 50 54 31 69 66 50 50 77 67 62 46 35 75 56 52 6e 2b 2b 56 4f 5a 65 71 6d 53 73 76 41 38 39 56 6b 79 44 35 51 38 56 52 32 39 70 5a 33 6c 32 63 71 62 0d 45 7a 67 6b 6f 54 57 70 72 56 54 35 61 65 75 0a 6e 39 57 37 2b 46 66 54 6d 6a 42 74 30 42 46 37 44 48 4a 58 4b 6b 55 6b 76 37 62 67 6d 7a 4a 62 46 42 2b 64 41 67 7a 43 59 32 50 4a 4b 74 6a 5a 39 63 45 4c 0a 37 0d 68 72 4f 6c 31 38 4a 70 53 69 31 55 36 75 4a 65 65 37 74 32 79 6c 4c 67 6b 63 77 4c 76 71 53 41 46 50 78 6c 2f 52 2b 52 36 67 47 64 35 54 6b 2b 6d 74 4a 69 54 6c 74 2f 33 35 62 49 70 41 50 62 59 54 67 77 59 62 6a 77 0d 46 44 0a 58 2f 49 4c 4b 2b 69 44 68 77 68 71 68 73 71 73 62 35 45 52 4d 7a 54 36 46 42 7a 2b 41 67 2b 79 50 74 77 79 52 50 4b 38 72 59 76 6e 56 37 36 43 43 57 0a 65 70 56 0d 33 32 65 4e 61 46 6a 61 6b 53 44 6c 54 61 49 4f 52 74 77 37 37 79 6f 64 6a 2d 2d 2d 2d 2d 0d 3d 0a 51 3d 41 49 54 52 56 20 4e 50 45 44 2d 2d 2d 2d 2d 45 20 59 45 4b

public

2d 2d 2d 2d 2d 42 45 47 49 4e 20 50 55 42 4c 49 43 20 4b 45 59 2d 2d 2d 2d 2d 0d 0a 4d 49 49 42 49 6a 41 4e 42 67 6b 71 68 6b 69 47 39 77 30 42 41 51 45 46 41 41 4f 43 41 51 38 41 4d 49 49 42 43 67 4b 43 41 51 45 41 71 6d 54 59 68 59 54 37 2b 4e 42 7a 5a 44 72 73 66 4b 44 34 0d 0a 34 4b 2b 39 72 74 4c 63 5a 4c 54 2b 56 61 57 48 59 76 6e 38 42 70 39 58 2f 66 67 37 54 6d 4b 35 6c 35 44 36 4d 73 46 38 39 72 5a 38 74 61 45 47 46 4a 50 79 2b 6b 78 2b 71 55 71 4f 4f 39 35 47 0d 0a 51 68 4d 32 53 58 41 77 6e 30 44 31 54 4a 4b 64 61 53 5a 75 6e 47 30 36 70 63 51 33 62 2b 70 62 35 47 44 59 59 70 34 33 50 37 61 67 55 73 67 48 53 43 77 32 4f 46 43 74 55 2f 4d 73 35 33 45 77 0d 0a 69 32 6a 35 31 64 45 76 2b 38 4b 62 75 71 49 70 32 49 4f 47 7a 4c 79 33 4d 7a 78 34 72 31 54 6a 54 49 6d 31 38 44 6e 70 56 56 65 6f 79 38 73 4e 74 57 62 56 64 6e 43 43 74 49 59 36 4c 6e 50 50 0d 0a 73 6d 61 4f 4a 31 2b 6a 57 72 57 67 76 39 44 6e 64 70 5a 49 65 44 4f 75 6f 7a 64 31 62 4b 6c 74 4c 42 65 49 4b 32 6b 66 46 6e 6f 78 6f 6d 54 67 57 2b 53 41 53 4c 34 72 6e 2f 6f 6a 71 4e 63 30 0d 0a 36 43 5a 35 4c 2b 4b 6e 44 43 42 79 62 68 47 33 73 67 54 69 6d 7a 77 30 51 4d 72 53 35 47 33 35 6b 46 76 32 6c 33 4d 37 2f 38 57 48 4f 69 58 57 70 53 53 5a 4b 6d 4b 71 31 54 73 62 65 76 2b 72 0d 0a 6c 77 49 44 41 51 41 42 0d 0a 2d 2d 2d 2d 2d 45 4e 44 20 50 55 42 4c 49 43 20 4b 45 59 2d 2d 2d 2d 2d

我的解答:

这道题的难度就biubiu上来了,我们来看看是怎么个事。

首先我们解码下公钥

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmTYhYT7+NBzZDrsfKD4
4K+9rtLcZLT+VaWHYvn8Bp9X/fg7TmK5l5D6MsF89rZ8taEGFJPy+kx+qUqOO95G
QhM2SXAwn0D1TJKdaSZunG06pcQ3b+pb5GDYYp43P7agUsgHSCw2OFCtU/Ms53Ew
i2j51dEv+8KbuqIp2IOGzLy3Mzx4r1TjTIm18DnpVVeoy8sNtWbVdnCCtIY6LnPP
smaOJ1+jWrWgv9DndpZIeDOuozd1bKltLBeIK2kfFnoxomTgW+SASL4rn/ojqNc0
6CZ5L+KnDCBybhG3sgTimzw0QMrS5G35kFv2l3M7/8WHOiXWpSSZKmKq1Tsbev+r
lwIDAQAB
-----END PUBLIC KEY-----

解析得到n和e

n = 21510240755391895797392251126333468065642811955059381948531217067500200157192587343981013021525313093852679704035885788909801119333395312090084093958181671132537557153359712792758811713027971732204030430334279725507975275100183059036632459180733954941681944147070942370040842822046123871981475320408243282191701896001902180703675695673251138391340023296500185391470273951722561424220840561040099780810789151859641139766606958023069344423617768698551243818313411124018247598802749326315083446422976866685184664968010286642320264785659560232284046763146464713273328278424445113308747581406364568448073987441571059968919
e = 65537

这道题的难点问题就在于私钥,我们来看一下题目描述:

已提供RSA公钥和私钥。然而,私钥似乎在10个十六进制字符的块大小中混乱。你能去拿旗子吗?

听他的意思,就需要我们找下规律了。我们每10个十六进制分为一组看看情况。

前置知识:首先我们需要知道正确的私钥头是啥

-----BEGIN PRIVATE KEY-----

其十六进制是

2d 2d 2d 2d 2d 42 45 47 49 4e 20 50 52 49 56 41 54 45 20 4b 45 59 2d 2d 2d 2d 2d 0d 0a

我们先大致解一下私钥:

IENBG----- TKAEIPV R
-M-
-Y-E-DBAIAvIAIEGk9hikBqNgAFSEAA0QwBigAgSYBwCKQBCIAAEogA4P0hviZFqN8uoOx
N
Hktux20rj7PgiY+pd5tVkPD9tf+nw1fGyPwkomYXOrQ1YyotznX2pH
T6Lk6U/CkE3Z4S7
oPfVCQcZDzJcmbJ61kpMplvvd6xqDTl/jtnchYikNDIYdLyBAqSy
z
81UT4KVP0anCcLnTi6nuow/pS7zLPvcbgMY4bMXNiViOHvL6yVjlOVweI2KVcZ2tw18u+och
j0
a6tXN4Znyok2hdl0COa/s3qNV6Mj46Rr8gaF04WsbO5ZBGeiWj
f+u
vBiIInokTJ1OziouHEIJc4MvqDbRKPBeObyQfWbmLykAtY/cvxcaz/XqJYJkaJl6d6x/Ot
r
qVABEMAAug6XgUCA8EgACgWKiG+UqwLSGtyIraejo3xkVsD7qesM+/
R6M+wjmEwI5nGZa
tdwZ97YFpk3+krO8kEmO/RncGoTSoSc3OQuSBlgeBdBZ73WnHu1X
B
utQoxB3RYtjq+iNrBAIRnj6xJVsoI1j4Wa0BpmNhxzpF/4xDB+qWYkq/a9GH7WiMpL2hCQRU
c8
V/8OE0L9tPhCENtID1FCCksvWXR90YhExQtNE9DbUJKyKg8Qql
qv4
YKla3sKAPgjb42aAKY9JxH9Jttks0YXDpk4uEZjDTKOW0J1x1QhSBPczG+R9hqZiueUET4
e
go+Q973qPjGXXIFqMjKIdHCTXJ+F0KE/BQg5K2Z3nUBtd+jmDcQFSc
/jfwbULFdKo0QM8
3Udl4BIVER4zFUhLNRjyPFRAhDSzcvufM+7AUczRN9PpM/MBcEAc
X
KyKPjXBEhKIqamCSsBa/iUNRjN8BCxuoNkbl+gflXEs9ou3KFcDpm58bKQm1Whj8nqHNVgdL
t6
mII2gnjzH7wpKggX2cahEJhwnDgcBQFIc7Ureiiq2Kxz6pfn4E
yh1
6TCtgiLSBKqUtCon6R4tZEIeZ/7YY5BExgZbhPMPw+vqn7EWGaHXRs70rhd4YV9yciNNTT
K
1sTnl40uwerfZip/8udviG0QBdD0xi6S+vJpIX6rLXpziS1VoKDU9N
uvJo9dRdrXExSur
P3ArxYgKBQBPnkeQtnVyptcbGu1jotKLqjBcfCE0sNvSBe+aQHzB
s
4hNyltW56t7QY8GazisYZikzJpCYdDc7Xyw2E2m0Mz32+VcQ6tiYg77DruBstNxvMkjLdBA6
Yp
wNBk6HPUPwvfGeNGOPbOiiV+Lx2sX5tOhSzmpFaH1kACAh1Q0D
1Eb
bGioAJAfetllc6VbXJOB9THSeKqAzcM0Gfl6tmdgU4Jbq6MWHvP1kVxZ/Trvo28gpIrTVe
z
Cd71xPT1ifPPwgbF5uVRn++VOZeqmSsvA89VkyD5Q8VR29pZ3l2cqb
EzgkoTWprVT5aeu
n9W7+FfTmjBt0BF7DHJXKkUkv7bgmzJbFB+dAgzCY2PJKtjZ9cEL
7
hrOl18JpSi1U6uJee7t2ylLgkcwLvqSAFPxl/R+R6gGd5Tk+mtJiTlt/35bIpAPbYTgwYbjw
FD
X/ILK+iDhwhqhsqsb5ERMzT6FBz+Ag+yPtwyRPK8rYvnV76CCW
epV
32eNaFjakSDlTaIORtw77yodj-----
=
Q=AITRV NPED-----E YEK

看头部发现解密后很明显是有混淆的。那么我们按题目所说先分组看看。

49 45 4e 42 47 2d 2d 2d 2d 2d
20 54 4b 41 45 49 50 56 20 52 
0a 2d 4d 2d 0d 2d 59 2d 45 2d 
44 42 41 49 41 76 49 41 49 45 
47 6b 39 68 69 6b 42 71 4e 67 
41 46 53 45 41 41 30 51 77 42 
69 67 41 67 53 59 42 77 43 4b 
51 42 43 49 41 41 45 6f 67 41 
34 50 30 68 76 69 5a 46 71 4e 
38 75 6f 4f 78 0d 4e 0a 48 6b 
74 75 78 32 30 72 6a 37 50 67 
69 59 2b 70 64 35 74 56 6b 50 
44 39 74 66 2b 6e 77 31 66 47 
79 50 77 6b 6f 6d 59 58 4f 72 
51 31 59 79 6f 74 7a 6e 58 32 
70 48 0d 54 36 4c 6b 36 55 2f 
43 6b 45 33 5a 34 53 37 0a 6f 
50 66 56 43 51 63 5a 44 7a 4a 
63 6d 62 4a 36 31 6b 70 4d 70 
6c 76 76 64 36 78 71 44 54 6c 
2f 6a 74 6e 63 68 59 69 6b 4e 
44 49 59 64 4c 79 42 41 71 53 
79 0a 7a 0d 38 31 55 54 34 4b 
56 50 30 61 6e 43 63 4c 6e 54 
69 36 6e 75 6f 77 2f 70 53 37 
7a 4c 50 76 63 62 67 4d 59 34 
62 4d 58 4e 69 56 69 4f 48 76 
4c 36 79 56 6a 6c 4f 56 77 65 
49 32 4b 56 63 5a 32 74 77 31 
38 75 2b 6f 63 68 0d 6a 30 0a 
61 36 74 58 4e 34 5a 6e 79 6f 
6b 32 68 64 6c 30 43 4f 61 2f 
73 33 71 4e 56 36 4d 6a 34 36 
52 72 38 67 61 46 30 34 57 73 
62 4f 35 5a 42 47 65 69 57 6a 
0a 66 2b 75 0d 76 42 69 49 49 
6e 6f 6b 54 4a 31 4f 7a 69 6f 
75 48 45 49 4a 63 34 4d 76 71 
44 62 52 4b 50 42 65 4f 62 79 
51 66 57 62 6d 4c 79 6b 41 74 
59 2f 63 76 78 63 61 7a 2f 58 
71 4a 59 4a 6b 61 4a 6c 36 64 
36 78 2f 4f 74 0d 72 0a 71 56 
41 42 45 4d 41 41 75 67 36 58 
67 55 43 41 38 45 67 41 43 67 
57 4b 69 47 2b 55 71 77 4c 53 
47 74 79 49 72 61 65 6a 6f 33 
78 6b 56 73 44 37 71 65 73 4d 
2b 2f 0d 52 36 4d 2b 77 6a 6d 
45 77 49 35 6e 47 5a 61 0a 74 
64 77 5a 39 37 59 46 70 6b 33 
2b 6b 72 4f 38 6b 45 6d 4f 2f 
52 6e 63 47 6f 54 53 6f 53 63 
33 4f 51 75 53 42 6c 67 65 42 
64 42 5a 37 33 57 6e 48 75 31 
58 0a 42 0d 75 74 51 6f 78 42 
33 52 59 74 6a 71 2b 69 4e 72 
42 41 49 52 6e 6a 36 78 4a 56 
73 6f 49 31 6a 34 57 61 30 42 
70 6d 4e 68 78 7a 70 46 2f 34 
78 44 42 2b 71 57 59 6b 71 2f 
61 39 47 48 37 57 69 4d 70 4c 
32 68 43 51 52 55 0d 63 38 0a 
56 2f 38 4f 45 30 4c 39 74 50 
68 43 45 4e 74 49 44 31 46 43 
43 6b 73 76 57 58 52 39 30 59 
68 45 78 51 74 4e 45 39 44 62 
55 4a 4b 79 4b 67 38 51 71 6c 
0a 71 76 34 0d 59 4b 6c 61 33 
73 4b 41 50 67 6a 62 34 32 61 
41 4b 59 39 4a 78 48 39 4a 74 
74 6b 73 30 59 58 44 70 6b 34 
75 45 5a 6a 44 54 4b 4f 57 30 
4a 31 78 31 51 68 53 42 50 63 
7a 47 2b 52 39 68 71 5a 69 75 
65 55 45 54 34 0d 65 0a 67 6f 
2b 51 39 37 33 71 50 6a 47 58 
58 49 46 71 4d 6a 4b 49 64 48 
43 54 58 4a 2b 46 30 4b 45 2f 
42 51 67 35 4b 32 5a 33 6e 55 
42 74 64 2b 6a 6d 44 63 51 46 
53 63 0d 2f 6a 66 77 62 55 4c 
46 64 4b 6f 30 51 4d 38 0a 33 
55 64 6c 34 42 49 56 45 52 34 
7a 46 55 68 4c 4e 52 6a 79 50 
46 52 41 68 44 53 7a 63 76 75 
66 4d 2b 37 41 55 63 7a 52 4e 
39 50 70 4d 2f 4d 42 63 45 41 
63 0a 58 0d 4b 79 4b 50 6a 58 
42 45 68 4b 49 71 61 6d 43 53 
73 42 61 2f 69 55 4e 52 6a 4e 
38 42 43 78 75 6f 4e 6b 62 6c 
2b 67 66 6c 58 45 73 39 6f 75 
33 4b 46 63 44 70 6d 35 38 62 
4b 51 6d 31 57 68 6a 38 6e 71 
48 4e 56 67 64 4c 0d 74 36 0a 
6d 49 49 32 67 6e 6a 7a 48 37 
77 70 4b 67 67 58 32 63 61 68 
45 4a 68 77 6e 44 67 63 42 51 
46 49 63 37 55 72 65 69 69 71 
32 4b 78 7a 36 70 66 6e 34 45 
0a 79 68 31 0d 36 54 43 74 67 
69 4c 53 42 4b 71 55 74 43 6f 
6e 36 52 34 74 5a 45 49 65 5a 
2f 37 59 59 35 42 45 78 67 5a 
62 68 50 4d 50 77 2b 76 71 6e 
37 45 57 47 61 48 58 52 73 37 
30 72 68 64 34 59 56 39 79 63 
69 4e 4e 54 54 0d 4b 0a 31 73 
54 6e 6c 34 30 75 77 65 72 66 
5a 69 70 2f 38 75 64 76 69 47 
30 51 42 64 44 30 78 69 36 53 
2b 76 4a 70 49 58 36 72 4c 58 
70 7a 69 53 31 56 6f 4b 44 55 
39 4e 0d 75 76 4a 6f 39 64 52 
64 72 58 45 78 53 75 72 0a 50 
33 41 72 78 59 67 4b 42 51 42 
50 6e 6b 65 51 74 6e 56 79 70 
74 63 62 47 75 31 6a 6f 74 4b 
4c 71 6a 42 63 66 43 45 30 73 
4e 76 53 42 65 2b 61 51 48 7a 
42 0a 73 0d 34 68 4e 79 6c 74 
57 35 36 74 37 51 59 38 47 61 
7a 69 73 59 5a 69 6b 7a 4a 70 
43 59 64 44 63 37 58 79 77 32 
45 32 6d 30 4d 7a 33 32 2b 56 
63 51 36 74 69 59 67 37 37 44 
72 75 42 73 74 4e 78 76 4d 6b 
6a 4c 64 42 41 36 0d 59 70 0a 
77 4e 42 6b 36 48 50 55 50 77 
76 66 47 65 4e 47 4f 50 62 4f 
69 69 56 2b 4c 78 32 73 58 35 
74 4f 68 53 7a 6d 70 46 61 48 
31 6b 41 43 41 68 31 51 30 44 
0a 31 45 62 0d 62 47 69 6f 41 
4a 41 66 65 74 6c 6c 63 36 56 
62 58 4a 4f 42 39 54 48 53 65 
4b 71 41 7a 63 4d 30 47 66 6c 
36 74 6d 64 67 55 34 4a 62 71 
36 4d 57 48 76 50 31 6b 56 78 
5a 2f 54 72 76 6f 32 38 67 70 
49 72 54 56 65 0d 7a 0a 43 64 
37 31 78 50 54 31 69 66 50 50 
77 67 62 46 35 75 56 52 6e 2b 
2b 56 4f 5a 65 71 6d 53 73 76 
41 38 39 56 6b 79 44 35 51 38 
56 52 32 39 70 5a 33 6c 32 63 
71 62 0d 45 7a 67 6b 6f 54 57 
70 72 56 54 35 61 65 75 0a 6e 
39 57 37 2b 46 66 54 6d 6a 42 
74 30 42 46 37 44 48 4a 58 4b 
6b 55 6b 76 37 62 67 6d 7a 4a 
62 46 42 2b 64 41 67 7a 43 59 
32 50 4a 4b 74 6a 5a 39 63 45 
4c 0a 37 0d 68 72 4f 6c 31 38 
4a 70 53 69 31 55 36 75 4a 65 
65 37 74 32 79 6c 4c 67 6b 63 
77 4c 76 71 53 41 46 50 78 6c 
2f 52 2b 52 36 67 47 64 35 54 
6b 2b 6d 74 4a 69 54 6c 74 2f 
33 35 62 49 70 41 50 62 59 54 
67 77 59 62 6a 77 0d 46 44 0a 
58 2f 49 4c 4b 2b 69 44 68 77 
68 71 68 73 71 73 62 35 45 52 
4d 7a 54 36 46 42 7a 2b 41 67 
2b 79 50 74 77 79 52 50 4b 38 
72 59 76 6e 56 37 36 43 43 57 
0a 65 70 56 0d 33 32 65 4e 61 
46 6a 61 6b 53 44 6c 54 61 49 
4f 52 74 77 37 37 79 6f 64 6a 
2d 2d 2d 2d 2d 0d 3d 0a 51 3d 
41 49 54 52 56 20 4e 50 45 44 
2d 2d 2d 2d 2d 45 20 59 45 4b

正常的十六进制是这样:

2d 2d 2d 2d 2d 42 45 47 49 4e 20 50 52 49 56 41 54 45 20 4b 45 59 2d 2d 2d 2d 2d 0d 0a

(这里需要注意一下当0d 0a连在一起用的时候则代表换行换到下一行

而现在分组后前面部分是:

49 45 4e 42 47 2d 2d 2d 2d 2d
20 54 4b 41 45 49 50 56 20 52 
0a 2d 4d 2d 0d 2d 59 2d 45 2d

这样很明显就看到规律了。什么规律呢?我们一行一行分析

先看第一行:49 45 4e 42 47 2d 2d 2d 2d 2d

与上述正常的对比可发现是这样排列的:

我们就按上图顺序进行排列组合(先右后左)就会得到正确的格式。这样就会发现你整理好后的每一行都遵循这个规律。

正好都是可以根据0d 0a进行换行的(正确的私钥格式确实是换行的,即每行每行的数据形式)

那就好办了我们知道规律就可以写脚本进行排列了。以此便可以得到正确格式的私钥,然后再进行私钥分解得到d直接打

from Crypto.Util.number import *

pripem = "49 45 4e 42 47 2d 2d 2d 2d 2d 20 54 4b 41 45 49 50 56 20 52 0a 2d 4d 2d 0d 2d 59 2d 45 2d 44 42 41 49 41 76 49 41 49 45 47 6b 39 68 69 6b 42 71 4e 67 41 46 53 45 41 41 30 51 77 42 69 67 41 67 53 59 42 77 43 4b 51 42 43 49 41 41 45 6f 67 41 34 50 30 68 76 69 5a 46 71 4e 38 75 6f 4f 78 0d 4e 0a 48 6b 74 75 78 32 30 72 6a 37 50 67 69 59 2b 70 64 35 74 56 6b 50 44 39 74 66 2b 6e 77 31 66 47 79 50 77 6b 6f 6d 59 58 4f 72 51 31 59 79 6f 74 7a 6e 58 32 70 48 0d 54 36 4c 6b 36 55 2f 43 6b 45 33 5a 34 53 37 0a 6f 50 66 56 43 51 63 5a 44 7a 4a 63 6d 62 4a 36 31 6b 70 4d 70 6c 76 76 64 36 78 71 44 54 6c 2f 6a 74 6e 63 68 59 69 6b 4e 44 49 59 64 4c 79 42 41 71 53 79 0a 7a 0d 38 31 55 54 34 4b 56 50 30 61 6e 43 63 4c 6e 54 69 36 6e 75 6f 77 2f 70 53 37 7a 4c 50 76 63 62 67 4d 59 34 62 4d 58 4e 69 56 69 4f 48 76 4c 36 79 56 6a 6c 4f 56 77 65 49 32 4b 56 63 5a 32 74 77 31 38 75 2b 6f 63 68 0d 6a 30 0a 61 36 74 58 4e 34 5a 6e 79 6f 6b 32 68 64 6c 30 43 4f 61 2f 73 33 71 4e 56 36 4d 6a 34 36 52 72 38 67 61 46 30 34 57 73 62 4f 35 5a 42 47 65 69 57 6a 0a 66 2b 75 0d 76 42 69 49 49 6e 6f 6b 54 4a 31 4f 7a 69 6f 75 48 45 49 4a 63 34 4d 76 71 44 62 52 4b 50 42 65 4f 62 79 51 66 57 62 6d 4c 79 6b 41 74 59 2f 63 76 78 63 61 7a 2f 58 71 4a 59 4a 6b 61 4a 6c 36 64 36 78 2f 4f 74 0d 72 0a 71 56 41 42 45 4d 41 41 75 67 36 58 67 55 43 41 38 45 67 41 43 67 57 4b 69 47 2b 55 71 77 4c 53 47 74 79 49 72 61 65 6a 6f 33 78 6b 56 73 44 37 71 65 73 4d 2b 2f 0d 52 36 4d 2b 77 6a 6d 45 77 49 35 6e 47 5a 61 0a 74 64 77 5a 39 37 59 46 70 6b 33 2b 6b 72 4f 38 6b 45 6d 4f 2f 52 6e 63 47 6f 54 53 6f 53 63 33 4f 51 75 53 42 6c 67 65 42 64 42 5a 37 33 57 6e 48 75 31 58 0a 42 0d 75 74 51 6f 78 42 33 52 59 74 6a 71 2b 69 4e 72 42 41 49 52 6e 6a 36 78 4a 56 73 6f 49 31 6a 34 57 61 30 42 70 6d 4e 68 78 7a 70 46 2f 34 78 44 42 2b 71 57 59 6b 71 2f 61 39 47 48 37 57 69 4d 70 4c 32 68 43 51 52 55 0d 63 38 0a 56 2f 38 4f 45 30 4c 39 74 50 68 43 45 4e 74 49 44 31 46 43 43 6b 73 76 57 58 52 39 30 59 68 45 78 51 74 4e 45 39 44 62 55 4a 4b 79 4b 67 38 51 71 6c 0a 71 76 34 0d 59 4b 6c 61 33 73 4b 41 50 67 6a 62 34 32 61 41 4b 59 39 4a 78 48 39 4a 74 74 6b 73 30 59 58 44 70 6b 34 75 45 5a 6a 44 54 4b 4f 57 30 4a 31 78 31 51 68 53 42 50 63 7a 47 2b 52 39 68 71 5a 69 75 65 55 45 54 34 0d 65 0a 67 6f 2b 51 39 37 33 71 50 6a 47 58 58 49 46 71 4d 6a 4b 49 64 48 43 54 58 4a 2b 46 30 4b 45 2f 42 51 67 35 4b 32 5a 33 6e 55 42 74 64 2b 6a 6d 44 63 51 46 53 63 0d 2f 6a 66 77 62 55 4c 46 64 4b 6f 30 51 4d 38 0a 33 55 64 6c 34 42 49 56 45 52 34 7a 46 55 68 4c 4e 52 6a 79 50 46 52 41 68 44 53 7a 63 76 75 66 4d 2b 37 41 55 63 7a 52 4e 39 50 70 4d 2f 4d 42 63 45 41 63 0a 58 0d 4b 79 4b 50 6a 58 42 45 68 4b 49 71 61 6d 43 53 73 42 61 2f 69 55 4e 52 6a 4e 38 42 43 78 75 6f 4e 6b 62 6c 2b 67 66 6c 58 45 73 39 6f 75 33 4b 46 63 44 70 6d 35 38 62 4b 51 6d 31 57 68 6a 38 6e 71 48 4e 56 67 64 4c 0d 74 36 0a 6d 49 49 32 67 6e 6a 7a 48 37 77 70 4b 67 67 58 32 63 61 68 45 4a 68 77 6e 44 67 63 42 51 46 49 63 37 55 72 65 69 69 71 32 4b 78 7a 36 70 66 6e 34 45 0a 79 68 31 0d 36 54 43 74 67 69 4c 53 42 4b 71 55 74 43 6f 6e 36 52 34 74 5a 45 49 65 5a 2f 37 59 59 35 42 45 78 67 5a 62 68 50 4d 50 77 2b 76 71 6e 37 45 57 47 61 48 58 52 73 37 30 72 68 64 34 59 56 39 79 63 69 4e 4e 54 54 0d 4b 0a 31 73 54 6e 6c 34 30 75 77 65 72 66 5a 69 70 2f 38 75 64 76 69 47 30 51 42 64 44 30 78 69 36 53 2b 76 4a 70 49 58 36 72 4c 58 70 7a 69 53 31 56 6f 4b 44 55 39 4e 0d 75 76 4a 6f 39 64 52 64 72 58 45 78 53 75 72 0a 50 33 41 72 78 59 67 4b 42 51 42 50 6e 6b 65 51 74 6e 56 79 70 74 63 62 47 75 31 6a 6f 74 4b 4c 71 6a 42 63 66 43 45 30 73 4e 76 53 42 65 2b 61 51 48 7a 42 0a 73 0d 34 68 4e 79 6c 74 57 35 36 74 37 51 59 38 47 61 7a 69 73 59 5a 69 6b 7a 4a 70 43 59 64 44 63 37 58 79 77 32 45 32 6d 30 4d 7a 33 32 2b 56 63 51 36 74 69 59 67 37 37 44 72 75 42 73 74 4e 78 76 4d 6b 6a 4c 64 42 41 36 0d 59 70 0a 77 4e 42 6b 36 48 50 55 50 77 76 66 47 65 4e 47 4f 50 62 4f 69 69 56 2b 4c 78 32 73 58 35 74 4f 68 53 7a 6d 70 46 61 48 31 6b 41 43 41 68 31 51 30 44 0a 31 45 62 0d 62 47 69 6f 41 4a 41 66 65 74 6c 6c 63 36 56 62 58 4a 4f 42 39 54 48 53 65 4b 71 41 7a 63 4d 30 47 66 6c 36 74 6d 64 67 55 34 4a 62 71 36 4d 57 48 76 50 31 6b 56 78 5a 2f 54 72 76 6f 32 38 67 70 49 72 54 56 65 0d 7a 0a 43 64 37 31 78 50 54 31 69 66 50 50 77 67 62 46 35 75 56 52 6e 2b 2b 56 4f 5a 65 71 6d 53 73 76 41 38 39 56 6b 79 44 35 51 38 56 52 32 39 70 5a 33 6c 32 63 71 62 0d 45 7a 67 6b 6f 54 57 70 72 56 54 35 61 65 75 0a 6e 39 57 37 2b 46 66 54 6d 6a 42 74 30 42 46 37 44 48 4a 58 4b 6b 55 6b 76 37 62 67 6d 7a 4a 62 46 42 2b 64 41 67 7a 43 59 32 50 4a 4b 74 6a 5a 39 63 45 4c 0a 37 0d 68 72 4f 6c 31 38 4a 70 53 69 31 55 36 75 4a 65 65 37 74 32 79 6c 4c 67 6b 63 77 4c 76 71 53 41 46 50 78 6c 2f 52 2b 52 36 67 47 64 35 54 6b 2b 6d 74 4a 69 54 6c 74 2f 33 35 62 49 70 41 50 62 59 54 67 77 59 62 6a 77 0d 46 44 0a 58 2f 49 4c 4b 2b 69 44 68 77 68 71 68 73 71 73 62 35 45 52 4d 7a 54 36 46 42 7a 2b 41 67 2b 79 50 74 77 79 52 50 4b 38 72 59 76 6e 56 37 36 43 43 57 0a 65 70 56 0d 33 32 65 4e 61 46 6a 61 6b 53 44 6c 54 61 49 4f 52 74 77 37 37 79 6f 64 6a 2d 2d 2d 2d 2d 0d 3d 0a 51 3d 41 49 54 52 56 20 4e 50 45 44 2d 2d 2d 2d 2d 45 20 59 45 4b"
pri = list(pripem.split(" "))
BLOCK_SIZE = 10
blocks = []
for i in range(len(pri)//10):
    blocks.append(pri[10*i:10*i+10])

for i in blocks:
    for j in i:
        if(j == "0d" or j == "0a"):
           print("*" ,end="")
        else:
            print(chr(int(j,16)),end="")
    print()


#permutation
for i in blocks:
   temp = [i[8],i[6],i[9],i[5],i[7],i[3],i[1],i[4],i[0],i[2]]
   for j in temp:
      print(chr(int(j,16)),end="")

print()

d = 165256362365378633962296083771135407038026699717295555351716859079395620476165642731501900549887775497121080168180851957155268986745876979986226731585889976886837359456743753775028788280049190032572887402128718766395555960952472194713588403459107775960707064376615034000878349037951437654190347800868982293717655486543355290064798487196374748902866036013066392457458018702080850275261821212483956954132894024744768847485772347326562180294583357305409591048017004560050950841782237308140874043067649757249088082203601577081393135407431927587710161081829108984309876504298973617534523777641091443517585278194374522853
with open(r"flag.txt.enc","rb") as f:
    c = f.read()
c = bytes_to_long(c)
#print(c)
# c = 20903911389815861808411781862278411701372836286936486186129865560107668463267531244786482160584953326497541315153265886618755781586076407411671845450173718573967862572395959371594022022899770732344731614410253507821611577954138952569833455298351938084598707262044805336568153469063837990819952635029404370388514526933355224002615644378125844171889265005988287838524462903548093533878969703225674943246018134510929017573863816241641667676072211629638833279959233128310220788189798045896532942674286514022387656731537798004673090647388174774704336147051629252131700814787400810816308827078785867420730489841499750111664

n = 21510240755391895797392251126333468065642811955059381948531217067500200157192587343981013021525313093852679704035885788909801119333395312090084093958181671132537557153359712792758811713027971732204030430334279725507975275100183059036632459180733954941681944147070942370040842822046123871981475320408243282191701896001902180703675695673251138391340023296500185391470273951722561424220840561040099780810789151859641139766606958023069344423617768698551243818313411124018247598802749326315083446422976866685184664968010286642320264785659560232284046763146464713273328278424445113308747581406364568448073987441571059968919
e = 65537
m = pow(c,d,n)
print(long_to_bytes(m))
#gigem{jumbl3d_r54_pr1v473_k3y_z93kd74lx}

分析:这道题可以说是本次证书修复的压轴了。难就难在对私钥的整理。我们得知道正确的私钥头以及0d 0a的存在及意义。这样才能发现其中奥秘。说实话,这道题确实很不错,略有脑洞。也是启发了我对证书修复新一层的理解。本次的三道证书修复题目真的很赞!

 

posted @ 2024-04-08 22:11  Kicky_Mu  阅读(634)  评论(0编辑  收藏  举报