攻防世界 best_rsa

题目

解压包后有四个文件

分析与解题

  1. 先从两个公钥文件中提取公钥信息
from Crypto.PublicKey import RSA

f1 = open("F:\\ChromeCommon\\c2d6e7158d7b4cd6a747774f0bdc5f72\\publickey1.pem","rb").read()
f2 = open("F:\\ChromeCommon\\c2d6e7158d7b4cd6a747774f0bdc5f72\\publickey2.pem","rb").read()
pub1 = RSA.importKey(f1)
pub2 = RSA.importKey(f2)
n1 = pub1.n
e1 = pub1.e
n2 = pub2.n
e2 = pub2.e
print(n1)
print(n2)
print(e1)
print(e2)

n1 = 13060424286033164731705267935214411273739909173486948413518022752305313862238166593214772698793487761875251030423516993519714215306808677724104692474199215119387725741906071553437840256786220484582884693286140537492541093086953005486704542435188521724013251087887351409946184501295224744819621937322469140771245380081663560150133162692174498642474588168444167533621259824640599530052827878558481036155222733986179487577693360697390152370901746112653758338456083440878726007229307830037808681050302990411238666727608253452573696904083133866093791985565118032742893247076947480766837941319251901579605233916076425572961
n2 = 13060424286033164731705267935214411273739909173486948413518022752305313862238166593214772698793487761875251030423516993519714215306808677724104692474199215119387725741906071553437840256786220484582884693286140537492541093086953005486704542435188521724013251087887351409946184501295224744819621937322469140771245380081663560150133162692174498642474588168444167533621259824640599530052827878558481036155222733986179487577693360697390152370901746112653758338456083440878726007229307830037808681050302990411238666727608253452573696904083133866093791985565118032742893247076947480766837941319251901579605233916076425572961
e1 = 117
e2 = 65537

  1. 发现n1==n2,所以共模攻击(此前已有总结,不再赘述)
  2. 利用以前的共模攻击代码(通用)即可
from general_project.sameNAttack import same_n_attack
from Crypto.Util.number import *

n = 13060424286033164731705267935214411273739909173486948413518022752305313862238166593214772698793487761875251030423516993519714215306808677724104692474199215119387725741906071553437840256786220484582884693286140537492541093086953005486704542435188521724013251087887351409946184501295224744819621937322469140771245380081663560150133162692174498642474588168444167533621259824640599530052827878558481036155222733986179487577693360697390152370901746112653758338456083440878726007229307830037808681050302990411238666727608253452573696904083133866093791985565118032742893247076947480766837941319251901579605233916076425572961
e1 = 117
e2 = 65537
c1 = open("F:\\ChromeCommon\\c2d6e7158d7b4cd6a747774f0bdc5f72\\cipher1.txt","rb").read()
c2 = open("F:\\ChromeCommon\\c2d6e7158d7b4cd6a747774f0bdc5f72\\cipher2.txt","rb").read()
m = same_n_attack(n,e1,e2,bytes_to_long(c1),bytes_to_long(c2))
print long_to_bytes(m)

注意这里需要以二进制形式读入密文,在共模攻击时还需将字节流转成数字。
4. flag{interesting_rsa}

posted @ 2020-08-21 18:03  vict0r  阅读(1228)  评论(4编辑  收藏  举报