0%

[SWPUCTF 2021 新生赛]crypto5 mxy2qk的WriteUp

2022-10-22 14:36By
mxy2qk
Crypto小明文攻击

观察附件只给了一个ciphertext(flag)和n,得知为RSA。思考一下RSA几种常见攻击,可以断定这是低加密指数小明文攻击。

from Crypto.Util.number import *
import gmpy2
flag = 25166751653530941364839663846806543387720865339263370907985655775152187319464715737116599171477207047430065345882626259880756839094179627032623895330242655333
e = 2
# e从2开始遍历,随便找一个较小的值,我这里取的是2**6。运行找到可以开e次方的flag,并得到其结果

while(e < 2**6):
    e += 1
    print(gmpy2.iroot(flag , e))        
# 添加一个print语句,将结果复制粘贴,转换格式
print(long_to_bytes(29305044677847256883031643626546437461373017758852477))

运行结果如下

(mpz(29305044677847256883031643626546437461373017758852477), True)
(mpz(2239787367494658961926395047063833603906), False)
(mpz(30211023082079078184793394727428), False)
(mpz(171187162713350842203231979), False)
(mpz(30607823753538418950179), False)
(mpz(47326391870653513426), False)
(mpz(308305161786402933), False)
(mpz(5496455501691892), False)
(mpz(203782133965548), False)
(mpz(13083851218710), False)
(mpz(1281610142349), False)
(mpz(174950918127), False)
(mpz(31145010208), False)
(mpz(6879417989), False)
(mpz(1814981430), False)
(mpz(555252340), False)
(mpz(192421706), False)
(mpz(74138084), False)
(mpz(31280773), False)
(mpz(14275227), False)
(mpz(6974518), False)
(mpz(3617160), False)
(mpz(1977120), False)
(mpz(1132082), False)
(mpz(675554), False)
(mpz(418271), False)
(mpz(267679), False)
(mpz(176479), False)
(mpz(119521), False)
(mpz(82942), False)
(mpz(58846), False)
(mpz(42602), False)
(mpz(31417), False)
(mpz(23563), False)
(mpz(17950), False)
(mpz(13871), False)
(mpz(10862), False)
(mpz(8610), False)
(mpz(6903), False)
(mpz(5592), False)
(mpz(4575), False)
(mpz(3778), False)
(mpz(3146), False)
(mpz(2640), False)
(mpz(2233), False)
(mpz(1901), False)
(mpz(1630), False)
(mpz(1406), False)
(mpz(1219), False)
(mpz(1063), False)
(mpz(932), False)
(mpz(821), False)
(mpz(727), False)
(mpz(646), False)
(mpz(577), False)
(mpz(517), False)
(mpz(465), False)
(mpz(420), False)
(mpz(380), False)
(mpz(345), False)
(mpz(315), False)
(mpz(287), False)
b'NSSCTF{because_i_like}'

进程已结束,退出代码0
还没有人赞赏,快来当第一个赞赏的人吧!
  
© 著作权归作者所有
加载失败
广告
×
评论区
添加新评论

想问下大佬为什么是直接gmpy2.iroot(flag , e),而不是gmpy2.iroot(flag+k*n , e),k需要遍历,不然题目给的n就没用了呀(。・`ω´・)

因为bytes_to_long是将字符转化为ASKII码,而flag最多大概也就不超过50字符,转化为ASKII码最多也就150位,远小于n的位数(如果n小的话就能直接分解了),所以能看出来k=0就直接iroot(flag,e)得出来true的开方值就是m

文章信息
板块CRYPTO
作者
mxy2qk
目录导航
暂无数据