Search-1

CRYPTO MEDIUM - 390

Description

Johnny patched the previous leak, but seems to have created a new one.

See if you can still decrypt the flag.

Once again we are given the rsa code and a container that gives us the variables.

from Crypto.Util.number import getPrime, inverse, bytes_to_long
from string import ascii_letters, digits
from random import choice

m = open("flag.txt", "rb").read()
p = getPrime(128)
q = getPrime(128)
n = p * q
e = 65537
l = (p-1)*(q-1)
d = inverse(e, l)

m = pow(bytes_to_long(m), e, n)
print(m)
print(n)
leak = (p-2)*(q-2)
print(leak)

What i noticed was that the primes here are relatively small, and n can be factored in a matter of minutes using an online tool. I used https://www.alpertron.com.ar/ECM.HTM which factorized n in about 4 minutes.

I'm pretty sure this was not intended, but it worked.

Get your n, factorize it , and there you go

To decode i also used https://www.dcode.fr/rsa-cipher

bucket{your flag}

PreviousSearch-0 NextTBDLCG

Last updated 1 year ago

Was this helpful?

Search-1

CRYPTO MEDIUM - 390

Description

Johnny patched the previous leak, but seems to have created a new one.

See if you can still decrypt the flag.

Once again we are given the rsa code and a container that gives us the variables.

from Crypto.Util.number import getPrime, inverse, bytes_to_long
from string import ascii_letters, digits
from random import choice

m = open("flag.txt", "rb").read()
p = getPrime(128)
q = getPrime(128)
n = p * q
e = 65537
l = (p-1)*(q-1)
d = inverse(e, l)

m = pow(bytes_to_long(m), e, n)
print(m)
print(n)
leak = (p-2)*(q-2)
print(leak)

I'm pretty sure this was not intended, but it worked.

Get your n, factorize it , and there you go

To decode i also used https://www.dcode.fr/rsa-cipher

bucket{your flag}

PreviousSearch-0 NextTBDLCG

Last updated 1 year ago

Was this helpful?