-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
4 changed files
with
505 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,102 @@ | ||
| # Crypto | ||
|
|
||
| ## Rivest Shamir Adleman | ||
| ``` | ||
| These 3 guys encrypted my flag, but they didn't tell me how to decrypt it. | ||
| File: enc.txt | ||
| ``` | ||
|
|
||
| `enc.txt` content: | ||
| ``` | ||
| n = 408579146706567976063586763758203051093687666875502812646277701560732347095463873824829467529879836457478436098685606552992513164224712398195503564207485938278827523972139196070431397049700119503436522251010430918143933255323117421712000644324381094600257291929523792609421325002527067471808992410166917641057703562860663026873111322556414272297111644069436801401012920448661637616392792337964865050210799542881102709109912849797010633838067759525247734892916438373776477679080154595973530904808231 | ||
| e = 65537 | ||
| c = 226582271940094442087193050781730854272200420106419489092394544365159707306164351084355362938310978502945875712496307487367548451311593283589317511213656234433015906518135430048027246548193062845961541375898496150123721180020417232872212026782286711541777491477220762823620612241593367070405349675337889270277102235298455763273194540359004938828819546420083966793260159983751717798236019327334525608143172073795095665271013295322241504491351162010517033995871502259721412160906176911277416194406909 | ||
| ``` | ||
|
|
||
| With http://www.factordb.com we can see the factors p and q of N: | ||
| ``` | ||
| p = 15485863 | ||
| q = 26384008867091745294633354547835212741691416673097444594871961708606898246191631284922865941012124184327243247514562575750057530808887589809848089461174100421708982184082294675500577336225957797988818721372546749131380876566137607036301473435764031659085276159909447255824316991731559776281695919056426990285120277950325598700770588152330565774546219611360167747900967511378709576366056727866239359744484343099322440674434020874200594041033926202578941508969596229398159965581521326643115137 | ||
| ``` | ||
|
|
||
| ``` python | ||
| $ python2 | ||
| >>> p = 15485863 | ||
| >>> q = 26384008867091745294633354547835212741691416673097444594871961708606898246191631284922865941012124184327243247514562575750057530808887589809848089461174100421708982184082294675500577336225957797988818721372546749131380876566137607036301473435764031659085276159909447255824316991731559776281695919056426990285120277950325598700770588152330565774546219611360167747900967511378709576366056727866239359744484343099322440674434020874200594041033926202578941508969596229398159965581521326643115137 | ||
| >>> N = p * q | ||
| >>> e = 65537 | ||
| >>> phi = (q - 1) * (p - 1) | ||
| >>> from Crypto.Util.number import inverse | ||
| >>> d = inverse(e, phi) | ||
| >>> cipher = 226582271940094442087193050781730854272200420106419489092394544365159707306164351084355362938310978502945875712496307487367548451311593283589317511213656234433015906518135430048027246548193062845961541375898496150123721180020417232872212026782286711541777491477220762823620612241593367070405349675337889270277102235298455763273194540359004938828819546420083966793260159983751717798236019327334525608143172073795095665271013295322241504491351162010517033995871502259721412160906176911277416194406909 | ||
| >>> plaintext = pow(cipher, d, N) | ||
| >>> print plaintext | ||
| 49459207073075609387052389022856465595244842985649235071628181272612221410724680024945533 | ||
| >>> print hex(plaintext)[2:-1].decode('hex') | ||
| csictf{sh0uld'v3_t4k3n_b1gg3r_pr1m3s} | ||
| ``` | ||
|
|
||
| The flag is: `csictf{sh0uld'v3_t4k3n_b1gg3r_pr1m3s}` | ||
| ## little RSA | ||
| ``` | ||
| The flag.zip contains the flag I am looking for but it is password protected. | ||
| The password is the encrypted message which has to be correctly decrypted so I can useit to open the zip file. | ||
| I tried using RSA but the zip doesn't open by it. Can you help me get the flag please? | ||
| Files: a.txt flag.zip | ||
| ``` | ||
| `a.txt` content: | ||
| ``` | ||
| c=32949 | ||
| n=64741 | ||
| e=42667 | ||
| ``` | ||
| We will crack the rsa cipher: | ||
| ``` python | ||
| $ python2 | ||
| >>> p = 101 | ||
| >>> q = 641 | ||
| >>> N = p * q | ||
| >>> e = 42667 | ||
| >>> phi = (q - 1) * (p - 1) | ||
| >>> from Crypto.Util.number import inverse | ||
| >>> d = inverse(e, phi) | ||
| >>> cipher = 32949 | ||
| >>> plaintext = pow(cipher, d, N) | ||
| >>> print plaintext | ||
| 18429 | ||
| ``` | ||
| We extract the encrypted file `flag.txt` from the archive `flag.zip` with the password `18429` and we get the flag | ||
| The flag is: `csictf{gr34t_m1nds_th1nk_4l1ke}` | ||
| ## Quick Math | ||
| ``` | ||
| Ben has encrypted a message with the same value of 'e' for 3 public moduli and got the cipher texts. | ||
| n1 = 86812553978993 n2 = 81744303091421 n3 = 83695120256591 | ||
| c1 = 8875674977048 c2 = 70744354709710 c3 = 29146719498409 | ||
| Find the original message. (Wrap it with csictf{}) | ||
| ``` | ||
| I was inspired by the explanation https://www.johndcook.com/blog/2019/03/06/rsa-exponent-3/ | ||
| ``` python | ||
| $ python2 | ||
| >>> N = [86812553978993, 81744303091421, 83695120256591] | ||
| >>> c = [8875674977048, 70744354709710, 29146719498409] | ||
| >>> from sympy.ntheory.modular import crt | ||
| >>> x = crt(N, c)[0] | ||
| >>> print x | ||
| 319222184729548122617007524482681344 | ||
| ``` | ||
| Thanks to https://www.calculator.net/root-calculator.html, we get the cube root of `319222184729548122617007524482681344`: it's `683435743464` | ||
| And `683435743464` is `h45t4d` in hexadecimal | ||
| The flag is: `csictf{h45t4d}` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| # Forensics | ||
|
|
||
| ## Gradient sky | ||
| ``` | ||
| Gradient sky is a begginer level ctf challenge which is aimed towards rookies. | ||
| File: sky.jpg | ||
| ``` | ||
|
|
||
| ``` | ||
| $ strings sky.jpg | ||
| [...] | ||
| csictf{j0ker_w4snt_happy} | ||
| ``` | ||
|
|
||
| The flag is: `csictf{j0ker_w4snt_happy}` | ||
|
|
||
| ## Archenemy | ||
| ``` | ||
| John likes Arch Linux. What is he hiding? | ||
| File: arched.png | ||
| ``` | ||
|
|
||
| We can exctract a file from `arched.png` with steghide and an empty passphrase: | ||
| ``` | ||
| $ steghide extract -sf arched.png | ||
| Enter passphrase: | ||
| wrote extracted data to "flag.zip". | ||
| ``` | ||
|
|
||
| `flag.zip` is an archive protected by a password, we try to crack it: | ||
|
|
||
| ``` | ||
| $ zipCracker/zipcracker.py -f flag.zip -w /usr/share/wordlists/rockyou.txt | ||
| 3638 / 14344394 | 0.00% -> masones1lndg456ce | ||
| Password cracked: kathmandu | ||
| Took 2.379971 seconds to crack the password. That is, 1529 attempts per second. | ||
| ``` | ||
|
|
||
| Then, file `meme.jpg` is extracted and we can read the flag on it. | ||
|
|
||
| The flag is: `csictf{1_h0pe_y0u_don't_s33_m3_here}` |
Oops, something went wrong.