BCTF2015-writeup

正文之前还是写点废话吧,实力不行,能力不够,被虐的惨惨的 简单写个文章作为记录吧 checkin-10 登陆IRC BCTF频道后,最上面有一段字符串 看了下目测是ROT13,解密后得到flag warmup-50 c=0x1e04304936215de8e21965cfca9c245b1a8f38339875d36779c0f123c475bc24d5eef50e7d9ff5830e80c62e8083ec55f27456c80b0ab26546b9aeb8af30e82b650690a2ed7ea407dcd094ab9c9d3d25a93b2140dcebae1814610302896e67f3ae37d108cd029fae6362ea7ac1168974c1a747ec9173799e1107e7a56d783660418ebdf6898d7037cea25867093216c2c702ef3eef71f694a6063f5f0f1179c8a2afe9898ae8dec5bb393cdffa3a52a297cd96d1ea602309ecf47cd009829b44ed3100cf6194510c53c25ca7435f60ce5f4f614cdd2c63756093b848a70aade002d6bc8f316c9e5503f32d39a56193d1d92b697b48f5aa43417631846824b5e86 http://dl.bctf.cn/warmup-c6aa398e4f3e72bc2ea2742ae528ed79.pub.xz 题目给了一个加密后的c值和一个rsa的公钥文件 把公钥文件用openssl 分解出n和e 然后脑洞不够大,一直想着直接分解n,然后算出私钥d,结果跑了半天都没跑出来,后来搜到一个rsa的漏洞 rsa wiener attack, 在github上找了一个代码,修改了之后顺利跑出明文m: import ContinuedFractions, Arithmetic, RSAvulnerableKeyGenerator import sys sys.setrecursionlimit(1000000) def hack_RSA(e,n): ”’ Finds d knowing (e,n) applying the Wiener continued fraction attack ”’ frac = ContinuedFractions.rational_to_contfrac(e, n) convergents = ContinuedFractions.convergents_from_contfrac(frac) for (k,d) in convergents: #check if d is actually the […]