from Crypto.Util.number import * from secret import url from gmpy2 import * m = bytes_to_long(url) p = getPrime(512) q = getPrime(512) n = p * q d = getPrime(256) e = inverse(d,(p-1)*(q-1)) c = pow(m,e,n) print(n) print(c) m = e p = getPrime(512) q = getPrime(512) n = p * p * q e = 0x10001 d = inverse(e,lcm(p,lcm(p-1,q-1))) c = pow(m,e,n) hint = pow(d,e,n) print(n) print(c)p print(hint)
不过我们进入第二步,我们看到了$\ln d = 0.25 \ln n$,考虑Wienerattack,不过好像失败了(。还好,我在RSA Notes 4中还有一个脚本,这个能够跑出来。
解出来后,是一个网站。。。里面竟然还有一题(
1 2 3 4 5 6 7 8 9 10 11 12 13
from Crypto.Util.number import * from secret import flag,padding from gmpy2 import * m = bytes_to_long(flag) e = 7 p = getPrime(512) q = getPrime(512) n = p * q c1 = pow(m,e,n) c2 = pow(m+padding,e,n) print(n) print(c1) print(c2)
import socketserver import os import signal import string import random from gmpy2 import * from secret import flag from hashlib import sha256 from Crypto.Util.number import * MENU = br'''[+] 1.function [+] 2.only_function_numerator [+] 3.only_function_denominator [+] 4.exit ''' classTask(socketserver.BaseRequestHandler): def_recvall(self): BUFF_SIZE = 2048 data = b'' whileTrue: part = self.request.recv(BUFF_SIZE) data += part iflen(part) < BUFF_SIZE: break return data.strip() defsend(self, msg, newline=True): try: if newline: msg += b'\n' self.request.sendall(msg) except: pass defrecv(self, prompt=b'[-] '): self.send(prompt, newline=False) returnself._recvall() defproof_of_work(self): random.seed(os.urandom(8)) proof = ''.join([random.choice(string.ascii_letters+string.digits) for _ inrange(20)]) _hexdigest = sha256(proof.encode()).hexdigest() self.send(f"[+] sha256(XXXX+{proof[4:]}) == {_hexdigest}".encode()) x = self.recv(prompt=b'[+] Plz tell me XXXX: ') iflen(x) != 4or sha256(x+proof[4:].encode()).hexdigest() != _hexdigest: returnFalse returnTrue deffunction_only_numerator(self, x): ''' ******** * hide * ******** ''' return deffunction_only_denominator(self, x): ''' ******** * hide * ******** ''' return defmy_round(self, value, x): returnround(value * (10**x)) / ((10**x) * 1.0) deffunction(self, x): res = 0 for i inrange(self.lenth): numerator = ord(flag[i]) denominator = x - self.data[i] try: tmp = numerator / denominator except Exception as e: self.send(b'[+] Error!') return res += tmp assertself.my_round(res,10) == self.my_round(self.function_only_numerator(x) / self.function_only_denominator(x),10) return res defhandle(self): signal.alarm(500) ifnotself.proof_of_work(): return self.data = [] for i inrange(len(flag)): self.data.append(getRandomInteger(16)) self.data.sort() self.lenth = len(flag) assertself.lenth == len(self.data) self.send(b'[+] Welcome!') self.send(b'[+] Can you find the flag through the calculating?') whileTrue: self.send(MENU, newline=False) choice = self.recv() if(choice == b'1'): self.send(b"[+] Plz give me your x: ") now = int(self.recv().strip().decode()) now = self.function(now) self.send(("[+] let me show you the answer: "+str(now)).encode()) elif(choice == b'2'): self.send(b"[+] Plz give me your x: ") now = int(self.recv().strip().decode()) now = self.function_only_numerator(now) self.send(("[+] let me show you the answer: "+str(now)).encode()) elif(choice == b'3'): self.send(b"[+] Plz give me your x: ") now = int(self.recv().strip().decode()) now = self.function_only_denominator(now) self.send(("[+] let me show you the answer: "+str(now)).encode()) else: break self.request.close() classThreadedServer(socketserver.ThreadingMixIn, socketserver.TCPServer): pass classForkedServer(socketserver.ForkingMixIn, socketserver.TCPServer): pass if __name__ == "__main__": HOST, PORT = '0.0.0.0', 10001 server = ForkedServer((HOST, PORT), Task) server.allow_reuse_address = True server.serve_forever()
from Crypto.Util.number import * from pwn import * from hashlib import sha256 defgetyanzhengma(s16,s64): assertlen(s16)==16andlen(s64)==64 table="0123456789QWERTYUIOPASDFGHJKLZXCVBNMqwertyuiopasdfghjklzxcvbnm" for i1 in table: for i2 in table: for i3 in table: for i4 in table: s=i1+i2+i3+i4+s16 if(sha256(s.encode()).hexdigest()==s64): return i1+i2+i3+i4 defstr_2_list(s): li,inli,num,table=[],0,0,"0123456789" for i in s: if i in table: inli,num=1,num*10+int(i) else: if inli==1: li.append(num) inli,num=0,0 return li,len(li) defstr_2_float(s): flo,uit,dot=0,0.1,0 for i in s: if i=='.': dot=1 continue if dot==0: flo=flo*10+int(i) else: flo+=int(i)*uit uit=uit/10 return flo #--------MAIN BELOW--------# sh=remote("node3.buuoj.cn",26452) s1=sh.recvuntil(':') s2=getyanzhengma(s1[16:32],s1[37:101]) sh.send(s2) print('[#] sent yanzhengma') for T inrange(5): print('[#] '+str(T+1)+'th Round Begin') ifnot T: for i inrange(3): s1=sh.recvline(keepends=False) else: s1=sh.recvline(keepends=False) tokn,lentokn=str_2_list(s1) subans="" for i inrange(lentokn): s1=sh.recvuntil('xit') sh.send('1') s1=sh.recvuntil('x:') sh.send(str(tokn[i]+1)) s1=sh.recvline(keepends=False) s1=sh.recvline(keepends=False) subans+=chr(int(str_2_float(s1[36:48])+0.5)) print('[#] '+str(T+1)+' th Round Answer: '+subans) sh.recvuntil('xit') sh.send('2') sh.send(subans) print('[#] Sent '+str(T+1)+'th Round Answer') for i inrange(3): s1=sh.recvline(keepends=False) flag=sh.recvline(keepends=False) flag=sh.recvline(keepends=False) print(flag)
from Crypto.Util.number import * from hashlib import sha256 from secret import flag import socketserver import signal import string import random import os MENU = br'''[+] 1.function [+] 2.check_answer [+] 3.exit ''' classTask(socketserver.BaseRequestHandler): def_recvall(self): BUFF_SIZE = 2048 data = b'' whileTrue: part = self.request.recv(BUFF_SIZE) data += part iflen(part) < BUFF_SIZE: break return data.strip() defsend(self, msg, newline=True): try: if newline: msg += b'\n' self.request.sendall(msg) except: pass defrecv(self, prompt=b'[-] '): self.send(prompt, newline=False) returnself._recvall() defproof_of_work(self): random.seed(os.urandom(8)) proof = ''.join([random.choice(string.ascii_letters+string.digits) for _ inrange(20)]) _hexdigest = sha256(proof.encode()).hexdigest() self.send(f"[+] sha256(XXXX+{proof[4:]}) == {_hexdigest}".encode()) x = self.recv(prompt=b'[+] Plz tell me XXXX: ') iflen(x) != 4or sha256(x+proof[4:].encode()).hexdigest() != _hexdigest: returnFalse returnTrue deffunction(self, x): res = 0 for i inrange(self.lenth): numerator = ord(self.token[i]) denominator = x - self.data[i] try: tmp = numerator / denominator except Exception as e: self.send(b'[+] Error!') return res += tmp return res defhandle(self): signal.alarm(1000) ifnotself.proof_of_work(): return self.send(b'[+] Welcome!') self.send(b'[+] Can you find the flag through the calculating?') self.score = 0 self.token = ''.join(random.sample(string.ascii_letters + string.digits, 8)) self.lenth = len(self.token) self.data = [] for i inrange(self.lenth): self.data.append(getRandomInteger(17)) self.send(str(self.data).encode()) whileTrue: self.send(MENU, newline=False) choice = self.recv() if(choice == b'1'): self.send(b"[+] Plz give me your x: ") now = int(self.recv().strip().decode()) now = self.function(now) self.send(("[+] let me show you the answer: "+str(now)).encode()) elif(choice == b'2'): guess = self.recv().strip().decode() if(guess == self.token): self.score += 1 self.send(b"[+] You win!") self.send(("[!] Now your score: " + str(self.score)).encode())
self.token = ''.join([random.choice(string.digits + string.ascii_letters) for i inrange((self.score+1)*8)]) self.lenth = len(self.token) self.data = [] for i inrange(self.lenth): self.data.append(getRandomInteger(17)) self.send(str(self.data).encode())
if(self.score >= 5): self.send(flag.encode()) else: self.send(b'[+] What do you want to say???') self.send(b'[!] Go away!') break else: break self.request.close() classThreadedServer(socketserver.ThreadingMixIn, socketserver.TCPServer): pass classForkedServer(socketserver.ForkingMixIn, socketserver.TCPServer): pass if __name__ == "__main__": HOST, PORT = '0.0.0.0', 10002 server = ForkedServer((HOST, PORT), Task) server.allow_reuse_address = True server.serve_forever()
defReduceError(tokn,lflo): lflo2=[] for i inrange(len(tokn)): cnt=lflo[i] for j inrange(len(tokn)): if i==j: continue cnt-=lflo[j]/(-tokn[j]+tokn[i]+1) lflo2.append(cnt) return lflo2
from Crypto.Util.number import * from pwn import * from hashlib import sha256 defgetyanzhengma(s16,s64): assertlen(s16)==16andlen(s64)==64 table="0123456789QWERTYUIOPASDFGHJKLZXCVBNMqwertyuiopasdfghjklzxcvbnm" for i1 in table: for i2 in table: for i3 in table: for i4 in table: s=i1+i2+i3+i4+s16 if(sha256(s.encode()).hexdigest()==s64): return i1+i2+i3+i4 defstr_2_list(s): li,inli,num,table=[],0,0,"0123456789" for i in s: if i in table: inli,num=1,num*10+int(i) else: if inli==1: li.append(num) inli,num=0,0 return li,len(li) defstr_2_float(s): flo,uit,dot=0,0.1,0 for i in s: if i=='.': dot=1 continue if dot==0: flo=flo*10+int(i) else: flo+=int(i)*uit uit=uit/10 return flo defReduceError(tokn,lflo): lflo2=[] for i inrange(len(tokn)): cnt=lflo[i] for j inrange(len(tokn)): if i==j: continue cnt-=lflo[j]/(-tokn[j]+tokn[i]+1) lflo2.append(cnt) return lflo2 #--------MAIN BELOW--------# sh=remote("node3.buuoj.cn",25102) s1=sh.recvuntil(':') s2=getyanzhengma(s1[16:32],s1[37:101]) sh.send(s2) print('[#] sent yanzhengma') for T inrange(5): lflo=[] print('[#] '+str(T+1)+'th Round Begin') ifnot T: for i inrange(3): s1=sh.recvline(keepends=False) else: s1=sh.recvline(keepends=False) tokn,lentokn=str_2_list(s1) subans="" for i inrange(lentokn): s1=sh.recvuntil('xit') sh.send('1') s1=sh.recvuntil('x:') sh.send(str(tokn[i]+1)) s1=sh.recvline(keepends=False) s1=sh.recvline(keepends=False) lflo.append(str_2_float(s1[36:48])) print(lflo) lflo=ReduceError(tokn,lflo) print(lflo) for i in lflo: subans+=str(chr(int(i+0.5)))
print('[#] '+str(T+1)+' th Round Answer: '+subans) sh.recvuntil('xit') sh.send('2') sh.send(subans) print('[#] Sent '+str(T+1)+'th Round Answer') for i inrange(3): s1=sh.recvline(keepends=False) flag=sh.recvline(keepends=False) flag=sh.recvline(keepends=False) print(flag)