欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

[HDCTF2019]bbbbbbrsa

程序员文章站 2022-06-09 22:44:00
题目给出e的取值范围 ,以及n和p、base32加密并倒序的c由n和p可得q,base32倒序解密得c只要爆破出e即可from base64 import b64encode as b32encodefrom base64 import b64decode as b32decodeimport gmpy2from Crypto.Util.number import *from binascii import a2b_hex,b2a_heximport random# flag = "**...

题目给出e的取值范围 ,以及n和p、base32加密并倒序的c
由n和p可得q,base32倒序解密得c
只要爆破出e即可

from base64 import b64encode as b32encode
from base64 import b64decode as b32decode
import gmpy2
from Crypto.Util.number import *
from binascii import a2b_hex,b2a_hex
import random

# flag = "******************************"

# nbit = 128

# p = getPrime(nbit)
# q = getPrime(nbit)
# n = p*q

# print p
# print n

# phi = (p-1)*(q-1)

# e = random.randint(50000,70000)

# while True:
# 	if gcd(e,phi) == 1:
# 		break;
# 	else:
# 		e -= 1;

# c = pow(int(b2a_hex(flag),16),e,n)

# print b32encode(str(c))[::-1]

# 2373740699529364991763589324200093466206785561836101840381622237225512234632
p = 177077389675257695042507998165006460849
n = 37421829509887796274897162249367329400988647145613325367337968063341372726061
c = '==gMzYDNzIjMxUTNyIzNzIjMyYTM4MDM0gTMwEjNzgTM2UTN4cjNwIjN2QzM5ADMwIDNyMTO4UzM2cTM5kDN2MTOyUTO5YDM0czM3MjM'
c = str(c)[::-1]
print(b32decode(str(c)))
#c = 2373740699529364991763589324200093466206785561836101840381622237225512234632
q = n //p
#q = 211330365658290458913359957704294614589
phi = (q-1) * (p-1)
e = random.randint(50000,70000)
for e in range(50000,70000):
	if gmpy2.gcd(e,phi) == 1:
		d = gmpy2.invert(e ,phi)
		m = pow(c,d,n)
		if 'flag' in str(long_to_bytes(m)):
			print('e = ',e)
			print(long_to_bytes(m))
			break
# e =  51527
# b'flag{rs4_1s_s1mpl3!#}'

本文地址:https://blog.csdn.net/weixin_45859850/article/details/110879919