From 6a3e260b3d486eb0dce63129b9fe878750b567e8 Mon Sep 17 00:00:00 2001 From: Maxime Vorwerk Date: Wed, 24 Jul 2024 19:28:02 +0200 Subject: [PATCH] rsa_oracle --- rsa_oracle/password.enc | 1 + rsa_oracle/secret.enc | Bin 0 -> 64 bytes rsa_oracle/sol.py | 40 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 41 insertions(+) create mode 100755 rsa_oracle/password.enc create mode 100755 rsa_oracle/secret.enc create mode 100755 rsa_oracle/sol.py diff --git a/rsa_oracle/password.enc b/rsa_oracle/password.enc new file mode 100755 index 0000000..699dcd0 --- /dev/null +++ b/rsa_oracle/password.enc @@ -0,0 +1 @@ +1765037049764047724348114634473658734830490852066061345686916365658618194981097216750929421734812911680434647401939068526285652985802740837961814227312100 \ No newline at end of file diff --git a/rsa_oracle/secret.enc b/rsa_oracle/secret.enc new file mode 100755 index 0000000000000000000000000000000000000000..8ceaa60ec8c61441230c4034ca462aa84c1984e3 GIT binary patch literal 64 zcmV-G0KflJVQh3|WM5xF%w(>JH%oL7Z?RJ@QtZgFr*oxhq$_E(DUJ>LQSgAbuXHNA WB>d6i_g8Ur&QW)$v<0T0UQqzouODUr literal 0 HcmV?d00001 diff --git a/rsa_oracle/sol.py b/rsa_oracle/sol.py new file mode 100755 index 0000000..f3af345 --- /dev/null +++ b/rsa_oracle/sol.py @@ -0,0 +1,40 @@ +#!/home/maxime/.pyvenv/bin/python3 +from pwn import * + +conn = remote("titan.picoctf.net", 61532) + +conn.recvuntil(b"decrypt. \n") +conn.sendline(b"e") +conn.recvuntil(b"size): ") +conn.sendline(b"\x02") + +conn.recvuntil(b"Hex m: ") +encoded_modifier = conn.recvline() + +if not int(encoded_modifier, 16) == 2: + log.error("modifier does not match encoded modifier!") + +conn.recvuntil(b"mod n) ") +encrypted_modifier = int(conn.recvline()) + +with open("password.enc") as f: + password_enc = int(f.read()) + +conn.recvuntil(b"decrypt. \n") +conn.sendline(b"d") +conn.recvuntil(b"decrypt: ") +conn.sendline(str(password_enc * encrypted_modifier).encode()) +conn.recvuntil(b"mod n): ") +password_modified_hex = int(conn.recvline(), 16) +conn.recvuntil(b"text: ") +password_modified = conn.recvline() + +if not password_modified == pack(password_modified_hex, 'all', 'big', False): + log.error("received modified password does not match hex!") + +password = password_modified_hex // 2 +if not password_modified_hex % 2 == 0: + log.error("modifier does not divide modified password!") +password = pack(password, 'all', 'big', False) +log.success("found password: {}".format(password)) +