RsaCtfTool

Challenges Crypto Hack The Box No Comments
Three files: pubkey.pem,key,flag.txt.aes. 
flag.txt encrypted by AES with key, and the key encrypted by RSA.

https://en.wikipedia.org/wiki/ROCA_vulnerability
kali@kali:~/HTB/challenges/Crypto/RsaCtfTool/challenge$ ../../RsaCtfTool-master/RsaCtfTool.py --public "*.pem" --isroca
private argument is not set, the private key will not be displayed, even if recovered.
[-] Details for pubkey.pem:
[-] Public key pubkey.pem: is not roca, you are safe
kali@kali:~/HTB/challenges/Crypto/RsaCtfTool/challenge$ ../../RsaCtfTool-master/RsaCtfTool.py  --public "*.pem" --dumpkey
private argument is not set, the private key will not be displayed, even if recovered.
Details for pubkey.pem:
n: 1128137999850045612492145429133282716267233566834715456536184965477269592934207986950131365518741418540788596074115883774105736493742449131477464976858161587355643311888741515506653603321337485523828144179637379528510277430032789458804637543905426347328041281785616616421292879871785633181756858096548411753919440011378411476275900648915887370219369154688926914542233244450724820670256654513052812215949495598592852131398736567134556141744727764716053145639513031
e: 65537
kali@kali:~/HTB/challenges/Crypto/RsaCtfTool/challenge$ 

checked n at http://factordb.com 
n=p^3
p=10410080216253956216713537817182443360779235033823514652866757961082890116671874771565125457104853470727423173827404139905383330210096904014560996952285911

from Crypto.Util.number import *
from Crypto.PublicKey import RSA
from Crypto.Cipher import AES

with open('pubkey.pem') as f:
    pk = RSA.import_key(f.read())

print(pk.n)
# n = p^3
p = 10410080216253956216713537817182443360779235033823514652866757961082890116671874771565125457104853470727423173827404139905383330210096904014560996952285911

phi = p * p * (p-1)
#Return the inverse of u mod v.
d = inverse(pk.e, phi)

with open('key') as f:
    k = bytes.fromhex(f.read())

with open('flag.txt.aes', 'rb') as f:
    c = f.read()
c = c[:-1]
#Convert a byte string to a long integer.
k = bytes_to_long(k)
k = pow(k, d, pk.n)
k = long_to_bytes(k)
print(k)
print(len(k))
print(len(c))

cipher = AES.new(k, AES.MODE_ECB)
m = cipher.decrypt(c)
print(m)
kali@kali:~/HTB/challenges/Crypto/RsaCtfTool/challenge$ python3 getflag.py 
1128137999850045612492145429133282716267233566834715456536184965477269592934207986950131365518741418540788596074115883774105736493742449131477464976858161587355643311888741515506653603321337485523828144179637379528510277430032789458804637543905426347328041281785616616421292879871785633181756858096548411753919440011378411476275900648915887370219369154688926914542233244450724820670256654513052812215949495598592852131398736567134556141744727764716053145639513031
b'secretkey\x96\x1dW\xbe\xc09<'
16
32
b'HTB{pl4y1ng_w1th_pr1m3s_1s_fun!}'
kali@kali:~/HTB/challenges/Crypto/RsaCtfTool/challenge$

Proudly powered by WordPress & Skyrocket Themes

MENU

Navigation