# encrypt.py
from Crypto.Util.number import *
import Crypto.PublicKey.RSA as RSA
import os
N = 1024
def getTwinPrime(N):
while True:
p = getPrime(N)
if isPrime(p+2):
return p
def genkey(N = 1024):
p = getTwinPrime(N)
q = getTwinPrime(N)
n1 = p*q
n2 = (p+2)*(q+2)
e = long(65537)
d1 = inverse(e, (p-1)*(q-1))
d2 = inverse(e, (p+1)*(q+1))
key1 = RSA.construct((n1, e, d1))
key2 = RSA.construct((n2, e, d2))
if n1 < n2:
return (key1, key2)
else:
return (key2, key1)
rsa1, rsa2 = genkey(N)
with open("flag", "r") as f:
flag = f.read()
padded_flag = flag + "\0" + os.urandom(N/8 - 1 - len(flag))
c = bytes_to_long(padded_flag)
c = rsa1.encrypt(c, 0)[0]
c = rsa2.encrypt(c, 0)[0]
with open("key1", "w") as f:
f.write("%d\n" % rsa1.n)
f.write("%d\n" % rsa1.e)
with open("key2", "w") as f:
f.write("%d\n" % rsa2.n)
f.write("%d\n" % rsa2.e)
with open("encrypted", "w") as f:
f.write("%d\n" % c)
n1 = p*q
n2 = p*q + 2( p+q ) + 4
2( p+q ) = n2 - p*q - 4
p+q = ( n2 - n1 - 4 )/2
(p-1)*(q-1) in d1.
= p*q - ( p+q ) + 1
(p+1)*(q+1) in d1.
= p*q + ( p+q ) + 1
# twin_prime.py
from Crypto.Util.number import *
import Crypto.PublicKey.RSA as RSA
import os
n1 = 19402643768027967294480695361037227649637514561280461352708420192197328993512710852087871986349184383442031544945263966477446685587168025154775060178782897097993949800845903218890975275725416699258462920097986424936088541112790958875211336188249107280753661467619511079649070248659536282267267928669265252935184448638997877593781930103866416949585686541509642494048554242004100863315220430074997145531929128200885758274037875349539018669336263469803277281048657198114844413236754680549874472753528866434686048799833381542018876362229842605213500869709361657000044182573308825550237999139442040422107931857506897810951
n2 = 19402643768027967294480695361037227649637514561280461352708420192197328993512710852087871986349184383442031544945263966477446685587168025154775060178782897097993949800845903218890975275725416699258462920097986424936088541112790958875211336188249107280753661467619511079649070248659536282267267928669265252935757418867172314593546678104100129027339256068940987412816779744339994971665109555680401467324487397541852486805770300895063315083965445098467966738905392320963293379345531703349669197397492241574949069875012089172754014231783160960425531160246267389657034543342990940680603153790486530477470655757947009682859
e = long(65537)
p_q = (n2-n1-4)/2
phi_n1 = n1-p_q+1
phi_n2 = n1+p_q+1
d1 = inverse(e, phi_n1)
d2 = inverse(e, phi_n2)
key1 = RSA.construct((n1,e,d1))
key2 = RSA.construct((n2,e,d2))
c = 7991219189591014572196623817385737879027208108469800802629706564258508626010674513875496029177290575819650366802730803283761137036255380767766538866086463895539973594615882321974738140931689333873106124459849322556754579010062541988138211176574621668101228531769828358289973150393343109948611583609219420213530834364837438730411379305046156670015024547263019932288989808228091601206948741304222197779808592738075111024678982273856922586615415238555211148847427589678238745186253649783665607928382002868111278077054871294837923189536714235044041993541158402943372188779797996711792610439969105993917373651847337638929
c = key2.decrypt(c)
c = key1.decrypt(c)
c = long_to_bytes(c)
print c
'''
shpik@shpik:/ctf/MMA/crypt$ python twin_primes.py
TWCTF{3102628d7059fa267365f8c37a0e56cf7e0797ef}
ࠝ髀 0ݔм5듲E$K
麗hj@殁¾؈'(喠ﻫ¬a걅Ƅm¶ZLʔa
'''
'0x400 CTF > 0x401 MMA 1st 2015' 카테고리의 다른 글
| [Web] Global Page - 50pts (0) | 2016.09.05 |
|---|---|
| [Web] Get the admin password! - 100pts (0) | 2016.09.05 |
| [Web] Mortal Magi Agents - 300pts (0) | 2015.09.09 |
| [Web] Login as admin! - 30pts (0) | 2015.09.08 |
