from Crypto.Util.number import bytes_to_long, getPrime from gmpy2 import * from secret import flag m = bytes_to_long(flag) p = getPrime(128) q = getPrime(128) n = p * q e = 65537 c = pow(m,e,n) print(n,c) # 62193160459999883112594854240161159254035770172137079047232757011759606702281 # 17331436837911040930486942133359735652484926528331507431552667656734821231501
常规rsa题解,分解p,q就行了,代码就不详细写了
[Week1]你想学密码吗?
执行代码就行了
[Week1]XXXOOORRR
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
from flag import flag from Crypto.Util.number import * import os
randBytes = [bytes_to_long(os.urandom(64)) for _ in range(3)] m = bytes_to_long(flag)
''' a = 1215421974111272707828609697064234072332368362928440865251897449605952163161176359366553487776268706107760670434157083936287598207881176904763353849369234 b = 10533604054267448009117468094542127075826310122733511023911022436253583775790861879410728001403728088545946257902341417532648419689212361977221573357292618 c = 6401236597601556248960570084212025183497657335932789785351897915858852832577623776212842429736547820800219382515052263929074210010546149322465536545021479 d = 5711309307698496426409561761492698639489294806611133698231840146911562848869711567477706456972659368849642409039245400981517493100724067475248620536111560 '''
了解异或的性质就行了
1 2 3 4 5 6 7 8 9 10 11 12
from Crypto.Util.number import * import os
a = 1215421974111272707828609697064234072332368362928440865251897449605952163161176359366553487776268706107760670434157083936287598207881176904763353849369234 b = 10533604054267448009117468094542127075826310122733511023911022436253583775790861879410728001403728088545946257902341417532648419689212361977221573357292618 c = 6401236597601556248960570084212025183497657335932789785351897915858852832577623776212842429736547820800219382515052263929074210010546149322465536545021479 d = 5711309307698496426409561761492698639489294806611133698231840146911562848869711567477706456972659368849642409039245400981517493100724067475248620536111560
# c = b'y\xba\xba\xea\xc7\x11\xc2\xc7\xcb\xd8ZV\xd8ZVp\xb1\xb1\xd8\x19\xa4V\xa4\x19\x8aM\xa83g\xd8&\x19\xdc'
仿射密码
求出a,b
1 2 3 4 5
r a in range(2**3,2**4): for b in range(2**7,2**8): if encrypt(b'NSSCTF',a,b,1<<8)==c[0:6]: print(a) print(b)
写逆向解密
1 2 3 4 5 6 7 8 9 10 11 12 13 14
from string import * import gmpy2 c = b'y\xba\xba\xea\xc7\x11\xc2\xc7\xcb\xd8ZV\xd8ZVp\xb1\xb1\xd8\x19\xa4V\xa4\x19\x8aM\xa83g\xd8&\x19\xdc' messaget=b'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-{}_' def encrypt(message,a,b,m): return bytes([(i*a+b)%m for i in message]) from Crypto.Util.number import * a=13 b=131 m=1<<8 def decrypt(message,a,b,m): return bytes([(i-b)*gmpy2.invert(a,m)%m for i in message]) print(decrypt(c,a,b,m)) NSSCTF{This_is_affine_encryption}
[WEEK2]littleLattice
简单格密码
1 2 3 4 5 6
h = 26523576589113781532769165293024254940419790396713708680496148398686334583553504180195363282085884580924842673123375450894537445679687851322807762432476357713740302064160599132450619363411158141423252170448770929403179895813409897048848337375715079396639330537231353596884530617911351334318435031007342479134081403319324838464987064025256038807217697133175585927493402963025439540077915248356077623612217525231722274634984400273765262532561558296870531741633238736650375250957780701118781183335729715295271752736307479795186963108377228330313771245434127095507278278768792281414702334956407755841000748255424212840137 p = 29908110980126088961686288727545150169450107297750996656924523214377817308111189721234667959695817050736874247951762130190209278324144437406652857446810518839546701950883392761869656586963587376306050382973323860395932741791372333809871487575268245618618143456971257992301722141464238875859134379745122404533776003095129169004284619647906206323263396219776072091827094295366090100037898314156271404760715453914459484087562963158208356228410105170495322276351631637885450926240143055767142216931354736779666836018983658010126520397012025067407223630891975504746697630878807952266767406899527721170062789607980517722293
L = matrix(ZZ, [[1, h],[0, p]]) v = L.LLL()[0] print(v)
c1=b'\r?\xd7\xde\x8f(\xd8\xce-\xe91_*2\xdfJ{\xfe\xe6\xc8\xcf\x08\xfd\xb6\x7f\xe1<\xbby\xa4\xdc6YVVWPPRPUPTSQHW__WUQT' print(c1[33:53]) c2=c1[33:53] #for i in c2: #print(chr(i^102),end='') t='001664636257.1991372' s='NSSCTF{' random.seed(md5((s+t).encode()).hexdigest()) rnd = [random.getrandbits(8) for _ in range(33)] #for i in range(33): # print(chr(c1[i]^rnd[i]),end='') flag='NcnSmPiltSetTniFJw}akhtaC{_s_iu__'
求出打乱的明文,然后要找出key,因为NSSCTF{}位置固定,然后可以爆破出密钥位置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
from itertools import permutations lst = [''.join(p) for p in permutations('23456789')] for i in tqdm(range(len(lst))): lst1=lst[i] k1 = [1] for j in lst1: k1.append(int(j)) if len(k1)==9: enc = 'NSSCTF{flagflagflagflagflagflagf}' for i in range(128): h = [[enc[j] for j in range(i[1], len(enc), len(k1))] for i in[_ for _ in sorted(zip(k1, range(len(k1))))]] enc = mix(enc,k1) if enc[25]=='{'and enc[18]=='}' and enc[24]=='C'and enc[12]=='T'and enc[15]=='F' and enc[3]=='S'and enc[9]=='S': print(k1)
import random from functools import reduce from tqdm import tqdm from time import time as tm from hashlib import md5 ''' k=[1, 2, 3, 4, 5, 6, 7, 8, 9] print(len('NcnSmPiltSetTniFJw}akhtaC{_s_iu__')) mix = lambda msg,k:''.join(reduce(lambda a,b:a+b,[[msg[j] for j in range(i[1],len(msg),len(k))] for i in [_ for _ in sorted(zip(k, range(len(k))))]])) #[[msg[j] for j in range(i[1],len(msg),len(k))] for i in [_ for _ in sorted(zip(k, range(len(k))))]] enc1='NcnSmPiltSetTniFJw}akhtaC{_s_iu__' enc='NSSCTF{flagflagflagflagflagflagf}' for i in range(128): h = [[enc[j] for j in range(i[1], len(enc), len(k))] for i in [_ for _ in sorted(zip(k, range(len(k))))]] enc = mix(enc,k)
enc='NcnSmPiltSetTniFJw}akhtaC{_s_iu__' h1 = [[enc[j] for j in range(i[1], len(enc), len(k))] for i in [_ for _ in sorted(zip(k, range(len(k))))]] print(enc.index('F')) k1=[1] ''' ''' from itertools import permutations lst = [''.join(p) for p in permutations('23456789')] for i in tqdm(range(len(lst))): lst1=lst[i] k1 = [1] for j in lst1: k1.append(int(j)) if len(k1)==9: enc = 'NSSCTF{flagflagflagflagflagflagf}' for i in range(128): h = [[enc[j] for j in range(i[1], len(enc), len(k1))] for i in[_ for _ in sorted(zip(k1, range(len(k1))))]] enc = mix(enc,k1) if enc[25]=='{'and enc[18]=='}' and enc[24]=='C'and enc[12]=='T'and enc[15]=='F' and enc[3]=='S'and enc[9]=='S': print(k1) ''' k=[1, 6, 8, 5, 9, 7, 2, 4, 3] mix = lambda msg,k:''.join(reduce(lambda a,b:a+b,[[msg[j] for j in range(i[1],len(msg),len(k))] for i in [_ for _ in sorted(zip(k, range(len(k))))]])) enc='NcnSmPiltSetTniFJw}akhtaC{_s_iu__' for i in range(128): h = [[enc[j] for j in range(i[1], len(enc), len(k))] for i in [_ for _ in sorted(zip(k, range(len(k))))]] enc = mix(enc,k) print(enc) #NSSCTF{Just_within_a_Planck_time}
[WEEK2]RSA again
常规rsa
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
import gmpy2 import libnum def de(c, e, n): k = 0 while True: mm = c + n*k result, flag = gmpy2.iroot(mm, e) if True == flag: return result k += 1 n = 19920284552214772740140135352548541831031690920425912140961436065508824546041514076016684238261995522677433833330399269923572993489681770913908642529489382472548548664350078176417366141695108301338793624641102311886122714705781923892243561473766978666116035403145672686443197319003393949350402512739343998236331447680561106899174404316265329944969786438022711742891334905159259854026408058542492105569778656883811323759583727586331462200020945101286801110840081277963013591342157754264111051785385892113635682519079401538045775697382691195557344630571694510115674941400112478156619785019370731073096018975390492287333 c = 1752041777918702842605810950957832076618830231626916748933875881505173164404519153781007066742915517004902508987841695668088780745675304779496841107726530280651344357647334690721873124324358539328142005709830859468027528835981960873390785515876157664035579935532043154959183555353553164481674735512873428044452976229459806219115571797514157279125 e=3 m=de(c,e,n) print(m) print(libnum.n2s(int(m))) NSSCTF{Key_should_not_be_too_small}
from Crypto.Util.number import * from secret import flag
pad = lambda x:x + bytes([16 - len(x)%16] * (16 - len(x)%16)) m = bytes_to_long(pad(flag)) p = getPrime(100) q = getPrime(100) n = p*p*q*q e = 0x10001 c = pow(m,e,n)
''' n = 564070152909085514893862673848191100242629745476416876533996976389897932324860687952230733393080567203972999049426141761 c = 269509453821913281608300827585653465889617103481995203776655691658799441157871331220899710463748827149644657719450056013 e = 65537 '''
和强网杯的ASR类似,先分解n,之后对phi处理
1 2 3 4 5 6 7 8 9 10 11 12 13
import gmpy2 from Crypto.Util.number import * import sympy p = 709662686105519282917793669093 q = 1058314117179226194777612760717 n = 564070152909085514893862673848191100242629745476416876533996976389897932324860687952230733393080567203972999049426141761 c = 269509453821913281608300827585653465889617103481995203776655691658799441157871331220899710463748827149644657719450056013 e = 65537 phi=(p-1)*(q)*(p)*(q-1) d=gmpy2.invert(e, phi) m=pow(c,d,n) print(long_to_bytes(m)) NSSCTF{You_should_use_tool}
[WEEK2]solve_the_equation
解方程呗
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
from Crypto.Util.number import bytes_to_long, getPrime from gmpy2 import * from flag import flag m = bytes_to_long(flag) p = getPrime(2048) q = getPrime(2048) n = p * q e = 65537 gift = 2022 * p + 9 * q + 28 * e c = pow(m,e,n) print(n,c,gift) # 559013759419746202691240598235115105126834606071307611491891982898293133657843987454339580258031532272691584368719342942404675509580909313170933925796189789232538297110756754383546447669571766593521267667716779348776308179675709803388978100416839504625045239819627379469827980589668625084314985969634985583431058156810528172627873121320455715399011186280324236548934145366222271636328254497851289112650375015433741699898290781472376090171361276557886637892800404830030548291487615566596504234212554381817510798554015481259307992175226543595948798873846335558746933940683482819439715578130806800536423771482474206047548549237879025655562739463111822524633757040958223066367993671472508367287181357997804485542311011003871312708995599690715923692968372474814753669031805664070760705148563294700043336457334028810890271434599241312612447640877347296648737167576464851763570272180801042067934843953206083053874624644994067168364645748243999074053494066054657595233970985982095621265309066132852511490426399921749091156312387594448586826952283581592003247165562367202134878625798756167825941929996806801073247649667626854029875184014003650020610359836971629737204456239324237077361643697429780638179887750984791035339697744210904151734797 # 73407318923483936681380982096598838839602514018601041044571793373013418096970487001956204920233481604663088115926046001478564679328045899017826536373925483312496867862798918521256833686293905627264784839084309695013473729502056597198558911052248943918139429481528120149662544426266704140382476129564563832751550189116712164319522536680400998100426969878312141399338984622535922004572374724499994480294086487511972287034778386491943792466926044305651852709046949243652756946391206931252732067537917128777152678266816232179411054474713462051435447023851233892017069674808619784767176865947753180156093197684363218543237706358137237603822953178987601908200096630034921280599733190041134038060644827637374731999991143342404380959195318030935855850625849684867326087432054830971960076859722417639414733054394674533018860606074648324450983897579183842853010968597034663149214229791831193351337193195298921766564073265470525286769595835642479920483047959570057149110246705969802722576770273329236163660486942433423522588321736639231667766680582482974393228214947178327111783901303686854030864244720750585928819691608599558058859371899416709995780300197269497143959726959313506292966639680257096421491364629690813416340577056873916752193925 # 63829120016023768052886024054478552450378183173692549289836790500844466624984770449526584263524969873611417764466777251459739549064993441916734929304056657281688756040121378172997367361118927461471925755841160032723693319039128805185488328610549652307644061769088611063117016010827595409949224043526660999362737741312450095192593608666286680915796697255817583078927076945852260612453896867746751729217633935143780193497702898684210698859292191506586139420497299988065973759272644964857853100511651254633164029275099534568064491202987945733565755982565356202756330311841048849063747767451397616638500281324618902190280761
import hashlib plaintext = 'flag{#00#_P4ssw0rd_N3v3r_F0rg3t_63####}' md5 = 'ac7f4d52c3924925aa9c8a7a1f522451' h='ABCDEFGHIJKLMNOPQRSTUVWSYZ' z='abcdefghijklmnopqrstuvwsyz' t="0123456789" y=[] h1='' for m in t: for a in t: for b in t: for c in t: h1=str(m)+str(a)+str(b)+str(c) y.append(h1)
for z in y: plan='flag{G'+str(0)+str(0)+'d_P4ssw0rd_N3v3r_F0rg3t_63'+z+'}' m = hashlib.md5()
m.update(plan.encode("utf-8")) psw = m.hexdigest() if psw[0:4]=='ac7f': print(plan) flag{G00d_P4ssw0rd_N3v3r_F0rg3t_638291}
[WEEK2]mathRSA
解方程一把梭
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
import sympy,gmpy2 from Crypto.Util.number import * n = 76236418318712173274495941060488893810931309177217802334230599201457092723011685048556311576262486371987147895332408646920500226769161418792142565209634495797142268681403865426056588605013602625268553194169434049817172340173907696496945054049859221379092764811535206778031226535614731731322630330166833765943 e = 65537 c = 7207616060389865156270906240837846478541820008527247539698331406253371238674590766101711421196342768182325013873320402422918804780590951789425587131632422554819735000106070325708057225062376701298825910565526713270553888227235612227223162695870584803109353377288421750982913226189395526612487664144379690552 h = 130285072635228037239175162118613869214302695058325046962039091162567931492116336918638092534964417960274466351834311039222269165021532950982276262717322395682559639859781516047319178212473103057947426886870612637975024605166325017663998263834789814181250953051730859433354534450232382414565421858172075431133498326501045697132640582932453817599366612200146802110424409285814189125929844293789544163802323048780585398714263586547670912817768592459281775837372982750626103047573532664320692775783627129463700810934670066747044799514243631607384814191188276380589420289084574680852618867732847029105400406874790675559126905078326495799755425006555539699119063191489852930421412630857588890593040420277938268954008973405431053073576987401154763326417551463323055736754390446 p,q=sympy.symbols('p q') a=sympy.solve([p*q-n,p**5 - q**4-h],[p,q]) print(a) p=10543357481374908938696626650832667304979816176891429562773232136754485382413647547320866232418359800743787286242710171986152592431595912519025867918658127 q=7230753434414569972828808651891325142186523078619542872286840414394373161212272545789342965212718184298307353595004152854764254216044770456139231711296409 phi=(p-1)*(q-1) d=gmpy2.invert(e, phi) m=pow(c,d,n) print(long_to_bytes(m)) flag{6d21f18a-831d-4834-8cef-5e47218bc3ce}
[WEEK3]Binomials
二项式定理的简单运用
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
from Crypto.Util.number import * import sympy,gmpy2 N = 0xa65149a38fe4784da050db9390c5cc5d4b9ef376b40e6919b487aadec0bd4c6e683205f3bf1d6bb51fceb9e14965305183229184ec69b4e22b467ad2c08337e81a54219dd40160c9d84a4abdf95e05121a11737570b0924ed8941390a3e1fae259f745b76f4a0a23ece5cbcbda5269d7312329b105cd255d2a2ffaf905d32b6b42e64f1bd67039f526789e9065b41a9426a1e9a6e65746af7c4ca343ddbf1392073b566a37c2e66edeef47ecc4629dee6fa4f5dc839ffa6b2647eb0b6dced42bff46653e7205bf37e89d4c417fd41cf8d315448e593f08e2d1e8d7c4b299ce35f59bf45830f9efdaaf51f726e4466ef0fb583d8c6285b6a04477eba429a7fb81
from Crypto.Util.number import * flag=[2621989131, 3787180668, 3050712017, 2738150252, 2743015085, 1990056851, 3435226108, 3309324691, 2484065947, 2170352847, 17662838, 230793617, 4112227317, 3496092809, 3496092809, 3496092809] def Shift(y): y = y ^ y >> 11 y = y ^ y << 4 & 2636928640 y = y ^ y << 5 & 4022730752 y = y ^ y >> 14 return y&0xffffffff
m = [] def Encode(msg): enc = msg for _ in range(114514): enc = Shift(enc) return enc def inverse_right(res, shift, bits=32): tmp = res for i in range(bits // shift): tmp = res ^ tmp >> shift return tmp def inverse_right_mask(res, shift, mask, bits=32): tmp = res for i in range(bits // shift): tmp = res ^ tmp >> shift & mask return tmp def inverse_left(res, shift, bits=32): tmp = res for i in range(bits // shift): tmp = res ^ tmp << shift return tmp def inverse_left_mask(res, shift, mask, bits=32): tmp = res for i in range(bits // shift): tmp = res ^ tmp << shift & mask return tmp def nixiang(m): m = inverse_right(m, 14) m = inverse_left_mask(m, 5, 4022730752) m = inverse_left_mask(m, 4, 2636928640) m = inverse_right(m, 11) return m def dncode(msg): enc = msg for _ in range(114514): enc =nixiang(enc) return enc for i in flag: print(str(long_to_bytes(dncode(i)))) #NSSCTF{Do_y0u_1ike_sssSS5SsSS55hifttt4Tt4tt44TTT}
import Crypto.PublicKey.RSA as rsa import gmpy2 from Crypto.Util.number import * from Crypto.Cipher import PKCS1_OAEP e = 65537 n_list = [0]*100 c_list = [0]*100 for i in range(0,100): with open("./attachment/{}.pem".format(i+1), 'rb') as x: public_key = rsa.importKey(x.read()) n_list[i] = public_key.n # print(public_key.e) with open("./attachment/msg{}".format(i+1),"rb") as f: c = f.read() c_list[i] = bytes_to_long(c) for i in range(0,99): for j in range(i+1,100): if(gmpy2.gcd(n_list[i],n_list[j]))!=1: common_f = gmpy2.gcd(n_list[i],n_list[j]) n = n_list[j] q = n // common_f d = gmpy2.invert(e,(q-1)*(common_f-1)) c = long_to_bytes(c_list[j]) privkey = rsa.construct((int(n), int(e), int(d), int(q), int(common_f))) key = PKCS1_OAEP.new(privkey) flag = key.decrypt(c) print(flag)
flag='2d38235cef311735894a7ca5c2f77e3d30e7ee1f1f0eeb2d60771d97cde0695f' from hashlib import sha256, md5 from Crypto.Cipher import AES from Crypto.Util.Padding import pad,unpad import os, sys, signal from Crypto.Util.number import * from itertools import * m='abcdef1234567890' perms = [''.join(p) for p in product(m,repeat=4)] per=[] for i in perms: a=int(i,16) per.append(long_to_bytes(a)) for i in per: try: ciphertext = bytes.fromhex(flag) key = md5(i).digest() cipher = AES.new(key, AES.MODE_ECB) decrypted = cipher.decrypt(ciphertext) if b'NSSCTF' in decrypted or b'nssctf' in decrypted or b'flag' in decrypted: print(decrypted) except: pass
alphabet = "0123456789aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpP" out="0gpnO5ffI310EEjF3LeHCf7LC7HnfhIN0LMK1E79Gdf1dFCN93nBL35eJfKMhkAM000000000000000008fb46HFH4pA4GKI" out1=out[0:32] out2=out[32:64] out3=out[64:] print(out1)#print(out2) #print(out3) import sympy from Crypto.Util.number import * btl = lambda a:sum((v*256**i)for i,v in enumerate(a[::-1])) h=0 for i in range(len(out1)): if out1[1]=='0': continue else: h=h*42+alphabet.index(out1[i]) print(long_to_bytes(h)) h=0 for i in range(len(out1)): if out1[1]=='0': continue else: h=h*42+alphabet.index(out2[i]) print(long_to_bytes(h)) h=0 for i in range(len(out1)): if out1[1]=='0': continue else: h=h*42+alphabet.index(out3[i]) print(long_to_bytes(h)) b'NSSCTF{N0w_y0u_c4n_d3' b'sign_crypt0_syst3m_by' b'_y0urs3lf}'
# p = 9605964225476901441398365225327926616880072280289780777971846998748464126891804587377933727304510424852546683782576240573278202121547956666293242671661056 n = 96928253979490973984593903132811649229014718994486532280648145898877952846656019305217095845257550421730063527538581223570539203247068060192535543753763017716750817560470547219370972835770943358384150269303529653434434525449357699107332781898776312692702549420939758722366794431784782973884379040574148608179 e = 65537 c = 2226099021169425534206121605501718994593261953280046899345810118356590881389142531649792348146129153474985003929407172972982275439970723778495455838452638879586163957468972518078320159354264971816842073874550773309020013613432004074760802192607651584906352686468143648939740004838208640531785439362344039075 # kbits = 128 # PR.<x> = PolynomialRing(Zmod(n)) # f = x + p # x0 = f.small_roots(X=2^kbits, beta=0.4)[0] # print("x: %s" %hex(int(x0))) # p = p+x0 # print("p: ", hex(int(p))) # assert n % p == 0 # q = n/int(p) # print("q: ", hex(int(q)))
1 2 3 4 5 6 7 8 9 10 11 12 13
e = 65537 c = 2226099021169425534206121605501718994593261953280046899345810118356590881389142531649792348146129153474985003929407172972982275439970723778495455838452638879586163957468972518078320159354264971816842073874550773309020013613432004074760802192607651584906352686468143648939740004838208640531785439362344039075 n = 96928253979490973984593903132811649229014718994486532280648145898877952846656019305217095845257550421730063527538581223570539203247068060192535543753763017716750817560470547219370972835770943358384150269303529653434434525449357699107332781898776312692702549420939758722366794431784782973884379040574148608179 from Crypto.Util.number import * import gmpy2 p= 0xb768f99e33a5d8e8a3e1d4b605638b7a5f447e35d232c6b237b8ae4ec9bb417e36a09906d064cd8af7505f50d716460fc4e96336e8ca5b2fb9dfe9078c4c34ab q= 0xc0a8f755654474cfba542d5568477f452d4a95ed1e646004b1dc91fdb17b5fbd3e77f84d4a25f73d0e0ef72e295743e90cea7e5e128638529b031e6c12681419
from Crypto.Cipher import AES ct = b'\x179\xb8l\x97\xbew\xc2\xd5f~\x8e\xdc\xf2\x9b\xabR\xa9a\xd2\xf4\xde\xd6|\xd1\x9f\xe9q\x1d\xfcm\xfbj\xe9\x9e\xab\xf5fL\xb3\xb5_\xa5\x16\x8e\x7f\x9fV`\x8b\x16\xa1\xa6)\x08\x97\x91\xbd3\x1d\xeb\\\x86\xa2\xd6\x94>\xf3\xfdt\xd9\x14\xf3\xfc\xe2\x02\xd6\xc4\xcfq"\x1a\x14~2]4\x9f\xc9\x88\xf8\x12\xb6\xa2\xd7\xec\x0b\x7f\xd4d\xdc\xc6\xb4]\x10u\xc6f\x97m\xccA\x82\x02\xa5gh\x85\x85Wz\xd9.\xff\x9bx\x99J\x0e\x86\x16\x90\xad\x1e\x17\x86\x95\xb8S\x17\xea\x93v\xd0' out = [] for i in range(len(ct)//16): key = ct[16*i:16*i+16] cipher = AES.new(key, AES.MODE_ECB) next = cipher.decrypt(ct[16*i+16:16*i+32]) out.append(next) key = next print(out)
with open("output.txt",'r') as f: data = f.readlines()
for i in range(624): rc.submit(int(data[i])) for i in range(666-624): this_num = rc.predict_randrange(0, 4294967295) print(this_num) this_num = rc.predict_randrange(0, 4294967295) print(this_num)
c = '91fd1824ddc0a35e845e87f59e53a103334df418e6a65a7d7769699c3ca2119019361cd23a46a61d4e7f6cdff5f5200f586f90b66eabfd8ecff4ddf11ee444d37f80ada0bbe8af09e4fc32c1a51e3f29e2771b51c71d2ba4acb84fda61904b96' iv = bytes.fromhex(c[:32]) r = this_num key = bytes.fromhex(hex(r)[2:]) key = md5(key).digest() cipher = AES.new(key,AES.MODE_CBC,iv)
print(cipher.decrypt(bytes.fromhex(c[32:])))
[WEEK4]square
e = 16 直接求出所有可能的根,然后解密成明文即可
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
from Crypto.Util.number import * from gmpy2 import * # n = 0xcaea4e2db0dc68029999cdad792fa1f9142117163af28f3230f7500ef748841554141ef35555ba23b95dc87f4c83f75dad14b6204dd4907fb75650fa7799def911f077b945f359e345bb9350c4a8268906c547e95e5819ef44ff124566a88fa2174ddfe3e895016df0036b59a50c6efb78724bde5d16a8a5cae45c918f329e462d10abe56ecdfae95bd13665260d0e8b648540d11f2447eef9aef3ea370faaecaab4c82ec1fe2bc83f2ce1b2793d95187eb2637e75700ba9745c253e928a4a603139dbf6b8bbf8111900a58be21a269992a9744c0284cf8f3ad7a3b95106d17af6baceac1acf543e425dc6317ab7f799a8ce19633b22e709eacb5d74ce4b56f9 # c = 0x2700a92e463d1c5da073b38d075a2da57c89ff9d658066c0bd38391cc60259a4fc992f1a6f1c5756d6e5934831fc0fbf7bfd85607f0d18781d30a4ab485e119af4f08b5fe7bf927aeaf7572b05dfec764d6ddda2b247b9f6b731300ece4209606d94c5708388d6e8efc1fa6e9c0cdda41cee95eb4a6b053b862fc43e55648973863f9874ee79ce4408277c9dc38fb26b44880e58f054b957c64fcf0d39c1fd496ad2fc5f5e5e70ba41422a4d945da299b5a695a4b7013a1f9ae1b629e395ffb0942d783d6e6be1f0888dfcb02d0aa1e9b7076e952a339bdc60f044f598afa2da28a4d7f094b959c8a8fefd5a11d10971cd681722f6868cf15a200cb910c591e1 # # c= 0x2700a92e463d1c5da073b38d075a2da57c89ff9d658066c0bd38391cc60259a4fc992f1a6f1c5756d6e5934831fc0fbf7bfd85607f0d18781d30a4ab485e119af4f08b5fe7bf927aeaf7572b05dfec764d6ddda2b247b9f6b731300ece4209606d94c5708388d6e8efc1fa6e9c0cdda41cee95eb4a6b053b862fc43e55648973863f9874ee79ce4408277c9dc38fb26b44880e58f054b957c64fcf0d39c1fd496ad2fc5f5e5e70ba41422a4d945da299b5a695a4b7013a1f9ae1b629e395ffb0942d783d6e6be1f0888dfcb02d0aa1e9b7076e952a339bdc60f044f598afa2da28a4d7f094b959c8a8fefd5a11d10971cd681722f6868cf15a200cb910c591e1 # e = 16 # R.<x> = Zmod(n)[] # f = x^e-c # r1 = [int(i[0]) for i in f.roots()] # print(r1)
m_list = [25615677894578755047156343445844436265410029831929516816331615976442311723531561327119120421902137698702653352454485089340848821437391616202141872920071595012903043917129450415132281907851460389644978646684609345443875666422198491448869630433730250869349508030370580903892239207884756374806258109492943540694025256336359221536523445463701649424494112650847740223587312753305758484739299091282445005021428673424732397006712358416313791876278338631941370485282183820941394817190803527812730459595063525543676864011831621261546685501816080758863765608285760956408604370742317675113279260023090820056964546946448729327594, 24072367155045049121538350559452436123760625674850036887400917611963001043425277658590765669098038279032511209656766731851112555056082333560946068560958136635450354184400845466823159542498565735578284414677938847565345435268619941467830506642234170223615472540060479482250736366661339782825842222750498295373524349825492103059453842032165892523230350122381720065998495626851241149502139264262580869523661467741485311344845519374629180329037981137465862020038414285296394747359446242328488668743848790524262574489753290227188557314524093509983688354857005768464595599040661333002861275422817830930045336538934525600036, 22410284915869332915517353475405301781361874997511620014765307716896609134768752598582584704665037725485578318861190319579404022449775594129425860979978888272443446324093514666314685424695000601786686561006052411264877076748054463659902146625722029484456473027960815036305882742747518983542532772826030995019547403388699014520255435093536041121723793417289085198882108642039061716629900663673185654638085326455126099981185733763692003629409489559712215078372884665625160603972308815617077592138575143204160714378785745066118022886827674355196815158593721675680283188298853358878159695139190175292207533127255034143712, 19073979249275923038893403197873802702942330898221412935002649745044628810289760160906684289522634756719764289365141953863154441618860322921339033977398137618850126299000852728420859130729324165431279514548481361259733142809124530477420924010397665965873357195354849848588229804376977984636683366863855736325383167291647351033039353473600211555662607490573852684908975665488806129740839801624701017800394009286759153911158126133388953551250607486734408238163212404235716911901582709861984044176063401493384378563087390984887945676907220888380393998115118953005740848277298983697518540266717111840324178318373259180622, 6541698645302832008262940247970633562467698933708103881328966231397682913241801166212436132379502941982889063089343135477694379818531293280802838942673457394052917618128597686711422777122136224213699132136127984184142523613073960971448706423332584903476150835015731055304009403507778390169574742629087804368703460732998669837597738720119482937031238843681810088915673826941865000058898348157163412745731930147221176216054781442545666046969521342926260834211384338749444032842775055037996717706324772768300639435331444465728608728138351824860891626691575771833819130630414042360017020843812450263396637265856188996779, 3205392978709422131638989970439134484048154834417896801566308259545702588762808728536535717237099973217075033593294769761444798987616022072716011940092706740459597593035935748817596483156459787858292085678556934178998589674144027788967483808008221384893035002409765867586356465137237391263725336666912545674539224635947006350381657100183653370970052916966577574942540850391609413169837486108678775908040612978854230146027173812242615968810639269948453994001712077360000340772048949282903169743813031057524303619633090384498531518217898358044470466212973049159276790608859667179375865971339386811513282456974414033689, 1543310739533705925617992886392000141649404157079479928930698364479310680106283668528354752804099419670142142797718357489736266381309282641195804359113458377452689732728604948309122365352894654066694232006670497878530231153578549981039123791496080645734035490310101421641502841223416591980415886742445245320562278199153917811183250161553801969463496211873942707826153865579429980297598885519283561022464471692495018782367388201305439269182147692194807052336182457688766197384911522571492093138539383737422443508665545223427997090521479203257597269949688956374964379867051693054674285687711731173675479045294922577365, 61371688286799334113646730018045068199733683407922550237336739124912645060439058499419425524697266009247933120500549159620827721941790197719298587092412922043766127553554237087250302287324648718008153986587214189069868903229491954377520016520933768430955608165395350944256301087438742046756268637780718849807] for t in m_list: print(long_to_bytes(t))