flag.enc를 decrypt하고 flag를 획득하는 문제
1. Weak_RSA.zip 파일 정적분석
┌──(root💀kali)-[/backup/workspace/htb/crypto]
└─# file Weak_RSA.zip 80 ⨯
Weak_RSA.zip: Zip archive data, at least v2.0 to extract, compression method=deflate
┌──(root💀kali)-[/backup/workspace/htb/crypto]
└─# unzip Weak_RSA.zip
Archive: Weak_RSA.zip
[Weak_RSA.zip] flag.enc password:
inflating: flag.enc
inflating: key.pub
┌──(root💀kali)-[/backup/workspace/htb/crypto]
└─# file flag.enc
flag.enc: data
┌──(root💀kali)-[/backup/workspace/htb/crypto]
└─# file key.pub
key.pub: ASCII text
┌──(root💀kali)-[/backup/workspace/htb/crypto]
└─# cat key.pub
-----BEGIN PUBLIC KEY-----
MIIBHzANBgkqhkiG9w0BAQEFAAOCAQwAMIIBBwKBgQMwO3kPsUnaNAbUlaubn7ip
4pNEXjvUOxjvLwUhtybr6Ng4undLtSQPCPf7ygoUKh1KYeqXMpTmhKjRos3xioTy
23CZuOl3WIsLiRKSVYyqBc9d8rxjNMXuUIOiNO38ealcR4p44zfHI66INPuKmTG3
RQP/6p5hv1PYcWmErEeDewKBgGEXxgRIsTlFGrW2C2JXoSvakMCWD60eAH0W2PpD
qlqqOFD8JA5UFK0roQkOjhLWSVu8c6DLpWJQQlXHPqP702qIg/gx2o0bm4EzrCEJ
4gYo6Ax+U7q6TOWhQpiBHnC0ojE8kUoqMhfALpUaruTJ6zmj8IA1e1M6bMqVF8sr
lb/N
-----END PUBLIC KEY-----
┌──(root💀kali)-[/backup/workspace/htb/crypto]
└─# cat flag.enc
�_�vc[��~�kZ�1�Ĩ�4�I�9V�ֿ�^G���(�+3Lu"�T$���F0�VP�־j@�����|j������{¾�,�����YE�����Xx��,��c�N&Hl2�Ӎ��[o��
- public key와 암호화된 텍스트 문서 확인
- 암호화된 텍스트 문서를 복호화하기 위해선 private key가 필요함
2. RsaCtfTool을 이용하여 복호화
┌──(root💀kali)-[/backup/workspace/htb/crypto/RsaCtfTool]
└─# python3 RsaCtfTool.py --publickey ../key.pub --decryptfile ../flag.enc
private argument is not set, the private key will not be displayed, even if recovered.
['../key.pub']
[*] Testing key ../key.pub.
attack initialized...
attack initialized...
[*] Performing smallq attack on ../key.pub.
[+] Time elapsed: 0.3282 sec.
[*] Performing fibonacci_gcd attack on ../key.pub.
100%|██████████████████████████████████████████████████████████████████| 9999/9999 [00:00<00:00, 92282.81it/s]
[+] Time elapsed: 0.6812 sec.
[*] Performing rapid7primes attack on ../key.pub.
[+] loading prime list file data/ea229f977fb51000.pkl.bz2...
loading pickle data/ea229f977fb51000.pkl.bz2...
100%|██████████████████████████████████████████████████████████████| 61174/61174 [00:00<00:00, 1092741.89it/s]
[+] loading prime list file data/fbcc4333b5f183fc.pkl.bz2...
loading pickle data/fbcc4333b5f183fc.pkl.bz2...
100%|██████████████████████████████████████████████████████████████| 21048/21048 [00:00<00:00, 1176556.10it/s]
[+] Time elapsed: 0.4627 sec.
[*] Performing system_primes_gcd attack on ../key.pub.
100%|█████████████████████████████████████████████████████████████████| 7007/7007 [00:00<00:00, 708282.84it/s]
[+] Time elapsed: 0.0367 sec.
[*] Performing pastctfprimes attack on ../key.pub.
[+] loading prime list file data/ti_rsa_signing_keys.txt...
100%|█████████████████████████████████████████████████████████████████████| 34/34 [00:00<00:00, 493447.53it/s]
[+] loading prime list file data/pastctfprimes.txt...
77%|█████████████████████████████████████████████████████▊ | 93/121 [00:00<00:00, 4627.44it/s]
[*] Attack success with pastctfprimes method !
[+] Total time elapsed min,max,avg: 0.0367/0.6812/0.3772 sec.
Results for ../key.pub:
Decrypted data :
HEX : 0x000221cfb29883b06f409a679a58a4e97b446e28b244bbcd0687d178a8ab8722bf86da06a62e042c892d2921b336571e9ff7ac9d89ba90512bac4cfb8d7e4a3901bbccf5dfac01b27bddd35f1ca55344a75943df9a18eadb344cf7cf55fa0baa7005bfe32f41004854427b73316d706c335f5769336e3372735f34747434636b7d
INT (big endian) : 1497194306832430076266314478305730170974165912795150306640063107539292495904192020114449824357438113183764256783752233913408135242464239912689425668318419718061442061010640167802145162377597484106658670422900749326253337728846324798012274989739031662527650589811318528908253458824763561374522387177140349821
INT (little endian) : 22546574266225300968123857704721191858671593287972919965619572675918636257464402082642870677657579044805501825719744981953609630743396909394906721219496019830622451770590549653716476856077849644487076110495020954617170743371827481017047908786316114794508942268154434710618690751442928771926238749045133355844096
STR : b'\x00\x02!\xcf\xb2\x98\x83\xb0o@\x9ag\x9aX\xa4\xe9{Dn(\xb2D\xbb\xcd\x06\x87\xd1x\xa8\xab\x87"\xbf\x86\xda\x06\xa6.\x04,\x89-)!\xb36W\x1e\x9f\xf7\xac\x9d\x89\xba\x90Q+\xacL\xfb\x8d~J9\x01\xbb\xcc\xf5\xdf\xac\x01\xb2{\xdd\xd3_\x1c\xa5SD\xa7YC\xdf\x9a\x18\xea\xdb4L\xf7\xcfU\xfa\x0b\xaap\x05\xbf\xe3/A\x00HTB{s1mpl3_Wi3n3rs_4tt4ck}'
PKCS#1.5 padding decoded!
HEX : 0x004854427b73316d706c335f5769336e3372735f34747434636b7d
INT (big endian) : 116228445871869252378692588205079217110932931184359462733572989
INT (little endian) : 51594582506285564025554597946778804341308607376857173453085886464
utf-8 : HTB{s1mpl3_Wi3n3rs_4tt4ck}
STR : b'\x00HTB{s1mpl3_Wi3n3rs_4tt4ck}'
'네트워크 보안 > CTF' 카테고리의 다른 글
| [pwnable] pwnable.kr collision (hash function, hash collision, md5 hash collision) (0) | 2024.09.11 |
|---|---|
| [pwnable] pwnable.kr fd (0) | 2024.09.11 |
| [Web] webhacking.kr 3번 (0) | 2022.05.27 |
| [Web] webhacking.kr 1번 (0) | 2022.05.27 |
| [Pwn] SelfReference/ Radare2 (0) | 2022.05.05 |