def attack(self, publickey, cipher=[], progress=True):
"""
Pisano(mersenne) period factorization algorithm optimal for keys sub 70 bits in less than a minute.
The attack is very similar to londahl's
"""
Fib = Fibonacci(progress=progress)
with timeout(self.timeout):
try:
B1, B2 = (
pow(10, (ilog10(publickey.n) // 2) - 4),
0,
) # Arbitrary selected bounds, biger b2 is more faster but more failed factorizations.
try:
r = Fib.factorization(publickey.n, B1, B2)
except OverflowError:
r = None
if r is not None:
publickey.p, publickey.q = r
priv_key = PrivateKey(
int(publickey.p),
int(publickey.q),
int(publickey.e),
int(publickey.n),
)
return (priv_key, None)
return (None, None)
except TimeoutError:
return (None, None)
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Run attack with Euler method"""
if not hasattr(publickey, "p"):
publickey.p = None
if not hasattr(publickey, "q"):
publickey.q = None
# Euler attack
with timeout(self.timeout):
try:
try:
if (publickey.n - 1) % 4 == 0:
euler_res = self.euler(publickey.n)
else:
self.logger.error(
"[!] Public key modulus must be congruent 1 mod 4 to work with euler method."
)
return (None, None)
except:
return (None, None)
if euler_res and len(euler_res) > 1:
publickey.p, publickey.q = euler_res
if publickey.q is not None:
priv_key = PrivateKey(
int(publickey.p),
int(publickey.q),
int(publickey.e),
int(publickey.n),
)
return (priv_key, None)
except TimeoutError:
return (None, None)
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Same n huge e attack"""
if not isinstance(publickey, list):
return (None, None)
with timeout(self.timeout):
try:
if len(set([_.n for _ in publickey])) == 1:
n = publickey[0].n
e_array = []
for k in publickey:
e_array.append(k.e)
if (cipher is None) or (len(cipher) < 2):
self.logger.info(
"[-] Lack of ciphertexts, skiping the same_n_huge_e test..."
)
return (None, None)
# e1*s1 + e2*s2 = 1
_, s1, s2 = gcdext(e_array[0], e_array[1])
# m ≡ c1^s1 * c2*s2 mod n
plain = (
powmod(int.from_bytes(cipher[0], "big"), s1, n) *
powmod(int.from_bytes(cipher[1], "big"), s2, n)) % n
return (None, number.long_to_bytes(plain))
except TimeoutError:
return (None, None)
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Run attack with Pollard Rho"""
if not hasattr(publickey, "p"):
publickey.p = None
if not hasattr(publickey, "q"):
publickey.q = None
# pollard Rho attack
with timeout(self.timeout):
try:
try:
poll_res = self.pollard_rho(publickey.n)
except RecursionError:
print("RecursionError")
return (None, None)
if poll_res != None:
publickey.p = poll_res
publickey.q = publickey.n // publickey.p
if publickey.q is not None:
priv_key = PrivateKey(
int(publickey.p),
int(publickey.q),
int(publickey.e),
int(publickey.n),
)
return (priv_key, None)
except TimeoutError:
return (None, None)
except TypeError:
return (None, None)
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
if not hasattr(publickey, "p"):
publickey.p = None
if not hasattr(publickey, "q"):
publickey.q = None
# solve with z3 theorem prover
with timeout(self.timeout):
try:
try:
z3_res = self.z3_solve(publickey.n, self.timeout)
except:
self.logger.warning("[!] z3: Internal Error.")
return (None, None)
if z3_res and len(z3_res) > 1:
p, q = z3_res
publickey.p = p
publickey.q = q
if publickey.q is not None:
priv_key = PrivateKey(
int(publickey.p),
int(publickey.q),
int(publickey.e),
int(publickey.n),
)
return (priv_key, None)
else:
return (None, None)
except TimeoutError:
return (None, None)
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Run attack with Pollard P1"""
if not hasattr(publickey, "p"):
publickey.p = None
if not hasattr(publickey, "q"):
publickey.q = None
with timeout(self.timeout):
try:
# Pollard P-1 attack
try:
poll_res = self.pollard_P_1(publickey.n, progress)
except RecursionError:
return (None, None)
if poll_res and len(poll_res) > 1:
publickey.p, publickey.q = poll_res
if publickey.q is not None:
priv_key = PrivateKey(
int(publickey.p),
int(publickey.q),
int(publickey.e),
int(publickey.n),
)
return (priv_key, None)
except TimeoutError:
return (None, None)
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Try to uncipher c if m < n/e and small e"""
with timeout(self.timeout):
try:
if publickey.e == 3 or publickey.e == 5:
plain = []
if (cipher is None) or (len(cipher) < 1):
self.logger.info(
"[-] No ciphertexts specified, skiping the cube_root test..."
)
return (None, None)
for c in cipher:
cipher_int = int.from_bytes(c, "big")
low = 0
high = cipher_int
while low < high:
mid = (low + high) >> 1
if pow(mid, publickey.e) < cipher_int:
low = mid + 1
else:
high = mid
plain.append(
low.to_bytes((low.bit_length() + 7) // 8, byteorder="big")
)
return (None, plain)
except TimeoutError:
return (None, None)
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Try to factorize using yafu"""
with timeout(self.timeout):
try:
if publickey.n.bit_length() > 1024:
self.logger.error(
"[!] Warning: Modulus too large for SIQS attack module"
)
return (None, None)
siqsobj = SiqsAttack(publickey.n, self.timeout)
if siqsobj.testyafu():
siqsobj.doattack()
else:
return (None, None)
if siqsobj.p and siqsobj.q:
publickey.q = siqsobj.q
publickey.p = siqsobj.p
priv_key = PrivateKey(
int(publickey.p),
int(publickey.q),
int(publickey.e),
int(publickey.n),
)
return (priv_key, None)
except TimeoutError:
return (None, None)
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Run tests against mersenne composites"""
with timeout(self.timeout):
try:
p = q = None
for i in tqdm(range(2, ilog2(publickey.n)),
disable=(not progress)):
i2 = 2**i
mersenne = [i2 - 1, i2 + 1]
g0, g1 = gcd(mersenne[0],
publickey.n), gcd(mersenne[1], publickey.n)
if 1 < g0 < publickey.n:
p = publickey.n // g0
q = g0
break
if 1 < g1 < publickey.n:
p = publickey.n // g1
q = g1
break
if p is not None and q is not None:
priv_key = PrivateKey(int(p), int(q), int(publickey.e),
int(publickey.n))
return (priv_key, None)
return (None, None)
except TimeoutError:
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Run tests against primorial +-1 composites"""
with timeout(self.timeout):
try:
limit = 10000
prime = 1
primorial = 1
p = q = None
for x in tqdm(range(0, limit), disable=(not progress)):
prime = next_prime(prime)
primorial *= prime
primorial_p1 = [primorial - 1, primorial + 1]
g0, g1 = gcd(primorial_p1[0],
publickey.n), gcd(primorial_p1[1],
publickey.n)
if 1 < g0 < publickey.n:
p = publickey.n // g0
q = g0
break
if 1 < g1 < publickey.n:
p = publickey.n // g1
q = g1
break
if p is not None and q is not None:
priv_key = PrivateKey(int(p), int(q), int(publickey.e),
int(publickey.n))
return (priv_key, None)
return (None, None)
except TimeoutError:
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Run dixon attack with a timeout"""
try:
with timeout(seconds=self.timeout):
try:
if publickey.n <= 10**10:
publickey.p, publickey.q = dixon_factor(publickey.n)
else:
self.logger.info(
"[-] Dixon is too slow for pubkeys > 10^10...")
return (None, None)
except TimeoutError:
return (None, None)
except FactorizationError:
return (None, None)
if publickey.p is not None and publickey.q is not None:
try:
priv_key = PrivateKey(
n=publickey.n,
p=int(publickey.p),
q=int(publickey.q),
e=int(publickey.e),
)
return (priv_key, None)
except ValueError:
return (None, None)
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Run fermat attack with a timeout"""
try:
with timeout(seconds=self.timeout):
try:
publickey.p, publickey.q = self.fermat(publickey.n)
except TimeoutError:
return (None, None)
except FactorizationError:
return (None, None)
if publickey.p is not None and publickey.q is not None:
try:
priv_key = PrivateKey(
n=publickey.n,
p=int(publickey.p),
q=int(publickey.q),
e=int(publickey.e),
)
return (priv_key, None)
except ValueError:
return (None, None)
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Try an attack where the public key has a common factor with the ciphertext - sourcekris"""
if cipher is not None:
try:
with timeout(self.timeout):
return self.comfact(cipher, publickey)
except TimeoutError:
return (None, None)
return (None, None)
def attack(self, publickeys, cipher=[]):
"""Hastad attack for low public exponent
this has found success for e = 3
"""
if not isinstance(publickeys, list):
return (None, None)
if cipher is None or len(cipher) == 0:
return (None, None)
with timeout(self.timeout):
try:
c = []
for _ in cipher:
c.append(int.from_bytes(_, byteorder="big"))
n = []
e = []
for publickey in publickeys:
if publickey.e < 11:
n.append(publickey.n)
e.append(publickey.e)
e = set(e)
if len(e) != 1:
return (None, None)
e = e.pop()
if e != 3:
return (None, None)
result = self.chinese_remainder(n, c)
nth = self.find_invpow(result, 3)
unciphered = []
unciphered.append(
nth.to_bytes((nth.bit_length() + 7) // 8, byteorder="big")
)
try:
unciphered_ = b""
for i in range(0, len(str(nth)), 3):
_ = str(nth)[i : i + 3]
unciphered_ += bytes([int(_)])
unciphered.append(unciphered_)
except:
return (None, None)
except TimeoutError:
return (None, None)
return (None, unciphered)
def attack(self, publickey, cipher=[], progress=True):
"""Factors available online?"""
try:
wa_enabled = True
import wolframalpha
app_id = os.environ.get("WA_API_KEY")
wa_enabled = app_id != None
except Exception:
self.logger.warning(
"[!] Wolfram Alpha is not enabled, install the librairies.")
wa_enabled = False
if not wa_enabled:
self.logger.warning(
"[!] Wolfram Alpha is not enabled, check if ENV WA_API_KEY is set."
)
self.logger.warning(
"[!] follow: https://products.wolframalpha.com/api/documentation/"
)
self.logger.warning("[!] export WA_API_KEY=XXXXXX-XXXXXXXXXX")
self.wa_client = None
return (None, None)
else:
self.wa_client = wolframalpha.Client(app_id)
with timeout(self.timeout):
try:
factors = self.wa_query_factors(publickey.n)
self.logger.info("Factors: %s" % str(factors))
if factors != None and len(factors) > 1:
publickey.q = factors[
-1] # Let it be the last prime wich is the bigger one
publickey.p = publickey.n // publickey.q
priv_key = PrivateKey(
p=int(publickey.p),
q=int(publickey.q),
e=int(publickey.e),
n=int(publickey.n),
)
return (priv_key, None)
else:
return (None, None)
except Exception as e:
self.logger.error(
"[*] wolfram alpha could not get a factorization.")
self.logger.debug(str(e))
return (None, None)
except TimeoutError:
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Try an attack where q < 100,000, from BKPCTF2016 - sourcekris"""
with timeout(self.timeout):
try:
for prime in primes(100000):
if publickey.n % prime == 0:
publickey.q = prime
publickey.p = publickey.n // publickey.q
priv_key = PrivateKey(
int(publickey.p),
int(publickey.q),
int(publickey.e),
int(publickey.n),
)
return (priv_key, None)
except TimeoutError:
return (None, None)
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Wiener's attack"""
with timeout(self.timeout):
try:
wiener = WienerAttack(publickey.n, publickey.e, progress)
if wiener.p is not None and wiener.q is not None:
publickey.p = wiener.p
publickey.q = wiener.q
priv_key = PrivateKey(
int(publickey.p),
int(publickey.q),
int(publickey.e),
int(publickey.n),
)
return (priv_key, None)
except TimeoutError:
return (None, None)
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Run tests against fermat composites"""
with timeout(self.timeout):
try:
limit = 10000
p = q = None
for x in tqdm(range(1, limit), disable=(not progress)):
f = gcd(fib(x), publickey.n)
if 1 < f < publickey.n:
p = publickey.n // f
q = f
break
if p is not None and q is not None:
priv_key = PrivateKey(int(p), int(q), int(publickey.e),
int(publickey.n))
return (priv_key, None)
return (None, None)
except TimeoutError:
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Do nothing, used for multi-key attacks that succeeded so we just print the
private key without spending any time factoring
"""
londahl_b = 20000000
with timeout(self.timeout):
try:
factors = self.close_factor(publickey.n, londahl_b, progress)
if factors is not None:
p, q = factors
priv_key = PrivateKey(
int(p), int(q), int(publickey.e), int(publickey.n)
)
return (priv_key, None)
else:
return (None, None)
except TimeoutError:
return (None, None)
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""System primes in crypto constants"""
with timeout(self.timeout):
try:
primes = load_system_consts()
for prp in tqdm(primes, disable=(not progress)):
g = gcd(publickey.n, prp)
if publickey.n > g > 1:
publickey.q = g
publickey.p = publickey.n // publickey.q
priv_key = PrivateKey(
int(publickey.p),
int(publickey.q),
int(publickey.e),
int(publickey.n),
)
return (priv_key, None)
except TimeoutError:
return (None, None)
return (None, None)
def attack(self, publickeys, cipher=[]):
"""Common factor attack"""
if not isinstance(publickeys, list):
return (None, None)
with timeout(self.timeout):
try:
pubs = [pub.n for pub in publickeys]
# Try to find the gcd between each pair of moduli and resolve the private keys if gcd > 1
priv_keys = []
M = ProductTree(pubs)
for i in range(0, len(pubs) - 1):
pub = pubs[i]
x = publickeys[i]
R = M // pub
g = gcd(pub, R)
if pub > g > 1:
try:
p = g
q = pub // g
x.p = p
x.q = q
# update each attackobj with a private_key
priv_key_1 = PrivateKey(
int(x.p), int(x.q), int(x.e), int(x.n)
)
priv_keys.append(priv_key_1)
self.logger.info(
"[*] Found common factor in modulus for " + x.filename
)
except ValueError:
continue
except TimeoutError:
return (None, None)
priv_keys = list(set(priv_keys))
if len(priv_keys) == 0:
priv_keys = None
return (priv_keys, None)
def attack(self, publickey, cipher=[], progress=True):
""" "primes" of the form 31337 - 313333337 - see ekoparty 2015 "rsa 2070"
not all numbers in this form are prime but some are (25 digit is prime)
"""
with timeout(self.timeout):
try:
maxlen = 25 # max number of digits in the final integer
for i in tqdm(range(maxlen - 4), disable=(not progress)):
prime = int("3133" + ("3" * i) + "7")
if publickey.n % prime == 0:
publickey.p = prime
publickey.q = publickey.n // publickey.p
priv_key = PrivateKey(
p=int(publickey.p),
q=int(publickey.q),
e=int(publickey.e),
n=int(publickey.n),
)
return (priv_key, None)
except TimeoutError:
return (None, None)
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Search for previously used primes in CTFs"""
with timeout(self.timeout):
try:
primes_rsa_numbers_challenge = [
# https://en.wikipedia.org/wiki/RSA_numbers
37975227936943673922808872755445627854565536638199, # RSA-100
40094690950920881030683735292761468389214899724061,
6122421090493547576937037317561418841225758554253106999, # RSA-110
5846418214406154678836553182979162384198610505601062333,
327414555693498015751146303749141488063642403240171463406883, # RSA-120
693342667110830181197325401899700641361965863127336680673013,
3490529510847650949147849619903898133417764638493387843990820577, # RSA-129
32769132993266709549961988190834461413177642967992942539798288533,
39685999459597454290161126162883786067576449112810064832555157243, # RSA-130
45534498646735972188403686897274408864356301263205069600999044599,
3398717423028438554530123627613875835633986495969597423490929302771479, # RSA-140
6264200187401285096151654948264442219302037178623509019111660653946049,
348009867102283695483970451047593424831012817350385456889559637548278410717, # RSA-150
445647744903640741533241125787086176005442536297766153493419724532460296199,
102639592829741105772054196573991675900716567808038066803341933521790711307779, # RSA-155
106603488380168454820927220360012878679207958575989291522270608237193062808643,
45427892858481394071686190649738831656137145778469793250959984709250004157335359, # RSA-160
47388090603832016196633832303788951973268922921040957944741354648812028493909367,
3586420730428501486799804587268520423291459681059978161140231860633948450858040593963, # RSA-170
7267029064107019078863797763923946264136137803856996670313708936002281582249587494493,
398075086424064937397125500550386491199064362342526708406385189575946388957261768583317, # RSA-576
472772146107435302536223071973048224632914695302097116459852171130520711256363590397527,
400780082329750877952581339104100572526829317815807176564882178998497572771950624613470377, # RSA-180
476939688738611836995535477357070857939902076027788232031989775824606225595773435668861833,
31711952576901527094851712897404759298051473160294503277847619278327936427981256542415724309619, # RSA-190
60152600204445616415876416855266761832435433594718110725997638280836157040460481625355619404899,
1634733645809253848443133883865090859841783670033092312181110852389333100104508151212118167511579, # RSA-640
1900871281664822113126851573935413975471896789968515493666638539088027103802104498957191261465571,
3532461934402770121272604978198464368671197400197625023649303468776121253679423200058547956528088349, # RSA-200
7925869954478333033347085841480059687737975857364219960734330341455767872818152135381409304740185467,
435958568325940791799951965387214406385470910265220196318705482144524085345275999740244625255428455944579, # RSA-210
562545761726884103756277007304447481743876944007510545104946851094548396577479473472146228550799322939273,
9091213529597818878440658302600437485892608310328358720428512168960411528640933367824950788367956756806141, # RSA-704
8143859259110045265727809126284429335877899002167627883200914172429324360133004116702003240828777970252499,
68636564122675662743823714992884378001308422399791648446212449933215410614414642667938213644208420192054999687, # RSA-220
32929074394863498120493015492129352919164551965362339524626860511692903493094652463337824866390738191765712603,
4528450358010492026612439739120166758911246047493700040073956759261590397250033699357694507193523000343088601688589, # RSA-230
3968132623150957588532394439049887341769533966621957829426966084093049516953598120833228447171744337427374763106901,
29669093332083606603617799242426306347429462625218523944018571574194370194723262390744910112571804274494074452751891, # RSA-232
34038161751975634380066094984915214205471217607347231727351634132760507061748526506443144325148088881115083863017669,
33478071698956898786044169848212690817704794983713768568912431388982883793878002287614711652531743087737814467999489, # RSA-768
36746043666799590428244633799627952632279158164343087642676032283815739666511279233373417143396810270092798736308917,
509435952285839914555051023580843714132648382024111473186660296521821206469746700620316443478873837606252372049619334517, # RSA-240
244624208838318150567813139024002896653802092578931401452041221336558477095178155258218897735030590669041302045908071447,
64135289477071580278790190170577389084825014742943447208116859632024532344630238623598752668347708737661925585694639798853367, # RSA-250
33372027594978156556226010605355114227940760344767554666784520987023841729210037080257448673296881877565718986258036932062711,
]
primes_pastctf = [
108082147276398906822234149167480016132157014049560913761488880190018027488520386318253742675423286348552334110023434741671427911613197684395221211646299519273129194692306445874938199068586137486874290442314459278649345469626426790676801658394799404284116771456479272808343825651929906737811050557836671896732124546721747709022607151231423494815945385193624295868730390462068156825588342737037490320356361648437686599733,
108082147276398906822234149167480016132157014049560913761488880190018027488520386318253742675423286348552334110023434741671427911613197684395221211646299519273129194692306445874938199068586137486874290442314459278649345469626426790676801658394799404284116771456479272808343825651929906737811050557836671896732124546721747709022607151231423494815945385193624295868730390462068156825588342737037490320356361648437686598461,
108082147276398906822234149167480016132157014049560913761488880190018027488520386318253742675423286348552334110023434741671427911613197684395221211646299519273129194692306445874938199068586137486874290442314459278649345469626426790676801658394799404284116771456479272808343825651929906737811050557836671896732124546721747709022607151231423494815945385193624295868730390462068156825588342737037490320356361648437686597791,
108082147276398906822234149167480016132157014049560913761488880190018027488520386318253742675423286348552334110023434741671427911613197684395221211646299519273129194692306445874938199068586137486874290442314459278649345469626426790676801658394799404284116771456479272808343825651929906737811050557836671896732124546721747709022607151231423494815945385193624295868730390462068156825588342737037490320356361648437686600843,
6703903965361517118576511528025622717463828698514771456694902115718276634989944955753407851598489976727952425488221391817052769267904281935379659980013749,
13407807929942597099574024998205846127479365820592393377723561443721764030073546976801874298166903820008890319855427587165500997237443558735689450602365103,
4101860217206195486319508931988944464741665503169699281154625914180099350459859416508157842908810493659777848990372055112637980426665995893689191266676993,
4101860217206195486319508931988944464741665503169699281154625914180099350459859416508157842908810493659777848990372055112637980426665995893689191266677141,
4101860217206195486319508931988944464741665503169699281154625914180099350459859416508157842908810493659777848990372055112637980426665995893689191266677279,
4165938907260954640804986514555496835723686162893011508104816859692320046868363019435944953520658898678455053432699809898947934756189120526030787871227407,
4165938907260954640804986514555496835723686162893011508104816859692320046868363019435944953520658898678455053432699809898947934756189120526030787871227587,
4165938907260954640804986514555496835723686162893011508104816859692320046868363019435944953520658898678455053432699809898947934756189120526030787871227863,
12643740637395110652894262209502063899047520218436247735878188180335985789877601396069401620713231058940443043891453952791936466967524033214476598572706213,
12217494205780318874865198006759446969679921137474855298485716817925925911890415286181103665676748660959871257808447814451048738105000263500773868071134927,
12753003603072550531018654801465540625925587065270735249200707034221342553612566510512289220382168917762612389041102258111324579759414416978278947259367203,
11512221259968944711215688757058402596735146070663731484166937019905962795560024445608131301476308525203431567566930188520189544071868201113560261699518477,
120154561482812169366431552175315487829790853533514455083187141150401404579723989466386713554692826031183462112641793395815695957964420754471645865010199918851008631038679685035857813488382170765657628252079464574576993595350214255290554756868269962991079417299897885957935578968328491235168443836989742332343,
164184701914508585475304431352949988726937945291,
123722643358410276082662590855480232574295213977,
1367950959033448694251101693351971454646908585982174247214456588106744480223502924899594970200721567086593256490339820357729417073968911473368284373028327,
1873061312526431600198418914726418187289872964131683141580934527253790685014095254664971230592314176869517383698550622907346640404434127554775124138006963,
72432241732033981541049204016745025006867436329489703868293535625696723664804764149457845005290546241606890061226796845022216057745054630401792003744462109,
90126444730029710403645054775061222054869762216009860614264509250054875494146740846632769652653539286830798492363476860052054761040294014518933023714223427,
279125332373073513017147096164124452877,
295214597363242917440342570226980714417,
25478326064937419292200172136399497719081842914528228316455906211693118321971399936004729134841162974144246271486439695786036588117424611881955950996219646807378822278285638261582099108339438949573034101215141156156408742843820048066830863814362379885720395082318462850002901605689761876319151147352730090957556940842144299887394678743607766937828094478336401159449035878306853716216548374273462386508307367713112073004011383418967894930554067582453248981022011922883374442736848045920676341361871231787163441467533076890081721882179369168787287724769642665399992556052144845878600126283968890273067575342061776244939,
783420406144696097385833069281677113,
783756020423148789078921701951691559,
31834349,
48670331,
19193025210159847056853811703017693,
17357677172158834256725194757225793,
279125332373073513017147096164124452877,
295214597363242917440342570226980714417,
42727,
58757,
123722643358410276082662590855480232574295213977,
164184701914508585475304431352949988726937945291,
800644567978575682363895000391634967,
83024947846700869393771322159348359271173,
37024794671302122535260220812153587643,
272573531366295567443756143024197333707,
21563957808398119329545349513312897291720371794644161565433575994922624494866014735925135594671402533520230648695949559828278766299067426136066601816643711,
22708406967509416561081471369947020796745437757938294005271339336356008357234294069698063747451399564794968797317330497407167861251551902204973484175503837,
144299940222848685214153733110344660304144248927927225494186904499495592842937728938865184611511914233674465357703431948804720019559293726714685845430627084912877192848598444717376108179511822902563959186098293320939635766298482099885173238182915991321932102606591240368970651488289284872552548559190434607447,
144245059483864997316184517203073096336312163518349447278779492969760750146161606776371569522895088103056082865212093431805166968588430946389831338526998726900084424430828957236538023320369476765118148928194401317313951462365588911048597017242401293395926609382786042879520305147467629849523719036035657146109,
26440615366395242196516853423447,
32581479300404876772405716877547,
27038194053540661979045656526063,
31267675316206058850450140119274819751417791661635697504813240447984629079490652100735044733540913861142747523203435425061407513320468637503374655392825781473928382075249940537540518803447705157748005302692062548318810509906583495199574613016294007136437402473510780242916703476437678742060227320715065951829792345046885904400712909744723822283218325063910405248903702979799406800950896480067506026510838938457917561846489922757260048427449921729671259609502925944554834113384775414185570194511576885758113751887157223120097006977944365867967544959413407725601588176723859982645734322192561519871486442323167074933639,
43068974121995373755259728623203756276151708711206529799133972499770311973917522370590279232720654505974288964559409201661353918115651149664716192367955840217357608436100090406769463686865453605648714294729259644629396177958653095754824288389624580579733807505133514369658203797575477437151706954894720485223,
698962359293224388508528504293868295849536117911029511500535686265628116126035273937376653818042771965856143346411321978169984196703587737297011635332863244713959616825373265069482088742784543259349452001104153825865595450998374567435519147735270488504450983670922877905525006233437224249682098320961706073951,
4911154640312831735300579932662636306005188439240020352879,
5858530077012370931106950309549472688326371985155604622439,
1451135465007329936687682012556458198263354033267,
1283383279909541494981671251013593566543423047599,
289260226283275563579648656678444936057,
288180072604771133716023733756993741403,
32158763574926282399690427421751598974822750157866002942864427634852437380540017586451493854661729909380518733649186624385206737336324813109500237603304026009112696565510846849987937423619262973393969175056759821652138869783215378169757835283584660846583208812725733839059137580944002686113912792569631796916069732431775599320458346937859589815497525828622622652165709271152246464728489927670696601016248559515951932154686633599100945314921834227324381958751184684979824241375253606863601895383658582486045363570755445629865194046700806542078378801136397577730247660070033517187439537339428288763342861366560261446073,
32158763574926282399690427421751598974822750157866002942864427634852437380540017586451493854661729909380518733649186624385206737336324813109500237603304026009112696565510846849987937423619262973393969175056759821652138869783215378169757835283584660846583208812725733839059137580944002686113912792569631796916069732431775599320458346937859589815497525828622622652165709271152246464728489927670696601016248559515951932154686633599100945314921834227324381958751184684979824241375253606863601895383658582486045363570755445629865194046700806542078378801136397577730247660070033517187439537339428288763342861366560261414507,
30555909537318327326226067108345484260972616392831008890345613182167918843881096961410781393695029449357707848545288220880122374798556583885387343041975279297622137379354808942799947266338126600859247945486391385249259848502175234010967289831554894776077704571261457595823825245669052206379832284446373088109050246642453540203667448240894956074979263603360448779126929364191229791046048600648158120404404766763070327940029813826415327745664993191485439444296109763969948631755535163926384703087422857642736153852582820056661551903549876616627900530084158172809851351898663554970528201875223815554349604138636668040631,
28796899277235049975421947378568428888005019408631005870725337759187744546493409470582705210790627097597656481534493716225301660663533212040068163723937803169735485217437722947354732420098585958967033073629288721874028940705969141716032409906092583043329293532612601200186754187377338924379443611709918885185638934712580040042904995838353611699081350712817357237035507539201368300463060034856220488010509411264244138417348439340955309300128758040513940379009974696105387107481999359705587790254117489020540714253505694682552102843028243384677060490696214834957049391213864664165843655260698241682369402177091178720927,
28349223152666012309896421767725787316124897111416473420803849019741154117582482568645254183215552986563114855665416593397403745371086355268654763921803558654340155902194948080056226592560917521612824589013349044205989541259468856602228462903448721105774109966325479530181197156476502473067978072053273437369680433495259118953717909524799086692640103084287064091489681162498108275295255082627807077949841602061428289272700263987438087045434043977981316071156426134695316796020506076336851840708593720052204359360366058549157961154869248835793804817253083037277453771408544063058190126149127240681909811943783388977967,
28349223152666012309896421767725787316124897111416473420803849019741154117582482568645254183215552986563114855665416593397403745371086355268654763921803558654340155902194948080056226592560917521612824589013349044205989541259468856602228462903448721105774109966325479530181197156476502473067978072053273437369680433495259118953717909524799086692640103084287064091489681162498101607280822202773532998098050880803631144514377948079277690787622279940743498439084904702494445241729763146426258407468147831250550239995285695193105630324823153678214290802694619958991541957383815098042054239547145549933872335482492225099839,
2758599203,
199050626189790903113151725251371951406311367304411013359159100762029303668345459282823483508119186508070350039475140948570888009866572148405365532164833126992414461936781273087675274788769905198546175946505790118332257676994622928414648644875376193656132263418075334807302665038501361680530751104620475935886499714767992159620130246904875540624651891646715835632182355428589610236128648209568297096024509697960196858754170641081387466229916585122877955908862176165344465889280850859817985096316883025515924332365977538735425288433292357532172467247159245727072344354499113900733623716569924461327947462469348798798400461045817375922057805611166274339541877392159201774893120311667898551312256530117094221191204981071357303328506659872809131929265966688409379037586014938643190675726674943253875287765020503118408406103824607730713529079962656130622218633922911733000466212212532871890933508287965723844399784165195088175666883742686183165151553009638524764735387233844317375317153437534933611361683136151569588355535831475925641431859231311079029505004457816932257031352498323214304125608733640306746900473758755832661915903475867854937735150255829715879232213599597863424779218670961633567259935246911742292942052832671549,
24333562944687516822197571192658754203291290861678417217447438854540594847087766562404339574537862439116548079253289466115128767870577648533973566286797593441730003379848043825634065823911136780045362090360846493427099473619203426216220826743478974241107765471416754913629766068614128278553165309459614540881272639715963742807416312087758332567870818068056326342400589601117982695439948496482753836668023789721452705706258642830333890588979897355741176673670662543132574318628603066958811749579934075668455748590286427527491514861437629540690813171672435522560204943058263324060332232490301430308879676240097644556943,
25699922293123622238012005113928758274338093880738911843144609876290300384447243164527369410936522534026502861166228851341858617366580840945546916656960397913459416157594030359887797479829819533476376181670391998963549074371737295746623468123112547424135047636878302121269250886314724602949616886176008642837449632045010113812032294774060357611189602487961064611234002464905006798590256478016955856378120527444702590839053848988168714049387256070864726124290373739801554166928887083826045058481026363141572007235867367607974662051368481037707609970666363610931674810380477197023311110704572295255843715262143691203301,
26641239846781539174997613915486416003684568556746576609279663468469031683562139918289710191916575980269872103186803161203776420494840845869372424906386190919487401478921545410628828040240934885968480468559124463233908052442280478139872489261920279274813374296134128578293855845928227225795788061940296913771355415137193729864318300987109915105382195425114525826138321815629366884757211418011082865207792823895128910178064295532964692290697547400111032047363746813247658976480566291220338236760240639947583180060309174234225896967104503916386813098322083010876516252218060276731781117933746509243898480864478441202823,
136417036410264428599995771571898945930186573023163480671956484856375945728848790966971207515506078266840020356163911542099310863126768355608704677724047001480085295885211298435966986319962418547256435839380570361886915753122740558506761054514911316828252552919954185397609637064869903969124281568548845615791,
11232077261967644077277312997808249915855709514498625183789998098688209996914964867050110603375257386497746294969159136128904120786273278056895662599793297,
]
primes = sorted(
set(primes_pastctf + primes_rsa_numbers_challenge))
for prime in tqdm(primes, disable=(not progress)):
if publickey.n % prime == 0:
publickey.q = prime
publickey.p = publickey.n // publickey.q
priv_key = PrivateKey(
int(publickey.p),
int(publickey.q),
int(publickey.e),
int(publickey.n),
)
return (priv_key, None)
except TimeoutError:
return (None, None)
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Factors available online?"""
with timeout(self.timeout):
try:
url_1 = "http://factordb.com/index.php?query=%i"
url_2 = "http://factordb.com/index.php?id=%s"
s = requests.Session()
r = s.get(url_1 % publickey.n, verify=False)
regex = re.compile(r"index\.php\?id\=([0-9]+)", re.IGNORECASE)
ids = regex.findall(r.text)
# check if only 1 factor is returned
if len(ids) == 2:
# theres a chance that the only factor returned is prime, and so we can derive the priv key from it
regex = re.compile(r"<td>P<\/td>")
prime = regex.findall(r.text)
if len(prime) == 1:
# n is prime, so lets get the key from it
d = invmod(publickey.e, publickey.n - 1)
# construct key using only n and d
priv_key = PrivateKey(
e=int(publickey.e), n=int(publickey.n), d=d
)
return (priv_key, None)
elif len(ids) == 3:
try:
regex = re.compile(r'value="([0-9\^\-]+)"', re.IGNORECASE)
p_id = ids[1]
r_1 = s.get(url_2 % p_id, verify=False)
key_p = regex.findall(r_1.text)[0]
publickey.p = (
int(key_p) if key_p.isdigit() else self.solveforp(key_p)
)
q_id = ids[2]
r_2 = s.get(url_2 % q_id, verify=False)
key_q = regex.findall(r_2.text)[0]
publickey.q = (
int(key_q) if key_q.isdigit() else self.solveforp(key_q)
)
if publickey.n != int(publickey.p) * int(publickey.q):
return (None, None)
except IndexError:
return (None, None)
try:
priv_key = PrivateKey(
p=int(publickey.p),
q=int(publickey.q),
e=int(publickey.e),
n=int(publickey.n),
)
except ValueError:
return (None, None)
return (priv_key, None)
elif len(ids) > 3:
phi = 1
for p in ids[1:]:
phi *= int(p) - 1
d = invmod(publickey.e, phi)
plains = []
if cipher is not None and len(cipher) > 0:
for c in cipher:
int_big = int.from_bytes(c, "big")
plain1 = powmod(int_big, d, publickey.n)
plains.append(long_to_bytes(plain1))
return (None, plains)
return (None, None)
except NotImplementedError:
return (None, None)
except TimeoutError:
return (None, None)
def attack(self, publickey, cipher=[], progress=True):
"""Run tests against mersenne primes"""
with timeout(self.timeout):
try:
p = q = None
mersenne_tab = [
2,
3,
5,
7,
13,
17,
19,
31,
61,
89,
107,
127,
521,
607,
1279,
2203,
2281,
3217,
4253,
4423,
9689,
9941,
11213,
19937,
21701,
23209,
44497,
86243,
110503,
132049,
216091,
756839,
859433,
1257787,
1398269,
2976221,
3021377,
6972593,
13466917,
20336011,
24036583,
25964951,
30402457,
32582657,
37156667,
42643801,
43112609,
57885161,
74207281,
77232917,
82589933,
]
i = getpubkeysz(publickey.n)
for mersenne_prime in tqdm(mersenne_tab,
disable=(not progress)):
if mersenne_prime <= i:
m = (1 << mersenne_prime) - 1
if publickey.n % m == 0:
p = m
q = publickey.n // p
break
else:
break
if p is not None and q is not None:
priv_key = PrivateKey(int(p), int(q), int(publickey.e),
int(publickey.n))
return (priv_key, None)
return (None, None)
except TimeoutError:
return (None, None)
