def handle(self):
signal.alarm(1200)
self.send(BANNER)
if not self.proof_of_work():
return
secret = bytes_to_long(os.urandom(16))
P = self.getMyPrime(512)
n = P*getPrime(P.bit_length())
e = 65537
ciphertext = pow(secret, e, n)
self.send("n = {}\ne = {}\nc = {}".format(n, e, ciphertext).encode())
while True:
self.send(MENU, newline=False)
choice = self.recv()
if choice == b"1":
module = getPrime(64)
self.send(b"Give me the secret:")
s = self.recv()
if str(secret).encode() == s:
self.send(b"Congratulations! Your flag is: "+flag.encode())
else:
self.send(b"Wrong secret")
continue
self.request.close()
break
def main():
print '''This is a WIP cipher that combines RSA and AES
Encryption has been implemented, but I haven't figured how to decrypt yet
Here is an encrypted message using this service that I recieved:
%s
, could you help me find the message?''' % flag.encode('hex')
for _ in xrange(0x2000):
print '''
1. Encrypt service
2. Decrypt service
3. Quit
'''
inp = raw_input().strip()
if inp == '1':
print 'Send a message to be encrypted'
inp = raw_input().decode('hex')
print 'Encrypted message:'
print encrypt(inp).encode('hex')
elif inp == '2':
print 'Send a message to be decrypted'
inp = raw_input().decode('hex')
print 'Decrypted message:'
print decrypt(inp)
elif inp == '3':
return 0
return 0
def handle(self):
signal.alarm(1000)
if not self.proof_of_work():
return
self.send(b'[+] Welcome!')
self.send(b'[+] Can you find the flag through the calculating?')
self.score = 0
self.token = ''.join(
random.sample(string.ascii_letters + string.digits, 8))
self.lenth = len(self.token)
self.data = []
for i in range(self.lenth):
self.data.append(getRandomInteger(17))
self.send(str(self.data).encode())
while True:
self.send(MENU, newline=False)
choice = self.recv()
if (choice == b'1'):
self.send(b"[+] Plz give me your x: ")
now = int(self.recv().strip().decode())
now = self.function(now)
self.send(
("[+] let me show you the answer: " + str(now)).encode())
elif (choice == b'2'):
guess = self.recv().strip().decode()
if (guess == self.token):
self.score += 1
self.send(b"[+] You win!")
self.send(
("[!] Now your score: " + str(self.score)).encode())
self.token = ''.join([
random.choice(string.digits + string.ascii_letters)
for i in range((self.score + 1) * 8)
])
self.lenth = len(self.token)
self.data = []
for i in range(self.lenth):
self.data.append(getRandomInteger(17))
self.send(str(self.data).encode())
if (self.score >= 5):
self.send(flag.encode())
else:
self.send(b'[+] What do you want to say???')
self.send(b'[!] Go away!')
break
else:
break
self.request.close()
def main():
poly = [bytes_to_long(flag.encode())]
poly.extend(set([randint(1, P - 1) for i in range(MIN)]))
print("┌───────────────┐")
print("│ SSS Encryptor │")
print("└───────────────┘")
print("Enter text to encrypt, leave empty to quit.")
while True:
data = input(">>> ")
if bytes_to_long(data.encode()) % P == 0:
break
print(eval_at(poly, bytes_to_long(data.encode()), P))
def main():
global flag
N=8
key = generateMatrix(os.urandom(N*N),N)
secret = encrypt(key,flag.encode(),N)
print("Welcome to the Service.\n".center(100))
print("We allow only Encryption as our previous challs were hacked.\n")
print("Take my secret and shut up :\n{}".format(secret.tolist()))
while True:
print("\n1 . Encryption")
print("2 . Exit\n")
try:
type = int(input("Give me your choice : "))
if type==1:
m = input("Give me your message : ").strip()
secret = encrypt(key, m.encode(), N)
print("Yeah, got your secret message :\n{}".format(secret.tolist()))
else:
print("Ok,bye!!")
break
except:
print("Give me a number. Bye!!")
break
#!/usr/bin/env python3
import os
from pycryptography import encrypt
from secret import flag
if __name__ == '__main__':
with open('flag.enc', 'wb+') as f:
# 160 bits security!
enc = encrypt(flag.encode(), os.urandom(20))
f.write(enc)
from sympy import mod_inverse
from sympy import isprime
from secret import flag
from Crypto.Util.number import getPrime
e = 65537
while True:
p = getPrime(1024)
q = mod_inverse(e, p)
if isprime(q):
break
N = p * q
m = int(flag.encode("hex"), 16)
c = pow(m, e, N)
f = open("pub.key", "a")
f.write("e:" + str(e) + "\n")
f.write("N:" + str(N))
f.close()
f = open("flag.enc", "w")
f.write(str(c))
f.close()
import os
import base64
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad, unpad
from secret import flag
def encrypt(message, key):
iv = os.urandom(16)
cipher = AES.new(iv, AES.MODE_OFB, key)
message = pad(message, 16)
ciphertext = iv + cipher.encrypt(message)
return ciphertext
def decrypt(ciphertext, key):
iv, ciphertext = ciphertext[:16], ciphertext[16:]
cipher = AES.new(iv, AES.MODE_OFB, key)
message = cipher.decrypt(ciphertext)
return unpad(message, 16)
if __name__ == '__main__':
key = os.urandom(16)
assert re.match(r'^firebird\{\w{58}\}$', flag)
ciphertext = encrypt(flag.encode(), key)
assert decrypt(ciphertext, key) == flag.encode()
print(base64.b64encode(ciphertext).decode())
def write(self, data):
self.stream.write(data)
self.stream.flush()
def writelines(self, datas):
self.stream.writelines(datas)
self.stream.flush()
def __getattr__(self, attr):
return getattr(self.stream, attr)
sys.stdout = Unbuffered(sys.stdout)
E = CurveFp(p, a, b)
flag = int(flag.encode('hex'), 16)
# submit SVATTT2018{flag}
assert flag < order
def check(number):
if not all(c in string.digits for c in number):
return False
number = int(number)
if number < 0 or number >= p:
return False
return True
def calculate(number):
n = (int(number) + 2) % p
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP
from secret import flag
import os
rsa = RSA.generate(2048)
public_key = rsa.publickey().exportKey()
f = open("public.key", "w")
f.write(public_key.decode())
f.close()
rsakey = RSA.importKey(open("public.key", "r").read())
rsa = PKCS1_OAEP.new(rsakey)
msg = rsa.encrypt(flag.encode())
f = open("message", "wb")
f.write(msg)
f.close()
P = add_points(P, P)
n = n // 2
return Q
def gen_key():
g = (
29223879291878505213325643878338189297997503744039619988987863719655098,
32188620669315455017576071518169599806490004123869726364682284676721556
)
sk = random.randint(0, 2**256)
pk = multiply(g, sk)
return sk, pk
a, A = gen_key()
b, B = gen_key()
print(A)
print(B)
shared = multiply(A, b)[0]
key = sha256(long_to_bytes(shared)).digest()
aes = AES.new(key, AES.MODE_ECB)
ciphertext = aes.encrypt(pad(flag.encode(), AES.block_size))
print(ciphertext.hex())
"""
(68279847973010227567437241690876400434176575735647388141445319082120661, 36521392659318312718307506287199839545959127964141955928297920414981390)
(84698630137710906531637499064120297563999383201108850561060383338482806, 10975400339031190591877824767290004140780471215800442883565278903964109)
26b1b05962d188f1f2abdfad2cef049d45cfc27d9e46f40ebe52e367941bcfa05dd0ef698f528375be2185759e663431
"""
from random import *
from gmpy2 import *
from fractions import *
from binascii import hexlify
from secret import flag
#Setting up params
a = randrange(2**10, 2**11)
b = randrange(2**12, 2**13)
c = randint(2, 2**1024)
p = next_prime((a * c) + randint(2, 2**512))
q = next_prime((b * c) + randint(2, 2**512))
n = p * q
e = randint(1024, 70000)
while True:
if ((e & (e + 1) == 0) and gcd(e, (p - 1) * (q - 1)) == 1):
exp = e
break
e += 1
m = int(hexlify(flag.encode()).decode(), 16)
enc = pow(m, exp, n)
print("n : " + str(n))
print("a : " + str(a))
print("b : " + str(b))
print("enc : " + str(enc))
break
while True:
q = 2 * g * getPrime(int(nibt * (0.5 - gamma))) + 1
if isPrime(q):
break
assert 2 * p > q and 2 * q > p
return p, q, g
p1, q1, g1 = get_my_prime(1024, 0.2247)
p2, q2, g2 = get_my_prime(1024, 0.3247)
n1 = p1 * q1
n2 = p2 * q2
print(hex(n1))
# 0x48b11209b62c5bc580d00fc94886272b92814ce35fcd265b2915c6917a299bc54c2c0603c41f8bf7c8f6f2a545eb03d38f99ec995bf6658bb1a2d23056ee21c7230caa2decec688ea9ee00b0d50b39e8cd23eb2c3ddeb20f5ab26777b80052c171f47b716e72f6aee9cece92776fc65119046f9a1ad92c40e2094d7ed7526d49
print(hex(pow(bytes_to_long(b'Common prime RSA is a variant of RSA' + long_to_bytes(g1) + b'And the common factor g is large prime and p=2ga+1 q=2gb+1'), 3, n1)))
# 0x27d8d7249643668ffc115be8b61775c60596e51f6313b47ad5af8493526922f5e10026a2cdaef74e22c3eec959dd8771abe3495b18d19f97623f5a3f65f22ff8fc294fc37ceb3b43ebbbf8a9bcf622922e22c5520dbd523483b9dc54fdffcd1a1b3f02ca1f53b75413fb79399ca00034f2acf108ac9a01bd24d2b9df6e27d156
print(hex(pow(g2, 65537, n1)))
# 0xeaf06b9050a809659f962251b14d6b93009a7010f0e8d8f0fa4d71591757e98243b8ff50ec98a4e140fd8a63bbb4b8bb0a6d302a48845b8b09d1e40874fcb586ddccbb0bbf86d21540ec6c15c1d2bf925942f6f384fdc1baae7f8e06150ccd9459eb65d0f07eea16a911fa0a17e876a145dbfec83537ca2bee4641897b9f7f5
print(hex(n2))
# 0x6d457110d6044472d786936acbd3cd93c7728daa3343b35ccaa5c55eba6b35c28c831bb245b8cdd8fc8cb67a72f57e62a0e1259f5e804c487a8478f6895b302d39277bd73947598a5f8ec0a535be9e9a4d34df91df948ee44cc3d13d14e23b9651089e4767c7f0e7245df55619c92fe24483225d35f5f3ee6f74375065766ffd
print(hex(pow(bytes_to_long(flag.encode()), 65537, n2)))
# 0x15be2b0eaef8837a753587c47d3f31696a7d239d88837a9b7d903cd0d0648ef8e225ea555402693a23f305d19e7e13905be61b44c651dba5b26614bcf876234e765a724e0ed8af4a4e408e6a233c48ab9cc63e9c552ef9cd1999512aa0aca830fe6cbcbcc3c6bb354903124a2c3a12d442cdbdefdae6576f4bbc1515051b7111
#!/usr/bin/env python
import os
import pyDes
from secret import flag
key = os.urandom(8)
d = pyDes.des(key)
ciphertext = d.encrypt(flag.encode())
with open('ciphertext.txt', 'wb') as f:
f.write(cipher)
# print d.Kn[11]
# [1, 0, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 0, 1, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 1, 0]
from Crypto.Util.number import getPrime, isPrime, bytes_to_long
from Crypto.PublicKey.RSA import construct
from secret import flag
def getNextPrime(number):
while not isPrime(number):
number += 1
return number
p = getPrime(2048)
q = getNextPrime(p + 1)
n = p * q
e = 65537
encrypted_flag = pow(bytes_to_long(flag.encode('utf-16')), e, n)
print("Public Key = \n{}".format(
construct((n, e)).publickey().exportKey().decode()))
print("Encrypted Flag = {}".format(hex(encrypted_flag)))
from Crypto.Util.number import getPrime, bytes_to_long
from secret import flag
p = getPrime(512)
q = getPrime(512)
r = getPrime(512)
n = p * q * r
nonsense = pow(p + 2020, 2020, n)
c = pow(bytes_to_long(flag.encode()), 65537, n)
print("flag_len =", len(flag))
print("n =", n)
print("nonsense =", nonsense)
print("c =", c)
# Output:
#
# flag_len = 39
# n = 704454458221851461661183811203926482854224069127319092831751451353593479861145669240591809241910144278540140710664324485788702067202730173348138543405706520325862158575080868603258973193723181414713395304221676151508728657007690432094852411919839906992647582287289421088933359244150158455611463691097547815589984393918617205510503155570096657532151944758899768975179102179897817673589190234899461347962816263753280017774486016184285997899402529667104453243647041
# nonsense = 619702185453466044426440305546519560288553208384500754039920661789490438992638170809465127566997641711151823846830355670756118644043252626725422327872003280314907907831491100700042424275076075798162207363522831361472329212705500575689389167941348554649216729665288990191244293392337599621187627426580207781405496050863833453906886641616369766109818677629419264013197911109702601579819436760626969976959759016481496782589746018855952975293011977442058997629689532
# c = 413365447064806658027287713565823697294125119548502699216153382366328403747620921454187680760443877166701347567541889885099308594125683443351960016082217654533340845891753041076605199550617849923438029729514354415560524735562765460354940181029256500150489931090960564287104890261151827632423072700877388558658361537205944849043235617364002473905886332562388180061849847338211027956136484117425874841141830403441405316172557272275304138205252117732688669395833303
s = G.get_identity()
a = self
while n > 0:
if n & 1:
s = s.star(a)
a = a.star(a)
n = n >> 1
return s
def __repr__(self):
return repr(self.x)
def __str__(self):
return str(self.x)
# PART 2: all you need to get flag
import os
from Crypto.Cipher.AES import AESCipher
from secret import flag
key = os.urandom(16)
print(
AESCipher(key).encrypt(flag.encode() + b"\x00" * (-len(flag) % 16)).hex())
# 4e8f206f074f895bde336601f0c8a2e092f944d95b798b01449e9b155b4ce5a5ae93cc9c677ad942c32d374419d5512c
k = int.from_bytes(key, "big")
g = G(2)
print(g.repeated_star(k))
# 675847830679148875578181214123109335717
y = random.randint(1, p - 1)
e = random.randint(1, p - 1)
a = k * random.randint(1, p - 1)**2 % p
b = (a * x**2 - y**2) * inverse(x, p) % p
curve = SpecialCurve(p, a, b)
G = (x, y)
Q = curve.mul(G, e)
print(f'curve={curve}')
print(f'G={G}')
print(f'Q={Q}')
return e
e1 = problem(128, 1)
e2 = problem(256, 0)
e3 = problem(512, -1)
enc = bytes_to_long(hashlib.sha512(
b'%d-%d-%d' % (e1, e2, e3)).digest()) ^ bytes_to_long(flag.encode())
print(f'enc={enc}')
'''
curve=SpecialCurve(233083587295210134948821000868826832947,73126617271517175643081276880688551524,88798574825442191055315385745016140538)
G=(183831340067417420551177442269962013567, 99817328357051895244693615825466756115)
Q=(166671516040968894138381957537903638362, 111895361471674668502480740000666908829)
curve=SpecialCurve(191068609532021291665270648892101370598912795286064024735411416824693692132923,0,58972296113624136043935650439499285317465012097982529049067402580914449774185)
G=(91006613905368145804676933482275735904909223655198185414549961004950981863863, 96989919722797171541882834089135074413922451043302800296198062675754293402989)
Q=(13504049588679281286169164714588439287464466303764421302084687307396426249546, 110661224324697604640962229701359894201176516005657224773855350780007949687952)
curve=SpecialCurve(52373730653143623993722188411805072409768054271090317191163373082830382186155222057388907031638565243831629283127812681929449631957644692314271061305360051,28655236915186704327844312279364325861102737672471191366040478446302230316126579253163690638394777612892597409996413924040027276002261574013341150279408716,42416029226399083779760024372262489355327595236815424404537477696856946194575702884812426801334149232783155054432357826688204061261064100317825443760789993)
G=(15928930551986151950313548861530582114536854007449249930339281771205424453985946290830967245733880747219865184207937142979512907006835750179101295088805979, 29726385672383966862722624018664799344530038744596171136235079529609085682764414035677068447708040589338778102975312549905710028842378574272316925268724240)
Q=(38121552296651560305666865284721153617113944344833289618523344614838728589487183141203437711082603199613749216407692351802119887009907921660398772094998382, 26933444836972639216676645467487306576059428042654421228626400416790420281717654664520663525738892984862698457685902674487454159311739553538883303065780163)
enc=4161358072766336252252471282975567407131586510079023869994510082082055094259455767245295677764252219353961906640516887754903722158044643700643524839069337
'''
key = 0x1234567890
else:
key = getRandomInteger(keylen * 8) & 0xfffffffff0
#secret step
if __debug__:
print "##### challenge secret " #####
print "key = 0x%010x" % key
keyHash = encryptKey(key)
if __debug__:
print "keyHash =", keyHash
print ""
print "####### given data #######"
print "pt =", pt
C = [0x31, 0x33, 0x33, 0x33, 0x37]
A = shuffle(C, keyHash, pt)
print "A =", A
print "C =", C
print "xorK =", reduce(lambda x, y: x ^ y, keyHash)
flag = flag[
5:
-1] #removing CTF template. please make template again when submitting the flag.
flag = zlib.compress(flag)[
2:-4] #deompress: zlib.decompress(data, -zlib.MAX_WBITS)
print "enc = \"" + encryptData(key, flag.encode("hex")) + "\""
#!/usr/bin/env python3
import json
from secret import N, e, d, p, q, flag
from Crypto.Cipher import AES
from Crypto.PublicKey import RSA
assert (len(str(p)) == 2457)
assert (len(str(q)) == 2457)
assert (len(flag) == 32)
def pad(data):
pad_size = AES.block_size - len(data) % AES.block_size
return data + pad_size * bytes([pad_size])
rsa = RSA.construct((N, e, d, p, q))
pub = json.dumps({'N': N, 'e': e}).encode()
priv = json.dumps({'N': N, 'e': e, 'p': p, 'q': q, 'd': d}).encode()
aes = AES.new(flag, AES.MODE_ECB)
priv_enc = aes.encrypt(pad(priv))
flag_enc = rsa.encrypt(flag.encode(), None)[0]
open('pub.json', 'wb').write(pub)
open('priv.json.enc', 'wb').write(priv_enc)
open('flag.enc', 'wb').write(flag_enc)
from Crypto.Util.number import *
from secret import flag
flag = bytes_to_long(flag.encode())
def genkey():
p = getPrime(512)
q = getPrime(512)
N = p * q
phi = (p - 1) * (q - 1)
e = 0x10001
d = inverse(e, phi)
assert GCD(e, phi) == 1
return N, e, d, pow(flag, e, N)
def main():
N, e, d, c = genkey()
print("Welcome to our secret RSA service.\n".center(100))
print(
"Due to the corona virus epidemic, We are hiding our modulus but can your the public exponent = 0x10001.\n"
)
print("Here's our secret Message : 0x{:x}\n".format(c))
while True:
print("1. Encryption")
print("2. Decryption")
print("Give me choice > ", end="")
try:
from secret import flag
for i in range(5):
flag= flag.encode('base64')
flag=flag.encode('hex')
f = open('ciphertext.txt','wb')
f.write(flag)
