From 54f3e1d59496429451d48fdf52f5a6b5190c8557 Mon Sep 17 00:00:00 2001 From: Sophia Liu Date: Fri, 15 Mar 2024 16:23:59 -0500 Subject: [PATCH] Finished up challenges --- chals/crypto/easy_rsa/challenge.yml | 5 ++-- chals/crypto/easy_rsa/gen.py | 27 ++++++++++++++++- chals/crypto/safe-cracking/sol.py | 1 - .../Dockerfile | 0 .../challenge.yml | 4 +-- .../{safe-cracking => safe_cracking}/flag.txt | 0 .../server.py | 5 ++-- chals/crypto/safe_cracking/sol.py | 30 +++++++++++++++++++ 8 files changed, 63 insertions(+), 9 deletions(-) delete mode 100644 chals/crypto/safe-cracking/sol.py rename chals/crypto/{safe-cracking => safe_cracking}/Dockerfile (100%) rename chals/crypto/{safe-cracking => safe_cracking}/challenge.yml (95%) rename chals/crypto/{safe-cracking => safe_cracking}/flag.txt (100%) rename chals/crypto/{safe-cracking => safe_cracking}/server.py (89%) create mode 100644 chals/crypto/safe_cracking/sol.py diff --git a/chals/crypto/easy_rsa/challenge.yml b/chals/crypto/easy_rsa/challenge.yml index c66e712..f15e653 100644 --- a/chals/crypto/easy_rsa/challenge.yml +++ b/chals/crypto/easy_rsa/challenge.yml @@ -16,18 +16,17 @@ description: |- TODO: some description **author**: Sophia -value: 250 +value: 200 type: dynamic tags: - easy extra: - initial: 250 + initial: 200 decay: 50 minimum: 50 flags: - sigpwny{rsA_FtW:P} files: - chal.py - - gen.py hints: - I noticed a [library](https://pycryptodome.readthedocs.io/en/latest/src/public_key/rsa.html) included in the source code... \ No newline at end of file diff --git a/chals/crypto/easy_rsa/gen.py b/chals/crypto/easy_rsa/gen.py index 9eedc84..e318b58 100644 --- a/chals/crypto/easy_rsa/gen.py +++ b/chals/crypto/easy_rsa/gen.py @@ -1 +1,26 @@ -#add later \ No newline at end of file +from Crypto.PublicKey import RSA +from Crypto.Cipher import PKCS1_v1_5 +import sympy + +flags = ["sigpwn","y{rsA_","FtW:P}"] + +# Randomly generating two primes +p = 70979368125456165107 +q = 62874279226076849807 +e = 65539 +n = p*q #4462776610810429874302099425257433084349 +totn = int(sympy.totient(n)) +d = pow(e,-1,totn) #2524360373456480207131100680183211940587 + +# Generate public and private keys +pubkey = RSA.construct((n,e)) +cipher = PKCS1_v1_5.new(pubkey) +priv = RSA.construct((n,e,d)) +ciph = PKCS1_v1_5.new(priv) + +# Prints encryption for each flag chunk +for flag in flags: + ciphertext = cipher.encrypt(flag.encode('utf-8')) + print(ciphertext) + plaintext = ciph.decrypt(ciphertext, None) + print(plaintext.decode("utf-8")) diff --git a/chals/crypto/safe-cracking/sol.py b/chals/crypto/safe-cracking/sol.py deleted file mode 100644 index 8b68f79..0000000 --- a/chals/crypto/safe-cracking/sol.py +++ /dev/null @@ -1 +0,0 @@ -#todo \ No newline at end of file diff --git a/chals/crypto/safe-cracking/Dockerfile b/chals/crypto/safe_cracking/Dockerfile similarity index 100% rename from chals/crypto/safe-cracking/Dockerfile rename to chals/crypto/safe_cracking/Dockerfile diff --git a/chals/crypto/safe-cracking/challenge.yml b/chals/crypto/safe_cracking/challenge.yml similarity index 95% rename from chals/crypto/safe-cracking/challenge.yml rename to chals/crypto/safe_cracking/challenge.yml index 99b31dc..0333d2c 100644 --- a/chals/crypto/safe-cracking/challenge.yml +++ b/chals/crypto/safe_cracking/challenge.yml @@ -8,12 +8,12 @@ description: |- `nc chal.cryptoctf.sigpwny.com 7001` **author**: Sophia -value: 150 +value: 200 type: dynamic tags: - easy extra: - initial: 150 + initial: 200 decay: 50 minimum: 50 flags: diff --git a/chals/crypto/safe-cracking/flag.txt b/chals/crypto/safe_cracking/flag.txt similarity index 100% rename from chals/crypto/safe-cracking/flag.txt rename to chals/crypto/safe_cracking/flag.txt diff --git a/chals/crypto/safe-cracking/server.py b/chals/crypto/safe_cracking/server.py similarity index 89% rename from chals/crypto/safe-cracking/server.py rename to chals/crypto/safe_cracking/server.py index e7f8a0d..6b6d35a 100644 --- a/chals/crypto/safe-cracking/server.py +++ b/chals/crypto/safe_cracking/server.py @@ -20,7 +20,7 @@ def print_notes(): print("The shared key of each problem corresponds to one part of the safe combination.") print("1. Anna and Beatrice perform a Diffie-Hellman key exchange where p = 17 and g = 3. Privately, Anna selects 5 and Beatrice chooses 11. What's their shared secret key?") print("2. The two perform another key exchange. Now, p = 157 and g = 2. Anna's new private key is 67, while Beatrice's public key is 73. What is Anna's public key?") - print("3. Anna forgot her private key and wants to solve for it. However, we know the following:\n\tTheir shared secret key, s, is equal to xx.\n\tThe values of p and g are 67 and 2, respectively.\n\tThe result of Anna's public key is x.\n") #finish later + print("3. Anna forgot her private key and wants to solve for it. However, we know the following:\n\tTheir shared secret key, s, is equal to 605790.\n\tThe values of p and g are 3042161 and 5, respectively.\n\tThe result of Beatrice's private key is 73.\n") print("Get ready to start guessing!") time.sleep(1) @@ -33,7 +33,8 @@ def main(): print_notes() else: print("Might want to view the notes...") - + time.sleep(1) + print("Get ready to start guessing!") if prompt(): print("You have unlocked the safe! Please don't take anything except for this flag:", FLAG) else: diff --git a/chals/crypto/safe_cracking/sol.py b/chals/crypto/safe_cracking/sol.py new file mode 100644 index 0000000..d7aca84 --- /dev/null +++ b/chals/crypto/safe_cracking/sol.py @@ -0,0 +1,30 @@ +# PART 1 and PART 2 +# Multiple ways of getting here, can just use an online generator + +# --- PART 3 --- +# Part 3: Finding A + +p = 3042161 +b = 73 +shared_secret = 605790 + +def find_base(p, b, shared_secret): + for base in range(1, p): + if pow(base, b, p) == shared_secret: + return base + return None + +# Part 3: Finding a +base = 5 +A = find_base(p, b, shared_secret) + +def find_exponent(p, base, A): + for x in range(1, p): + if pow(base, x, p) == A: + return x + return None + +a = find_exponent(p, base, A) + +print("Third number to unlock safe:", a) +