Primary Knowledge

Description :

Surrounded by an untamed forest and the serene waters of the Primus river, your sole objective is surviving for 24 hours. Yet, survival is far from guaranteed as the area is full of Rattlesnakes, Spiders and Alligators and the weather fluctuates unpredictably, shifting from scorching heat to torrential downpours with each passing hour. Threat is compounded by the existence of a virtual circle which shrinks every minute that passes. Anything caught beyond its bounds, is consumed by flames, leaving only ashes in its wake. As the time sleeps away, you need to prioritise your actions secure your surviving tools. Every decision becomes a matter of life and death. Will you focus on securing a shelter to sleep, protect yourself against the dangers of the wilderness, or seek out means of navigating the Primus’ waters?

Source.py :

import math
from Crypto.Util.number import getPrime, bytes_to_long
from secret import FLAG

m = bytes_to_long(FLAG)

n = math.prod([getPrime(1024) for _ in range(2**0)])
e = 0x10001
c = pow(m, e, n)

with open('output.txt', 'w') as f:
    f.write(f'{n = }\n')
    f.write(f'{e = }\n')
    f.write(f'{c = }\n')

we can see that the n is generating only one prime since 2 ** 0 = 1 so this is a monoprime RSA

Exploit.py :

import gmpy2

e=gmpy2.mpz(65537)
c=gmpy2.mpz(15114190905253542247495696649766224943647565245575793033722173362381895081574269185793855569028304967185492350704248662115269163914175084627211079781200695659317523835901228170250632843476020488370822347715086086989906717932813405479321939826364601353394090531331666739056025477042690259429336665430591623215)
n=gmpy2.mpz(144595784022187052238125262458232959109987136704231245881870735843030914418780422519197073054193003090872912033596512666042758783502695953159051463566278382720140120749528617388336646147072604310690631290350467553484062369903150007357049541933018919332888376075574412714397536728967816658337874664379646535347)

phi=gmpy2.mul(n-1,1) # phi = N-1
d=gmpy2.invert(e,phi) # calculate invert 
m=int(gmpy2.powmod(c,d,n))
mt=bytes.fromhex(hex(m)[2:]) # long to bytes

print(mt) #message m in ascii

┌──(kali㉿kali)-[~/ctf/crypto/primary_knowledge]
└─$ python exploit.py            
b'HTB{0h_d4mn_4ny7h1ng_r41s3d_t0_0_1s_1!!!}'

Flag :

HTB{0h_d4mn_4ny7h1ng_r41s3d_t0_0_1s_1!!!}

PreviousCrypto NextIced TEA

Last updated 11 months ago

Was this helpful?

Surrounded by an untamed forest and the serene waters of the Primus river, your sole objective is surviving for 24 hours. Yet, survival is far from guaranteed as the area is full of Rattlesnakes, Spiders and Alligators and the weather fluctuates unpredictably, shifting from scorching heat to torrential downpours with each passing hour. Threat is compounded by the existence of a virtual circle which shrinks every minute that passes. Anything caught beyond its bounds, is consumed by flames, leaving only ashes in its wake. As the time sleeps away, you need to prioritise your actions secure your surviving tools. Every decision becomes a matter of life and death. Will you focus on securing a shelter to sleep, protect yourself against the dangers of the wilderness, or seek out means of navigating the Primus’ waters?

import math from Crypto.Util.number import getPrime, bytes_to_long from secret import FLAG m = bytes_to_long(FLAG) n = math.prod([getPrime(1024) for _ in range(2**0)]) e = 0x10001 c = pow(m, e, n) with open('output.txt', 'w') as f: f.write(f'{n = }\n') f.write(f'{e = }\n') f.write(f'{c = }\n')

import gmpy2 e=gmpy2.mpz(65537) c=gmpy2.mpz(15114190905253542247495696649766224943647565245575793033722173362381895081574269185793855569028304967185492350704248662115269163914175084627211079781200695659317523835901228170250632843476020488370822347715086086989906717932813405479321939826364601353394090531331666739056025477042690259429336665430591623215) n=gmpy2.mpz(144595784022187052238125262458232959109987136704231245881870735843030914418780422519197073054193003090872912033596512666042758783502695953159051463566278382720140120749528617388336646147072604310690631290350467553484062369903150007357049541933018919332888376075574412714397536728967816658337874664379646535347) phi=gmpy2.mul(n-1,1) # phi = N-1 d=gmpy2.invert(e,phi) # calculate invert m=int(gmpy2.powmod(c,d,n)) mt=bytes.fromhex(hex(m)[2:]) # long to bytes print(mt) #message m in ascii