from Crypto.Util.number import * from sympy.ntheory.modular import crt n = 16175064088648626038689748434699435826247716579187475966092822028609536761351820951820375552440329596553448265674841223230257463367834546091974959931391707199002842774795702094681528411058318007858638798643010942408552063479863545047616823056802010158288409527763686086960916160949496083789920012040215745627854092010308869223489833074860062054019221397227691063339148923860987250696934050122115972982286012688955816234717242567815830341836031567275888691320640526306946586793028267588302696611724356566003447616419092371914903382944112125852939011729294400479171568234647164730191643282793224422368321464125847020067 c2 = [12053085469218650692076937068797478047679005585690696222988148891925249697123080938461512785257424651119325211991331622346111396522606463631848519999574540677285771456451798811902760319940781754940936484802949729402283626052963389539032949160905330315285409948932070460455535716223838438994608837585387741418172014634472651248450564788332400265295308803291229281839428962457585593065595521459963501453576128172245723315811398209056633738967993602668795794847967331946516181453804430961308142497659799416125763566765485760600358126127595222197324155943818136202233758771243043559460620477085689770403810190118485243364, 13878717704635179949812987989626985689079485417345626168168664941124566737996226347895779823781042724620099437593856913505609774929187720381745418166924229828643565384137488017127800518133460531729559408120123922005898834268035918798610962941606864727966963354615441094676621013036726097763695675723672289505864372820096404707522755617527884121630784469379311199256277022770033036782130954108210409787680433301426480762532000133464370267551845990395683108170721952672388388178378604502610341465223041534665133155077544973384500983410220955683686526835733853985930134970899200234404716865462481142496209914197674463932] p = GCD(pow(c2[0], n, n)-c2[1], n) q = n // p flag = crt([p, q], [c2[0], c2[1]]) print(long_to_bytes(flag[0]).decode()) # d2-bbe5-1420eaaa3b30}
defget_pngdata(): withopen("picture.png", "rb") as f: png_data = f.read() return pad(png_data)
defget_Key(bits): p = getPrime(bits) g = getPrime(bits // 2) d = random.randint(1, p - 2) y = pow(g, d, p) public, private = (p, g, y), d return public, private
defSignature(m, public, private): m = bytes_to_long(m) p, g, _ = public d = private whileTrue: k = random.randint(1, p - 1) if gmpy2.gcd(k, p - 1) == 1: break r = pow(g, k, p) s = ((m - d * r) * inverse(k, p - 1)) % (p - 1) return (r, s)
defVerity(m, sign, public): m = bytes_to_long(m) p, g, y = public r, s = sign ifpow(g, m, p) == (pow(y, r, p) * pow(r, s, p)) % p: returnTrue else: returnFalse
defchall(): banner()
pub, pri = get_Key(512) png_data = get_pngdata() print( "Hello! I'm Alice. To ensure that you are truly Bob, I need to verify your identity first!" ) print("Can I help you sign once? Is there anything you need to sign?") print(f"Here are your public key:{pub}") message = long_to_bytes(int(input("Give me what you need to sign:"))) if message == b"Bob": print("No, it's not possible!!!") exit(1) print("Here are your sign:") r, s = Signature(message, pub, pri) print(f"r = {r}") print(f"s = {s}")
print("Tell me your signature so that I know you are truly Bob.") r = int(input("r = ")) s = int(input("s = "))
if Verity(b"Bob", (r, s), pub): print( "I have a great photo that I would like to share with you. Let's send it to you in our old way! Hope you still keep our IV!" ) aes = AES.new(KEY, AES.MODE_CBC, iv) enc_data = hex(bytes_to_long(aes.encrypt(png_data)))[2:] print(f"Here is my encoded data:{enc_data}") print(f"Here is my key:{KEY.decode()}") print("In summary, I wish you a wonderful day!") else: print("Alright, you're not Bob, I don't have anything to chat with anymore.") exit(1)
if __name__ == "__main__": try: chall() except: exit(1)
c = pow(bytes_to_long(flag), e, N) print(f"c = {c}") """ N = 61857467041120006957454494977971762866359211220721592255304580940306873708357617802596067329984189345493420858543581027612648626678588277060222860337783377316655375278359169520243355170247177279595812282793212550819124960549824278287538977769728573023023364686725321548391592858202718446127851076431000427033 e = 22696852369762746127523066296087974245933137295782964284054040654103039210164173227291367914580709029582944005335464668969366909190396194570924426653294883884186299265660358589254391341147028477295482787041170991166896788171334992065199814524969470117229229967188623636764051681654720429531708441920158042161 c = 41862679760722981662840433621129671566139143933210627878095169470855743742734397276638345217059912784871301273620533442249011607182329472311453700434692358352210197988000738272869600692181834281813995048665466937302183039555350612260646428575598237960405962714063137455677605629008760761743568236135324015278 """
defsome_calc(size, depth): defsums_calc(base, degree): result = 0 for i inrange(degree): temp = temp_calc(base ** i) result += base ** i + temp // temp_calc(base**(i + 1)) return result
# n = 659401821142664131364043958430747314465977448744532421905138184036743766362324320051729418680079590835903781525157600055608268591994754328563246418114269690475272262915661210669701969695314157602927462228079044905276064391615467601628466982949165371933147600418057089432876120807721483665788557812323607370950442342057254926375842684430119320789097029996211564275310819486004520088130146630452262340185192110066151930586956190499953220051855668474863659201165952231016814569364299000130323859609047687714260776467149437031397019411599103716200258382231589757031469168245396061619327867355414287059363691024984066070128364157490336808211223714816668548049472199794493895870662970541167490686648385211854469386812214775829776376273299648505880034651930322294605482489225723014758138525637864689594748771025870209444029669477294995691067669374491852721622469656239730320092112222948718027850386898461208936333788173263904607181823233002355650353116486156927403178510412091666951574340730799316032588099237 # c = 455042981325030540026829365098432813829591020497037525707600104817313008442900331256387443469027825344761381076471749826547710666806180999603254398722965179851898391700090501419875562919365894255855734276825027850795202733875071307773598881254863911398285400038957998385685292965812925607278232164067624548120378758414574370042945538632864154772437639053907149514588502689277630450575630168099810584842881257614115970132960679023265157277718654731105815060916800751033956715430930381384344469220951638102432198422350425390757155267143393385221465041749156153517556389417033187856017198907366720281408810250981776112815100319814215140919133440637395953567624057248002125277569474190364142291136361144552953540727462623677375371327473687508344483184466522697912317252462246054471196345909304668083637177166153036111122244170846815657389873986264187766636830907458940128844256504176917204131708083105093700023335939233711693409336968008112511482237441198116493965744903995545941700742865846469036763734618 # e = 0x10001
rickroll-pcb2024
from Crypto.Util.number import * from Crypto.Util.Padding import pad from pwn import xor import os from hashlib import * from random import *
HINT = ? FLAG = "flag{xxxxxxxx}" EFFECTIVE_ROW = 6
defrickroll_loader(): withopen("rickroll", "r") as file: lines = [line.strip().encode() for line in file if line.strip()] return lines
deffind_ezprime(size): whileTrue: prime = getPrime(size) if isPrime(prime // 2): return prime