• API
• FAQ
• Tools
• Archive
SHARE
TWEET

# exploit code

Ariana1729 Apr 21st, 2019 (edited) 60 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
1. y1=467996041489418065436268622304855825266338280723
2. y2=373126988100715326072483107245781156204485119489
3. y3=245091091146774561796627894715885724307214901148
4. k1=y1*y1-1
5. k2=y2*y2+1
6. k3=y3*y3-3*3*3
7. '''
8. factor 2*k1-k2-k3 for p
9. factordb:
10. 7
11. 11
12. 29
13. 43
14. 419
15. 13030584875599
16. 515696616124863562671639283
17. 883097976585278660619269873521314064958923370261
18. '''
19. Qiy=621803439821606291947646422656643138592770518069
20. p=883097976585278660619269873521314064958923370261
21. F=GF(p)
22. a=F((k1-k2)/2)
23. b=F((k1+k2)/2)
24. print "p = ",p
25. print "a = ",a
26. print "b = ",b
27. C=EllipticCurve(GF(p),[a,b])
28. q=order(C)
29. print "q = ",q
30. m=1/2 % q
31. P.<X> = PolynomialRing(GF(p))
32. f=X^3+a*X+b-Qiy^2
33. Qix=f.roots()[0][0]
34. Q=C.point([Qix,-Qiy])
35. P=m*Q
36. print P
37.
38.
39. print (9<<8>>4<<9<<12<<6>>9>>2<<5>>3>>4>>8<<12>>1>>5>>7<<13>>12>>12) * P==Q
40. print (-1*Q).xy()[1]==621803439821606291947646422656643138592770518069
41. P1=C.point([p + 1, 467996041489418065436268622304855825266338280723])
42. P2=C.point([p - 1, 373126988100715326072483107245781156204485119489])
43. P3=C.point([p + 3, 245091091146774561796627894715885724307214901148])
44. print P1
45. print P2
46. print P3
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.

Top