API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 26th, 2017
72
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.93 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/python
  2. import ContinuedFractions, Arithmetic, RSAvulnerableKeyGenerator
  3. import time
  4. import sys
  5. import base64
  6. import binascii
  7. import gmpy
  8. import sympy
  9. import math
  10. import fractions
  11. import struct
  12. sys.setrecursionlimit(100000)
  13. # modulus from the RSA public key
  14. n=464517465406785953857556457649531950293792469729759675075735156051281629670797922539752875895546002578087681670703110661078671286861443250579386354246265558271559038161525811659203072866183663643255163201078665288898043662978649263377950943059114019039924237673711515172203471542543825385744878074358557189373
  15. # exponent from the RSA public key
  16. e=367182079463269486987072876984314037486906288997525947050993520671605628264060137288218976448390210942063437602376198296579691424888820050462115162833766651861905937061076363379548923316880620978884091634711511280930709064184293319461123122437055621998895990722265605916070051305140477237306002338995300687491
  17. # cyphertext converted to hex
  18. c=0x011fdaaf74ae6a529534a5d9e28c7d24d95a8cdc53021451c08d3d9ff1792da2f4ebab342cf64f770c27539af987aa02da8d804babed10ec2e391a9a4291a18757368609770832a4d67849e387ad8e75a41e4026b939e849820f069f838bbf8a04af38965eed3c0d5577ed6344f6b4306c48c5762841be91befcfb2bd15d1d2c7c
  19. def hack_RSA(e,n):
  20. print "Performing Wiener's attack. Don't Laugh..."
  21. time.sleep(1)
  22. frac = ContinuedFractions.rational_to_contfrac(e, n)
  23. convergents = ContinuedFractions.convergents_from_contfrac(frac)
  24. for (k,d) in convergents:
  25. #check if d is actually the key
  26. if k!=0 and (e*d-1)%k == 0:
  27. phi = (e*d-1)//k
  28. s = n - phi + 1
  29. # check if the equation x^2 - s*x + n = 0
  30. # has integer roots
  31. discr = s*s - 4*n
  32. if(discr>=0):
  33. t = Arithmetic.is_perfect_square(discr)
  34. if t!=-1 and (s+t)%2==0:
  35. return d
  36. hacked_d = hack_RSA(e, n)
  37. print "d=" + str(hacked_d)
  38. m = pow(c, hacked_d, n)
  39. print "So the flag is:"
  40. print("%0512x" %m).decode("hex")
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!