Tags: rsa crypto rsa-crypto python
Rating: 1.0
# HTB Cyber Santa is Coming to Town CTF
# Crypto - Common Mistake
Started with a zip file to download. This zip contained a txt file that had text in the format:
{'n': '0xa...', 'e': '0x1...', 'ct': '0x5...'}
{'n': '0xa...', 'e': '0x2...', 'ct': '0x7...'}
Just from looking at the variable names we can tell it is RSA n variable, e variable, and cipher text. The n and e variables can be used to get the public key and I fell down the rabbit hole of creating the public key and then trying to crack it. No tools were able to and so I gave up for a day to try other challanges. When I came back I took a new approach and for some reason I had not realized that the n variables were the same for each message. This is a flaw in creating keys for RSA and can be exploited by using the Extended Euclidean algorithm. The variables had to be converted to integers so I used python int('0xa...', 16) to covert them. I then used a script to plug the variables into the Extended Euclidean algorithm and then modifying it a bit, which I got from a blog post (lost the link to it, sorry). This allowed for me to get the hex of the message and then just decode it to get it to get plain text of the flag.