ctfs
  • 👋Hello!
  • 🏴Practice
    • 🌐Cryptohack
      • Introduction
      • General
        • Encoding
        • XOR
        • Mathematics
        • Data Formats
      • Symmetric Ciphers
        • How AES Works
        • Symmetric Starter
        • Block Ciphers 1
        • Stream Ciphers
      • Mathematics
        • Modular Math
        • Lattices
      • RSA
        • Starter
        • Primes Part 1
        • Public Exponent
    • 🌐PortSwigger
      • Path Traversal
      • File Upload
      • SSRF Attacks
    • 🌐TryHackMe
      • Basic Skills
      • Linux
      • Penetration Testing
      • Networking
      • OSINT
  • 🚩Competitions
    • 2025
      • 🇮🇩GKSK#9 Osintathon
        • Mudik Lebaran (100 pts)
        • Foto Patung (100 pts)
        • Kolektor Komik (100 pts)
        • Tolong Aku (100 pts)
        • Kencan Pertama (100 pts)
        • Nama Si Pelaku (100 pts)
        • Cekidot (100 pts)
        • Ledakan! (100 pts)
        • 🎹🎶 (100 pts)
        • Batu Besar (100 pts)
        • Komentar (100 pts)
        • Ini dimana? (100 pts)
        • Koordinat Foto Misterius (100 pts)
        • Bianglalaaa (100 pts)
        • Aku Hacker (100 pts)
        • Anjazzz (100 pts)
        • Dikirim Kakakku (129 pts)
        • Ingfo Loker (154 pts)
        • MISSING 00 (100 pts)
        • MISSING 01 (154 pts)
        • Siapa Aku? (154 pts)
      • 🇮🇩IFEST 13
        • Ququerer (250 pts)
        • Silent Trace (370 pts)
        • Nugas (Solved After Event)
        • Free Flag (280 pts)
        • Brute (Solved After Event)
        • Web V1 (Solved After Event)
        • Bypass (Solved After Event)
        • Orbiter (Solved After Event)
      • 🌐OSINT Combine (Wildlife)
        • Getting Started (100 pts)
        • Proper Poppy (100 pts)
        • Legendary Beasts (200 pts)
        • Shadow Fleet (200 pts)
        • Proper Poppy II (200 pts)
        • Not So Smug Smuggler (200 pts)
        • Icy (200 pts)
        • Forest Pals (200 pts)
        • Safari Time II (200 pts)
        • Sneaky! (200 pts)
        • Hello Friend (300 pts)
        • Busy As A (300 pts)
        • Get Rotated! (300 pts)
        • High Seas (300 pts)
        • Nocturnal (300 pts)
        • Safari Time (400 pts)
        • Peak Weather (400 pts)
        • Singsong (400 pts)
        • Falling Fell (500 pts)
        • Kitty Cats (500 pts)
      • 🇮🇩RECURSION
        • let him cook
        • Basic Math
        • Favourite Number
        • Zarrar Cipher (100 pts)
        • paBlue Team (100 pts)
        • [🩸] I wish I was there on December 21, 2024 (100 pts)
        • Small House (200 pts)
        • [🩸] Mission Difference (456 pts)
    • 2024
      • 🌐Santa Claus CTF
        • Complete Picture
        • Day 1 - Big Bang
        • Day 2 - The Summer Job
        • Day 3 - The Visitors
        • Day 4 - Happy Birthday
        • Day 5 - Say My Name
        • Day 6 - Say "Cheese"
        • Day 7 - Revealing Pixels
        • Day 8 - Connecting The Dots
        • Day 9 - 404 Not Found
        • Day 10 - Breaking News
        • Day 11 - Ayrton Santa
        • Day 12 - Lost and Found
        • Day 13 - Planespotting
        • Day 14 - Santa Surveillance
        • Day 15 - Shaken, Not Stirred
        • Day 16 - Status Update
        • Day 17 - Waste ...of Time
        • Day 18 - Lost in Translation
        • Day 19 - Santa's Clones
        • Day 20 - Losing Tracks
        • Day 21 - Sing my Song
        • Day 22 - Eagle Eye
        • Day 23 - Distances Matters
        • Day 24 - Mastermind
      • 🌐Cyber Jawara International
        • Stone Game (100 pts)
        • prepare the tools (176 pts)
        • Persona (484 pts)
      • 🌐OSMOSIS Precon CTF
        • 1 The art of espionage
        • # 2 The Hack
        • # 3 The rabbit hole
        • # 4 The Association
        • # 6 Where is number 5
        • # 5 Who is it
        • Too many Layers
        • The prize
      • 🇮🇩Intechfest
        • Sanity Check (100 pts)
        • Alin (113 pts)
        • GerakSendiri (106 pts)
        • Details (100 pts)
      • 🇮🇩COMPFEST 16
        • Let's Help John! (100 pts)
        • money gone, wallet also gone (100 pts)
        • head’s up! (493 pts)
        • CaRd (304 pts)
        • Sanity Check (100 pts)
      • 🇮🇩Gemastik
        • Baby AES (451 pts)
        • Baby Structured (100 pts)
      • 🇮🇩Technofair 11
        • Kenangan
        • Xorban
        • Marsha
        • Siap Tempur!!
        • eftipi
        • kurang berarti
        • DUMPling
        • Malicious
      • 🌐DIVER OSINT
        • chiban
      • 🇮🇩GKSK#8 Osintathon
        • Sport Location
        • Meklaren lu warna apa boss ?
        • Postcode
        • Rumah Minang
        • Latihan
        • Anak Misterius
        • Travelling Anywhere
        • The Thief
        • Danger Watch
        • Misteri Ruang Angkasa
        • Fun Walk
        • I am Late
        • My Oshi
        • Wellcome to my Youtube Channel
        • Pesan Tersembunyi Wingdings
        • Salah Fokus
        • Apa itu GKSK?
        • Foto Bersejarah
        • Picture
        • Nostalgia Child
        • oldschool
        • Summer Olympic
      • 🇮🇩Techcomfest
        • pemanasan
        • crackable
        • Kuli-ah forensik
    • 2023
      • 🇮🇩Cyber Jawara
        • daruma
      • 🇮🇩NCW
        • Simple (220 pts)
        • wangsaf (320 pts)
        • Sillyville Saga (220 pts)
        • Freminhelp (Solved after event)
      • 🇮🇩Hology 6
      • 🇮🇩SlashRoot 7
        • Summary (441 pts)
        • eeee (480 pts)
        • Zebra Cross (409 pts)
        • Waka Waka eh eh (185 pts)
        • ANABUL (250 pts)
      • 🇮🇩COMPFEST 15
        • not simply corrupted (316 pts)
        • Artificial secret (356 pts)
      • 🇮🇩Gemastik
        • easy AES
        • k-1
        • Gen Z
      • 🇮🇩TechnoFair 10
        • RSA Bwang
        • Marsah
        • rapsodi
        • Pengen Merch JKT 😢
        • space mono
        • file pemberian fans
        • bantu aku mencari sebuah rahasia
    • 2022
      • 🇮🇩NCW
        • sabeb64 (331 pts)
        • cakemath (451 pts)
        • Downloader (244 pts)
        • 199 passcode (Solved after event)
      • 🇮🇩TEDCTF
      • 🇮🇩Gemastik
      • 🇮🇩OSCCTF
      • 🇮🇩ARA
  • 🪦Old Hello
Powered by GitBook
On this page
  1. Competitions
  2. 2023
  3. TechnoFair 10

Sekte Pemuja Osha Oshi [unfinished]

Deskripsi

Harukaze pipit berhasil menangkap pesan rahasia dari sebuah sekte rahasia, ia juga mendapatkan bocoran yang dapat membantunya.

Author: AnYujin

Kita diberikan source code beserta outputnya.

chall.py

from Crypto.Util.number import *
from sage.all import *
import random

def encrypt(p):
	p=bin(p)[2:]
	p='0'*(len(p)%64)+p
	p=[int(p[i:i+16],2) for i in range(0,len(p),16)]
	key=random.getrandbits(16)
	p=[i^key for i in p]
	return p

flag=b'REDACTED'
p=getPrime(1024)
q=getPrime(1024)
e=0x10001
n=p*q

temp = p & ((1<<37)-1)
p >>= 81
p <<= 81
p += temp
p = encrypt(p)

flag=bytes_to_long(flag)
enc=pow(flag,e,n)
print(f'enc : {enc}')
print(f'n : {n}')
print(f'e : {e}')
print(f'leaked_p :{p}')

out

enc = 29004754752602891845701088578222561842513874918199800431567395933687795651470110377063745715224303592560274634075790412592313062222984678812372502446455553874025887805048706501835504141010199497560376154063288969798733730977056261626071788261554096303337042690996275614463889111101331868052859671922570628337639260391486134758084403718297925958046876883450312203509912864798807966117003174457393430905875449096266440351779141369905085213013783089319684239294684146737340793537160633379849038762741682795276911283424980467314859075820283929128473248792350786471543057922435616411342493331051424182347254472208007118691
n = 29353585191166156442189968012744774060523695365304588409452746298446966090446842013875144703842901644120084459742264199601712574341648935494662522676662195240580196375882847987434122422257670543787177894139225539012913211123707515022561081594248680970805167931112717636527712860774929806451263605673800306509371173663128670975257217464868471515902953618301217178231352288283127976806763613672091333537163342358371199303987661809368689697952949595308131881547519088258353529773216590952608452869230534334146785053625093426887703186355237207342461913924093535411997384080910520555094397726389504592515273009631000424191
e = 65537
leaked_p =[45076, 36169, 27950, 3563, 58188, 12614, 34400, 51608, 49317, 7186, 29518, 8535, 56393, 40272, 39843, 23648, 26140, 28698, 15925, 38759, 40734, 63262, 38472, 32529, 47175, 21167, 7210, 186, 18613, 17886, 16089, 4581, 28636, 51482, 52145, 4195, 44626, 58924, 1648, 16919, 40502, 35057, 34613, 64918, 11281, 41851, 14937, 53613, 7916, 58724, 35363, 19206, 46857, 10047, 18314, 31238, 15372, 64765, 14671, 16685, 16685, 16698, 34390, 41472]

Jadi, intinya adalah sebagai berikut:

  • p terdiri dari 1024 digit dalam binary

  • 81 digit terakhir dari p dihapus dengan bitwise shift

  • tapi, 37 digit terakhirnya di-preserve/tetap ada

  • jadi, sekarang di tengah ada (81-37 = 44) digit yang berupa "0000..."

  • pembagiannya kira2 seperti berikut

    • [943][44][37]

    • yang depan diketahui, yang tengah tidak diketahui, yang belakang diketahui

Kita bisa me-recover nilai p dengan me-reverse fungsi encrypt() dan memasukkan nilai leaked_p. Tapi, andaikan sudah kita balik pun, nilai p tersebut bukanlah nilai p asli, melainkan nilai p yang 44 digit-nya hilang. Oleh karena itu, tugas kita adalah me-recover p asli dari p yang nilai bit-nya hilang tersebut.

Sebelum itu, kita cari tahu dulu nilai p yang nilai bit-nya hilang (setelahnya akan saya sebut sebagai p_new) dengan membalikkan fungsi encrypt(). Apabila kita membaca cara kerja fungsinya, tampak bahwa key-nya di-random lalu di-xor-kan dengan chunk2 dari nilai p_new yang masing2 terdiri dari 16-bit. Mengingat ada 44 digit dari nilai p_new yang berupa "0000...", maka setidaknya ada 2 chunk yang hasil pada leaked_p-nya merupakan key nya itu sendiri. Dan benar saya, di leaked_p, kita menemukan dua chunk beruntun yang memiliki nilai sama. Kemungkinan besar ini adalah key-nya.

Berikut adalah kode untuk mendapatkan nilai p_new.

Nah sekarang, kita akan me-recover nilai p asli dari p_new.

Last updated 1 year ago

🚩
🇮🇩
key found