Grehack ctf 2015 – cyberTockardnautes (crypto) – Write-Up

cyberTockardnautes (crypto 200)

Category: crypto Points: 200 Solves: 2
Author : brazzers
Description: The fouineurs from the NSA have just retrieved two public keys from the Tockard infrastructure and an encrypted password. These publics keys seem to belong to Tockard1 and Tockard2 but according to a reliable source, the IT engineer from Rajja learned cryptography with the help of a real famous cryptographer from Laval.
Attachment: cry200.zip

Information sur les clefs :

<sam@sam-ecl:~/grehack/crypto>
zsh 7500 % openssl rsa -inform PEM -pubin -in 1.pem -text -noout
Public-Key: (4097 bit)
[...]
<sam@sam-ecl:~/grehack/crypto>
zsh 7501 % openssl rsa -inform PEM -pubin -in 2.pem -text -noout
Public-Key: (4097 bit)
[...]

Extraction des données des clefs :

<sam@sam-ecl:~/grehack/crypto>
zsh 7502 % grep -v -- ----- 1.pem | tr -d '\n' | base64 -d | openssl asn1parse -inform DER -i -strparse 19
    0:d=0  hl=4 l= 522 cons: SEQUENCE          
    4:d=1  hl=4 l= 513 prim:  INTEGER           :0158811BCBF44AEB3482551AAD2261205C97A330F3ECBA31B23CCE7415E5DEF7099B2186684B36A2F45FE24B4A29DCEA579255136BB69656F2260B91F3375D5406C2107944B4C35F7DB76330B979BEEE4F912EBDD0A97CA59385F6FD02BD314A737E5BAE25D44772032A2664C0632B59C1B1C6205DFD107E1B51646E85B676EFB1BB84A75C9BC131B85DC7054C3A966002F1B8890A35308AEC784659FD66300055F6C1645EEF47CCA5F36D5A698D729CCE62041B1C517A607548B4522A02EA6A33765B48CE080674FA959C43C8FEF7A1E08AF492364F2DBE129A5043A308E31C64273615E3931731FC3FBE3B37ACE2C22CDEF52BC197E7A68C698E5909EC41FD8100DEE779531A017AE414CBAA163C94B9DC55328F647C3022D0E1F47877725BD561BEC38BDD10E4B3FB3EFAB27F94C0F84BA72F30A0E95154FA5DFFEBE5A2352D9B4D999BCA89AEECAF1032C9319C13DFEBC9F3DD7F721A790EC3E9768D480C57FD39AE575468E84FF3A6A99F33A1D9AE9F6D82D93218CF755C5DAD961D3E663FD6A523A10FB448B94F6E100A2A59C2B4346E5EEA6644D50797F52C6A36BAD93769DE11CCBB7EDA035E9142C0D6DD3DBD45A67C9577F15634CB16C8643BD882A413718739868CAB9A6E50DF7876B0FA5DEF5C61DFDA2597B0EA4412C1C18F94EA46418E2C13B3FB2687C1EB358F32320173F479BE4B8FFED425D63441FA2D0785
  521:d=1  hl=2 l=   3 prim:  INTEGER           :010001
<sam@sam-ecl:~/grehack/crypto>
zsh 7503 % grep -v -- ----- 2.pem | tr -d '\n' | base64 -d | openssl asn1parse -inform DER -i -strparse 19
    0:d=0  hl=4 l= 522 cons: SEQUENCE          
    4:d=1  hl=4 l= 513 prim:  INTEGER           :0178B507CF7B7C1A702500E49FA08DE341D7722C1D4316A30C410F0A5889A408CBEC239A5115A668B2C5F0DF7E346A8FDF071395C3816D9D25BCEAFC52201753AFF4852FB13F074508422FFBCAF3078E7816D491D32398C066AA85B4AE15625B338EC23D13A07EBEFD3C18210C5F8B5D7377AD791500F2CE9F01E5D83EA880BA1B722A7D3B1187A77ECBD8A7874061BC40EE758D4E06D7AFD53F9F09768EAEF2B5A644323CEDAF5AFA909ABD3F0F5D5A8FEE20FFBF9B57122D611F544EE620B25F1153662D9E9FA5AB2B7B163C213F539412DC249CD7F269E8F96F942985A0A54881A8FF3682D10E5B404C154354BF3BF6AAD9366C8AB577C8896C46AD864F1B9C9FBE093220C5CB587786963C337A946B1272643AD3DC98B0A7FC8B8888645CB8BEA076FB948B8BA8D2F335CD3A4371E36D4A848C88169385A0051E853D4DF248C527B840D70089593A2524ED493F8903D9A8EC9B5D55D7CAD44C8E5FCB86AA269BFB7582127CF961F13F00B25BD55C93FA7FEFD9279E0C3E012F513415CF2A18E8E8D9C3B35A8C86184F3DB7CF79EB5DF02FEF68A250A6E05EA87571A9997A559B5A593CA10A55088309FE7FC44919440CE3991866A559C8297D317D3223CE8ABE842B2CB1C01603E0E96040D3048016CC0C470C6F7E4E46BA8B2FF5AE6CA0EA000906BD0CE12C2D499C3C42E22239921FC70FB787FAB5C0E968E0F4FC3631FB
  521:d=1  hl=2 l=   3 prim:  INTEGER           :010001

On a 2 clefs publics RSA avec le même exposant et des modulos différents. Avec la taille de ces clefs et la valeur de l’exposant, on se doute qu’on ne va pas factoriser ces clefs facilement. Ma 1ere idée est d’essayer de tester si les 2 modulus ont un diviseur commun.
C’est très facile de tester ça avec le logiciel sage qui a une fonction gcd (great common divisor) dédiée à cette opération.

<sam@sam-ecl:~/grehack/crypto>
zsh 7504 % sage
┌────────────────────────────────────────────────────────────────────┐
│ SageMath Version 6.9, Release Date: 2015-10-10                     │
│ Type "notebook()" for the browser-based notebook interface.        │
│ Type "help()" for help.                                            │
└────────────────────────────────────────────────────────────────────┘
sage: n1=0x0158811BCBF44AEB3482551AAD2261205C97A330F3ECBA31B23CCE7415E5DEF7099B2186684B36A2F45FE24B4A29DCEA579255136BB69656F2260B91F3375D5406C2107944B4C35F7DB76330B979BEEE4F912EBDD0A97CA59385F6FD02BD314A737E5BAE25D44772032A2664C0632B59C1B1C6205DFD107E1B51646E85B676EFB1BB84A75C9BC131B85DC7054C3A966002F1B8890A35308AEC784659FD66300055F6C1645EEF47CCA5F36D5A698D729CCE62041B1C517A607548B4522A02EA6A33765B48CE080674FA959C43C8FEF7A1E08AF492364F2DBE129A5043A308E31C64273615E3931731FC3FBE3B37ACE2C22CDEF52BC197E7A68C698E5909EC41FD8100DEE779531A017AE414CBAA163C94B9DC55328F647C3022D0E1F47877725BD561BEC38BDD10E4B3FB3EFAB27F94C0F84BA72F30A0E95154FA5DFFEBE5A2352D9B4D999BCA89AEECAF1032C9319C13DFEBC9F3DD7F721A790EC3E9768D480C57FD39AE575468E84FF3A6A99F33A1D9AE9F6D82D93218CF755C5DAD961D3E663FD6A523A10FB448B94F6E100A2A59C2B4346E5EEA6644D50797F52C6A36BAD93769DE11CCBB7EDA035E9142C0D6DD3DBD45A67C9577F15634CB16C8643BD882A413718739868CAB9A6E50DF7876B0FA5DEF5C61DFDA2597B0EA4412C1C18F94EA46418E2C13B3FB2687C1EB358F32320173F479BE4B8FFED425D63441FA2D0785
sage: n2=0x0178B507CF7B7C1A702500E49FA08DE341D7722C1D4316A30C410F0A5889A408CBEC239A5115A668B2C5F0DF7E346A8FDF071395C3816D9D25BCEAFC52201753AFF4852FB13F074508422FFBCAF3078E7816D491D32398C066AA85B4AE15625B338EC23D13A07EBEFD3C18210C5F8B5D7377AD791500F2CE9F01E5D83EA880BA1B722A7D3B1187A77ECBD8A7874061BC40EE758D4E06D7AFD53F9F09768EAEF2B5A644323CEDAF5AFA909ABD3F0F5D5A8FEE20FFBF9B57122D611F544EE620B25F1153662D9E9FA5AB2B7B163C213F539412DC249CD7F269E8F96F942985A0A54881A8FF3682D10E5B404C154354BF3BF6AAD9366C8AB577C8896C46AD864F1B9C9FBE093220C5CB587786963C337A946B1272643AD3DC98B0A7FC8B8888645CB8BEA076FB948B8BA8D2F335CD3A4371E36D4A848C88169385A0051E853D4DF248C527B840D70089593A2524ED493F8903D9A8EC9B5D55D7CAD44C8E5FCB86AA269BFB7582127CF961F13F00B25BD55C93FA7FEFD9279E0C3E012F513415CF2A18E8E8D9C3B35A8C86184F3DB7CF79EB5DF02FEF68A250A6E05EA87571A9997A559B5A593CA10A55088309FE7FC44919440CE3991866A559C8297D317D3223CE8ABE842B2CB1C01603E0E96040D3048016CC0C470C6F7E4E46BA8B2FF5AE6CA0EA000906BD0CE12C2D499C3C42E22239921FC70FB787FAB5C0E968E0F4FC3631FB
sage: e=65537
sage: gcd(n1,n2)
36511974694593690272644354864534934200522045623187752384823594729275730789191680514905027084950729514148679507005058047146031869995768765034876499069680202424692876360895377987654388335335689563844006584610187090074654410815638237841872991488680663410743679302763304922852173164820002226109196761249018548478251723505481964749218302723593776180246783117481280725673997940309717028451914887375722437833384305529884261542397905220138488012276363046571670926597766521674838665982314321651508118240682649024780239598188845543243957916954287138820155843952556411235376764737602711594439293285811102883736229645274092478611
sage: p=gcd(n1,n2)
sage: p
36511974694593690272644354864534934200522045623187752384823594729275730789191680514905027084950729514148679507005058047146031869995768765034876499069680202424692876360895377987654388335335689563844006584610187090074654410815638237841872991488680663410743679302763304922852173164820002226109196761249018548478251723505481964749218302723593776180246783117481280725673997940309717028451914887375722437833384305529884261542397905220138488012276363046571670926597766521674838665982314321651508118240682649024780239598188845543243957916954287138820155843952556411235376764737602711594439293285811102883736229645274092478611
sage: q1=n1/p
sage: q2=n2/p
sage: q1
38492989208467345990841171753299063868473387929533630506068435311280306352128400643611322064737880323742130776460597506552042548544500433588514649369203134850637252490951332142313820316417797066615432377896790010034619874824736276538937146070748207284058401593818518381417200352959271546509971811054986250097102133767581039942371469508312719898354112760634502854230048573930691038225321092443193061885651566378155971395423095045214203607869622732110904089170747219981492056643535491305470777439444536610633418857728085199437237778413599165173614621477633795742452575049383975567427342220924344320768474118423573560967
sage: q2
42091152409066830097888658742268221426224649211410639173023658930508777228256752945594567040170361830088714104849710924133812290358713396449360742582056122486102832859539855322365588222081386091517143062662442944216296428781825465606812897056738704009016979204469110902614677177105065187767324877068304842418407680732794871488981181989625204055488387277612279128708163791570478728587129653843381851103537692801728646983437723356475538367075409368450286101677215031312499575842300892014383940657162156466646761964203479130110291724739465446147865258134055126442035710562774070373684762586322185197608437835369408713209
sage: n1
1405455047898827740601006407021150296528909540585121562589198449328218001225629686983792772541888537155044378244210689354548955262100293119596991029131482663677746780367170205455335004374126148925378320933009615607453603513225795133835429979078060753792655889467862517259336039567601271145650104894018988850999145240209913202961689191909064159128836497858763935559284599398929323345712734680121822215491459016972886662226074883181573318554458498606613651103013451173080463035466390004673614917869214148267833156247978656894719759671402802392357265806814372240833280538028745324171218173439276322620866751083968569792089323417700727899283538611306368397552298662070026985059152462486451121108147945864732050327267485968951733500201020385738040351520444271695179889200261334840316617883334955182418284149699551952650903441820386831185385161343684056382744050008735663588547157445387692747417002410174613096634382275934290599252757705014372370386331855300203726195321995346819169449213229408581911203220004832264128760395194678471712201456749651066777841770422772382633988959515430296693112207616126805062452052630756426442452599875800562863827372270736334965097675800013051366067392650711300512521008046846017805670240684012532551976837
sage: n2
1536831091626134344438562231262955999946747271027592454085080144975668680116633974319738838314902671476361252000779278994694659331506514289825134202998923512208559837631294865714096366262625651641224815256023747612527195574981227458782225722378872877726156517419049543333249517100953017829975150178811183051072420620920351512550441692883372916625292779222549959972827892990998074974011820708412769448585824233964010823527283596363758019335173298785567326907562869725831298384056166394854331945427092768780512408697309431195959298622391255021501620353297671404338080932330645769264634941456038882152334719430726109338429569337547704428005985982750015052443048433495064870200257365769414378785715253560971149171681438084191571439495195259219781689240323356859973420344882465167137033865632910444012905831594139665120851209803580111064330410313979952241963117076560493364598715028110591528077312715775397005038663520201729983592950907518633046810236034766654347443064135657482229428611935898108129337877416106235893772898887514558518410336608404740719016898181126549445118952269233850039884416238819750863431709956544730721450588873256178564213332283660727537669708142035616276318637554028394450781252902822999858076881677813954865672699
sage: 

Nous avons tout ce qu’il nous faut pour générer les 2 clefs privées. Pour cela nous allons utiliser rsatool.py.

1ère clef privée avec n1,p,q1,e :

<sam@sam-ecl:~/grehack/crypto>
zsh 7505 % python /home/sam/rsatool.py -n 1405455047898827740601006407021150296528909540585121562589198449328218001225629686983792772541888537155044378244210689354548955262100293119596991029131482663677746780367170205455335004374126148925378320933009615607453603513225795133835429979078060753792655889467862517259336039567601271145650104894018988850999145240209913202961689191909064159128836497858763935559284599398929323345712734680121822215491459016972886662226074883181573318554458498606613651103013451173080463035466390004673614917869214148267833156247978656894719759671402802392357265806814372240833280538028745324171218173439276322620866751083968569792089323417700727899283538611306368397552298662070026985059152462486451121108147945864732050327267485968951733500201020385738040351520444271695179889200261334840316617883334955182418284149699551952650903441820386831185385161343684056382744050008735663588547157445387692747417002410174613096634382275934290599252757705014372370386331855300203726195321995346819169449213229408581911203220004832264128760395194678471712201456749651066777841770422772382633988959515430296693112207616126805062452052630756426442452599875800562863827372270736334965097675800013051366067392650711300512521008046846017805670240684012532551976837 -p 36511974694593690272644354864534934200522045623187752384823594729275730789191680514905027084950729514148679507005058047146031869995768765034876499069680202424692876360895377987654388335335689563844006584610187090074654410815638237841872991488680663410743679302763304922852173164820002226109196761249018548478251723505481964749218302723593776180246783117481280725673997940309717028451914887375722437833384305529884261542397905220138488012276363046571670926597766521674838665982314321651508118240682649024780239598188845543243957916954287138820155843952556411235376764737602711594439293285811102883736229645274092478611 -q 38492989208467345990841171753299063868473387929533630506068435311280306352128400643611322064737880323742130776460597506552042548544500433588514649369203134850637252490951332142313820316417797066615432377896790010034619874824736276538937146070748207284058401593818518381417200352959271546509971811054986250097102133767581039942371469508312719898354112760634502854230048573930691038225321092443193061885651566378155971395423095045214203607869622732110904089170747219981492056643535491305470777439444536610633418857728085199437237778413599165173614621477633795742452575049383975567427342220924344320768474118423573560967 -e 65537 -o privkey1.pem
Using (p, q) to initialise RSA instance

n =
158811bcbf44aeb3482551aad2261205c97a330f3ecba31b23cce7415e5def7099b2186684b36a2f
45fe24b4a29dcea579255136bb69656f2260b91f3375d5406c2107944b4c35f7db76330b979beee4
f912ebdd0a97ca59385f6fd02bd314a737e5bae25d44772032a2664c0632b59c1b1c6205dfd107e1
b51646e85b676efb1bb84a75c9bc131b85dc7054c3a966002f1b8890a35308aec784659fd6630005
5f6c1645eef47cca5f36d5a698d729cce62041b1c517a607548b4522a02ea6a33765b48ce080674f
a959c43c8fef7a1e08af492364f2dbe129a5043a308e31c64273615e3931731fc3fbe3b37ace2c22
cdef52bc197e7a68c698e5909ec41fd8100dee779531a017ae414cbaa163c94b9dc55328f647c302
2d0e1f47877725bd561bec38bdd10e4b3fb3efab27f94c0f84ba72f30a0e95154fa5dffebe5a2352
d9b4d999bca89aeecaf1032c9319c13dfebc9f3dd7f721a790ec3e9768d480c57fd39ae575468e84
ff3a6a99f33a1d9ae9f6d82d93218cf755c5dad961d3e663fd6a523a10fb448b94f6e100a2a59c2b
4346e5eea6644d50797f52c6a36bad93769de11ccbb7eda035e9142c0d6dd3dbd45a67c9577f1563
4cb16c8643bd882a413718739868cab9a6e50df7876b0fa5def5c61dfda2597b0ea4412c1c18f94e
a46418e2c13b3fb2687c1eb358f32320173f479be4b8ffed425d63441fa2d0785

e = 65537 (0x10001)

d =
1067c28bfb77cb5c52660cd98890f53e6f8aaa08bda1cebec9024059301b866a56d0b982b32d3884
9861d179c84550c4079005571c686b9ec7a4c6a81d3f74a24740cb53942397232895e0c2be5b5324
271ae1976390cfde36f390701e540ff270c69b240a483633d420a4acdc341ae7bc485def77defe90
5cb782835bd16d5fea78fa52d0c87a0e8869b3350277b97dfe668e21163017f783913f150ff61278
0582875df57956f3a2a457193e6f022c5a52cd7b335e97641268a2de8509c671a9add669584cbd6a
96f00c72d080789d15a4e8a70d2d75971371e5cca85e4f526e2317570160ca04b400e23748247ac0
72041d17b09d0b8b7575ddc3d91439e6fbd939ef0cb27f13d7567d14f8cdcf28b84eebbfeaca5f9e
53a96c90ee0c45abca5a8977d7319994f94faef3e6ed52e7663cc22346605631680d7b43b52cde22
d6869c32e1e673f21c050671dc223c6416d3d379eab4871e46424e9660c136996f8989d8ca15b238
d4201d274835f229987be56a3bc7d06f3247dd8478c0e723ae96e19b03cab273478ef19b45bb4cf6
0774f51ffa26369f7b82cedb92cfd1be2a3656236c26a56a2eef5e482e3925b5ad91c43706768806
9dfe35d0a1fa64260d784c89c0d9257f0d1c4242e3f6658a36d7897ae8fe89f61a27742999f471f3
79565c47237a0f7daf406c1f7cc6bda98ffe4b273090eb6217c69c7b2a88bf9e9

p =
1213b057d6fdebc4527b5b7421ac1e93ccffea76c4f0874991cf3facf0eab9ef646a21839820b4d6
53a916b68f258e9d3f7c2ba054e4af05f3e4d61b3de772d2ad2338b0eae6ea08f2076e4e4b08ab20
920fa6885e6c44dec1bee28a87653c74bcb9e9f1294de8a48bd614652a3d659dfce7b8944610f25b
faf936e9a54167c4d227d16d32e65ea458b69d60decd7fa034c1b3bd862717164e7785eb06dcc5b8
8baa262e43120e54665c0cbcb3ead51b0a00819b4e91d4872d3fbe7724e03ab71bcaf8bb84c74dec
96aadfcb18653a8f05393d666069923bc7b9b31363d6d6d9b459f46db5baf96f8404aaf1a831f0db
8aad7d93a4256e8156b2b70757a012093

q =
130ec578200dc4792400a6ee059026621943f5322a11cb541adf6430c4b96a41805709e890b7d73e
807ffb85b20385b996957125a6a82b042e490b85ecfd2d5ea6e2d7d479d0c115d5833fb548f013db
84d01bdbfc72707e22cff20e5708d65d0e2e97519ab207c11a9a0c678339e10e458cb830f716b6c4
a45a50831179871e728f5a34dca86a178a2a9f8bc0e603014c5ff3c61a6f43ffd085623579a886c3
b6d9ee35ffdaed1fb8003604e2761b55f129e4a88286950bb59a536f1adedee4d6de44264b89e9b1
4b3049f70ad972877690c7d35117952d066f1c7383a30fce5784e652c7641520aecf2f4371bedb36
b566596e399fbd400f6d6ab7ee691fe87

Saving PEM as privkey1.pem

2ème clef privée avec n2,p,q2,e

<sam@sam-ecl:~/grehack/crypto>
zsh 7506 % python /home/sam/rsatool.py -n 1536831091626134344438562231262955999946747271027592454085080144975668680116633974319738838314902671476361252000779278994694659331506514289825134202998923512208559837631294865714096366262625651641224815256023747612527195574981227458782225722378872877726156517419049543333249517100953017829975150178811183051072420620920351512550441692883372916625292779222549959972827892990998074974011820708412769448585824233964010823527283596363758019335173298785567326907562869725831298384056166394854331945427092768780512408697309431195959298622391255021501620353297671404338080932330645769264634941456038882152334719430726109338429569337547704428005985982750015052443048433495064870200257365769414378785715253560971149171681438084191571439495195259219781689240323356859973420344882465167137033865632910444012905831594139665120851209803580111064330410313979952241963117076560493364598715028110591528077312715775397005038663520201729983592950907518633046810236034766654347443064135657482229428611935898108129337877416106235893772898887514558518410336608404740719016898181126549445118952269233850039884416238819750863431709956544730721450588873256178564213332283660727537669708142035616276318637554028394450781252902822999858076881677813954865672699 -p 36511974694593690272644354864534934200522045623187752384823594729275730789191680514905027084950729514148679507005058047146031869995768765034876499069680202424692876360895377987654388335335689563844006584610187090074654410815638237841872991488680663410743679302763304922852173164820002226109196761249018548478251723505481964749218302723593776180246783117481280725673997940309717028451914887375722437833384305529884261542397905220138488012276363046571670926597766521674838665982314321651508118240682649024780239598188845543243957916954287138820155843952556411235376764737602711594439293285811102883736229645274092478611 -q 42091152409066830097888658742268221426224649211410639173023658930508777228256752945594567040170361830088714104849710924133812290358713396449360742582056122486102832859539855322365588222081386091517143062662442944216296428781825465606812897056738704009016979204469110902614677177105065187767324877068304842418407680732794871488981181989625204055488387277612279128708163791570478728587129653843381851103537692801728646983437723356475538367075409368450286101677215031312499575842300892014383940657162156466646761964203479130110291724739465446147865258134055126442035710562774070373684762586322185197608437835369408713209 -e 65537 -o privkey2.pem 
zsh: correct 'privkey2.pem' to 'privkey1.pem' [nyae]? n
Using (p, q) to initialise RSA instance

n =
178b507cf7b7c1a702500e49fa08de341d7722c1d4316a30c410f0a5889a408cbec239a5115a668b
2c5f0df7e346a8fdf071395c3816d9d25bceafc52201753aff4852fb13f074508422ffbcaf3078e7
816d491d32398c066aa85b4ae15625b338ec23d13a07ebefd3c18210c5f8b5d7377ad791500f2ce9
f01e5d83ea880ba1b722a7d3b1187a77ecbd8a7874061bc40ee758d4e06d7afd53f9f09768eaef2b
5a644323cedaf5afa909abd3f0f5d5a8fee20ffbf9b57122d611f544ee620b25f1153662d9e9fa5a
b2b7b163c213f539412dc249cd7f269e8f96f942985a0a54881a8ff3682d10e5b404c154354bf3bf
6aad9366c8ab577c8896c46ad864f1b9c9fbe093220c5cb587786963c337a946b1272643ad3dc98b
0a7fc8b8888645cb8bea076fb948b8ba8d2f335cd3a4371e36d4a848c88169385a0051e853d4df24
8c527b840d70089593a2524ed493f8903d9a8ec9b5d55d7cad44c8e5fcb86aa269bfb7582127cf96
1f13f00b25bd55c93fa7fefd9279e0c3e012f513415cf2a18e8e8d9c3b35a8c86184f3db7cf79eb5
df02fef68a250a6e05ea87571a9997a559b5a593ca10a55088309fe7fc44919440ce3991866a559c
8297d317d3223ce8abe842b2cb1c01603e0e96040d3048016cc0c470c6f7e4e46ba8b2ff5ae6ca0e
a000906bd0ce12c2d499c3c42e22239921fc70fb787fab5c0e968e0f4fc3631fb

e = 65537 (0x10001)

d =
12e77447f2eaa35dc2789f107ce753eaca61d711849beca49d38f0d028bf99e6a85ff0c2fe0cf4da
f85496359c5226ec467bd2cf9de5931dd9433a54717a74335bb8299099b0eee39b4532cbc06a8e19
6c0d60b0459c7936c9bac61a7895a00da83dca807b34d3172c926a29a79b8bfdf2f8fa4f1dd6217c
f0a4a0f7837f9abf4cf95181a2e781a5fafb314c87f443a507467047f4af531a46ac1fa6a2c24829
2a19e8e2be7b86db754163aaf8059b7966b6029992254262f3395612f3c8db24aacf1a6d028560d4
243d63fc325fadfd3bbd4f0bcd2933cc0a84f13cac71576c0a2031c701b575a4ca072b67bea76e5e
1a7ca626d826e34705b0f0a2cd7f37ab9328264030e338b95e8a246f855e6837d63bf16400b00ef9
05325b4ae3bb99a69cc76973c8f076f4b652df50c13dc112a0c23d29ed5241fd7b0170507df39253
d65369a54f5032767aae1fc0e172d5c34d82507d7cff8eccc5ee398eb432b0b3257792cdd904ce8a
669325f616cbdb1509ee6943abbc4d0f0883e58ba6d7ef8ccc32dbf23bd741b8d6ef40ba67b81b93
74a9878e658dec6ea104a60e16b84fd8c1094c0a25101a45234753e0f4de4160adfe22f0c68da308
29bd14c04d2ea28562afe4e7b24bf551fd76871b5033031a102afbf491759092ee56658923c69c3b
a5cadc538c712e258ff2d799ddc7a52533f9de0c5f6ce4d7b58319bcad8d820b1

p =
1213b057d6fdebc4527b5b7421ac1e93ccffea76c4f0874991cf3facf0eab9ef646a21839820b4d6
53a916b68f258e9d3f7c2ba054e4af05f3e4d61b3de772d2ad2338b0eae6ea08f2076e4e4b08ab20
920fa6885e6c44dec1bee28a87653c74bcb9e9f1294de8a48bd614652a3d659dfce7b8944610f25b
faf936e9a54167c4d227d16d32e65ea458b69d60decd7fa034c1b3bd862717164e7785eb06dcc5b8
8baa262e43120e54665c0cbcb3ead51b0a00819b4e91d4872d3fbe7724e03ab71bcaf8bb84c74dec
96aadfcb18653a8f05393d666069923bc7b9b31363d6d6d9b459f46db5baf96f8404aaf1a831f0db
8aad7d93a4256e8156b2b70757a012093

q =
14d6d185ffc6139713be5d4cd21554678a4d94c7f8169df5cf7bdc1e527f8aa9833d05e4e0f8b06f
d2e9edacd166c8c435f2e6d7183b810c9b942727dc27cfacde385a93b0e0a6aec7216b7528d8288b
5eb4fe82342d9a73a8c54c3fec789f2b177d3c7a3346113be09dceae9ab6173ff74d84dcd63ae022
9ea57339807501e8d899b32c5f5284687b3fd1e677a42235c7120510b2f09d9fb88fdd3f5abd6f63
b21d6541422762c852844d4e7ddfbda7ef7e5f02ce6a2ee2b96065b5dbb76d1ef055240f5c3995e0
b90d3d29c42a87f754321ccbeaed2e18957ce5a9b01f568128d2114f3eb77d1048de946c640f9a1c
c4d5a33986f6c81b479b73e74675551f9

Saving PEM as privkey2.pem

Reste plus qu’à tester de dechiffrer password.txt.enc avec openssl.

Tentative de déchiffrement avec la 1ère clef privée :

<sam@sam-ecl:~/grehack/crypto>
zsh 7507 % openssl rsautl -decrypt -inkey privkey1.pem -in password.txt.enc -out decrypt                      
RSA operation error
140335131014816:error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type is not 02:rsa_pk1.c:190:
140335131014816:error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed:rsa_eay.c:616:

Failed.

Tentative de déchiffrement avec la 2ème clef privée :

<sam@sam-ecl:~/grehack/crypto>
zsh 7508 [1] % openssl rsautl -decrypt -inkey privkey2.pem -in password.txt.enc -out decrypt
RSA operation error
140220432692896:error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type is not 02:rsa_pk1.c:190:
140220432692896:error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed:rsa_eay.c:616:

Failed.

Bon ça me paraît bizarre qu’aucune des 2 clefs privées ne permette de déchiffrer le fichier. Mais je peux tenter de déchiffrer avec une option disponible avec openssl et rsa : oaep (https://fr.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding)

Tentative de déchiffrement avec la 1ère clef privée et l’option oaep :

<sam@sam-ecl:~/grehack/crypto>
zsh 7509 [1] % openssl rsautl -oaep -decrypt -inkey privkey1.pem -in password.txt.enc -out decrypt1
RSA operation error
140387603150496:error:0407A079:rsa routines:RSA_padding_check_PKCS1_OAEP:oaep decoding error:rsa_oaep.c:181:
140387603150496:error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed:rsa_eay.c:616:

Failed.

Tentative de déchiffrement avec la 2ème clef privée et l’option oaep :

<sam@sam-ecl:~/grehack/crypto>
zsh 7510 [1] % openssl rsautl -oaep -decrypt -inkey privkey2.pem -in password.txt.enc -out decrypt2
<sam@sam-ecl:~/grehack/crypto>
zsh 7511 % cat decrypt2
G#R#3_H4_C_K_2015_CRYP_TO

Flag : G#R#3_H4_C_K_2015_CRYP_TO

Write-Up by sambecks

Leave a Comment

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *