dc2019q - ASRybaB
This was a jeopardy challenge, part of dc2019q. (CTFtime)
Points: 201
Was solved by:
14
teams
You may spawn the server:
On your laptop
- Install docker
docker pull archiveooo/pub:ASRybaB(docker-saved download)docker run -d --name asrybab archiveooo/pub:ASRybaB- Local IP:
docker inspect asrybab -f '{{ .NetworkSettings.Networks.bridge.IPAddress }}' - Connect to that IP:1280 —
Remember to
docker rm -fwhen done.
Hosted by OOO
Right now we're asking players to login first.Description
Just RSA
This challenge requires very minor bruteforcing, which if properly parallelized shouldn't take more than 15 minutes.
That's less than $1 on Amazon (for instance) -- in general, an amount we considered fair.
If it looks like you have to bruteforce for many hours... you're missing some step :)
Hints
Hint 1
Could you decompile the python code? What's stopping you?Hint 2
Try adding the correct header and using a decompiler like uncompyle6 -- there's some opcode stopping it, can you remove it?Hint 3
All STOP_CODE occurrences are in dead code. Just remove them and decompile.Hint 4
What properties does the key have? Is it close to a known attack?Hint 5
Read up on the Boneh-Durfee attack (https://github.com/mimoo/RSA-and-LLL-attacks/raw/master/survey_final.pdf) -- it's not immediately applicable but it's closeHint 6
Try rewriting the paper equations' using what you know of the key's factors.Hint 7
It's a different modulus than the plain paper...Hint 8
If you've done things right, "375 computations" will make sense to you.If you wish, you can contribute more.
There's an author-recommended writeup.