This repository was archived by the owner on Mar 24, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 263
/
Copy pathexploit.py
47 lines (42 loc) · 1.42 KB
/
exploit.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
from Crypto.Util.number import *
from pwn import *
def _encrypt(message):
r.recvuntil("choice: ")
r.sendline("1")
r.recvuntil("encrypt (in hex): ")
r.sendline(message.encode("hex"))
ct = r.recvline().strip()[37:].decode("hex")
r.recvline()
r.recvline()
return ct
def extractmod_eknown(_encrypt, e, limit=4):
"""
Reference: https://crypto.stackexchange.com/questions/43583/deduce-modulus-n-from-public-exponent-and-encrypted-data
Function to extract the value of modulus, given value of public key exponent
:input parameters:
_encrypt : <type 'function'> : Function interacting with the server for encryption
e : <type 'int' or 'long'> : Public Key exponent
limit : <type 'int'> : number of values to be sent for encryption
"""
try:
assert limit <= 4
except AssertionError:
print "[+] Limit too big!"
return -1
try:
m_list = [2, 3, 5, 7]
mod_list = [(bytes_to_long(_encrypt(long_to_bytes(m_list[i])))) - (m_list[i]**e) for i in range(limit)]
_GCD = mod_list[0]
for i in range(limit):
_GCD = GCD(_GCD, mod_list[i])
return _GCD
except Exception as e:
print "[+] Exception: ", e
r = process("./run.sh")
N = extractmod_eknown(_encrypt, 65537, 4)
print "N: ", N
assert N != -1
r.sendline("2")
r.recvuntil("modulus: ")
r.sendline(str(N))
print r.recvline().strip()