SIGINT 2013 Crypto 200 Rsa

http://slipper.tk/writeup/2013/07/10/sigint-2013-crypto-rsa/

SIGINT2013 crypto200 rsa

Description

Cryptography is difficult
authorized_keys
ssh to challenge@188.40.147.109

genrsa.py

authorized_keys

challenge@188.40.147.109的ssh密钥是用genrsa.py生成的。

SEED = int(time())
def randfunc(n):
    def rand():
        global SEED
        ret = SEED*0x1333370023004200babe004141414100e9a1192355de965ab8cc1239cf015a4e35 + 1
        SEED = ret
        return (ret >> 0x10) & 0x7fff
    ret = ""
    while len(ret)  id_rsa.pub && rm pub")`显然非常慢。更好的办法是从公钥中解出N,每次比较生成的N是否相同。

RSAPublicKey的结构:

  • The key type
  • A chunk of PEM-encoded data
  • A comment

PEM是Privacy Enhanced Mail的缩写。
对于ssh密钥,PEM是由一些小数据块(big-endian)组成的。每一块前面是数据长度,后面就是数据。

def b2i(s):
        ret = 0L
        for i in s:
                ret = (ret <> 0x10) & 0xff
    ret = ""
    while len(ret) < n:
        ret += chr(rand())
    return ret

def guess(x):
        global seed
        seed = x
        keypair = RSA.generate(1024, randfunc)
        if  getattr(keypair, 'n') != N :
            return False
        print getattr(keypair, 'n'), x
        return True

if __name__ == '__main__':
    #now = 1373041808
    now = 1373038672    #answer
    while (not guess(now)):
            now -= 1
            print now

my.py

SIGINT_some_people_pay_100_euro_for_this
flag