-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathtask5.html
67 lines (60 loc) · 4.26 KB
/
task5.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
<html>
<head>
<!-- jQuery -->
<script src="/static/js/jquery.min.js"></script>
<!-- jQuery UI -->
<link rel="stylesheet" href="//code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css">
<script src="//code.jquery.com/jquery-1.10.2.js"></script>
<script src="//code.jquery.com/ui/1.11.4/jquery-ui.js"></script>
<!-- Bootstrap assets -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap-theme.min.css">
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js"></script>
<!-- JavaScript assets -->
<script src="/static/js/jquery.terminal-0.8.8.min.js"></script>
<script src="/static/js/vex.combined.min.js"></script>
<!-- CSS assets -->
<link href="/static/css/jquery.terminal.css" rel="stylesheet">
<link href="/static/css/style.css" rel="stylesheet">
<link href="/static/css/vex.css" rel="stylesheet">
<link href="/static/css/vex-theme-plain.css" rel="stylesheet">
<script>vex.defaultOptions.className = 'vex-theme-plain';</script>
<!-- Meta-information -->
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="An interactive CTF tracing the history of RSA vulnerabilities.">
<meta name="author" content="">
<!-- Page styling -->
<title>Historical CTF - Task 5</title>
<link rel="icon" href="/static/img/favicon.ico">
</head>
<body style="color:#000">
<div id="terminal">
Welcome to the fifth challenge. We're done with servers—it's time to crack into some hardware.<br><br>
---<br><br>
Using the information provided by Swissco, the FBI was able to raid one of Badguy's old hideouts. Inside, they found an encrypted hard drive. It's your job to decrypt it.<br><br>
On a separate drive, the FBI found a set of binaries that Badguy had used to encrypt and decrypt information. The drive was damaged, so only a few functions still work, and the code itself is too obfuscated for us to read. We're providing you with the <a target="_blank" href="/static/scripts/task5/decrypt.pyc">most important binary</a>.<br><br>
Why is it important? Well, FBI cryptanalysts have determined that Badguy's decryption function was using a <span class="highlight">square and multiply</span> algorithm. This function is exported on the binary, with the following signature:<br><br>
<span style="color: purple">def</span> <span style="color: cyan">square_and_multiply</span>(<span style="color: yellow">m</span>, <span style="color: yellow">n</span>, <span style="color: yellow">idx</span>):<br>
<span style="color: green">"""</span><br>
<span style="color: green">Run the square and multiply algorithm for value `m` and modulus `n` up to key bit index `idx`</span><br>
<span style="color: green">"""</span><br>
...<br>
<br>
They also determined that Badguy was using a public modulus <b>N</b> of <span class="highlight">773978585664881</span>, and that his private key consisted of <span class="highlight">62</span> bits.<br><br>
Because this challenge is a little more difficult, we're just going to say it: you need to look into using a <span class="highlight">timing attack</span>, based on the square and multiply algorithm, to crack the private key. We're also providing a <a target="_blank" href="/static/scripts/task5/skeleton.py">skeleton</a> and <a target="_blank" href="/static/scripts/task5/util.py">utility file</a> right off-the-bat.<br><br>
<span class="highlight">Note:</span> When you're ready, run the <b>decrypt {key}</b> command with the cracked key, expressed in decimal.
</div>
<div class="help-buttons">
<span class="glyphicon glyphicon-question-sign help-button"></span>
<span class="glyphicon glyphicon-question-sign help-button"></span>
<span class="glyphicon glyphicon-question-sign help-button"></span>
<span class="glyphicon glyphicon-question-sign help-button"></span>
<span class="glyphicon glyphicon-question-sign help-button"></span>
</div>
<script>window.task = 5;</script>
<script src="/static/js/setup-task.js"></script>
<script src="/static/js/setup-task5.js"></script>
<script src="/static/js/setup-hints.js"></script>
</body>