Tags: crypto rsa
Rating: 3.7
Exploit:
```
import re
import random
from pwn import *
from Crypto.Util.number import bytes_to_long
from primefac import primefac
from hashlib import sha1
s = remote('rsaos-774c47ae.challenges.bsidessf.net', 9999)
s.sendlineafter('> ', 'debug enable')
def foldhash(x):
h = sha1(x).digest()
return bytes_to_long(xor(h[:10], h[10:]))
def get_publickey():
s.sendlineafter('> ', 'get-publickey')
s.recvuntil('N: ')
N = int(s.recvline().strip(), 16)
s.recvuntil('E: ')
e = int(s.recvline().strip(), 16)
return (N, e)
def get_sig(cmd):
s.sendlineafter('> ', cmd)
r = re.search(r'CRC-32\(0x([a-f0-9]+)\) SIG\(0x([a-f0-9]+)\)', s.recvline())
return map(lambda x: int(x, 16), r.groups())
# https://github.com/resilar/crchack
def find_cmd_crc(crc):
while True:
open('/tmp/cmd','w').write('echo {}'.format(random.randint(0, 10000)))
cmd = subprocess.check_output(['./crchack/crchack', '/tmp/cmd', hex(crc)])
if cmd.find('\x0a') == -1:
break
return cmd
def find_cmd_fac(name):
while True:
arg = random.randint(0, 10000)
cmd = '{} {}'.format(name, arg)
factors = list(primefac(foldhash(cmd)))
if all(x < 2 ** 32 for x in factors):
break
return (cmd, factors)
N, e = get_publickey()
priv_cmd, factors = find_cmd_fac('get-flag')
print 'Privileged cmd:', priv_cmd
print 'Foldhash: ', hex(foldhash(priv_cmd))
print 'Foldhash factors:', map(hex, factors)
t = 1
for fac in factors:
cmd = find_cmd_crc(fac)
crc, sig = get_sig(cmd)
t *= sig
print 'Cmd = {} (crc32: 0x{:x})'.format(repr(cmd), crc)
s.sendline(priv_cmd)
s.sendlineafter('RSA(FoldHash) sig: ', hex(t % N))
print s.recv()
```
Example output:
```
Privileged cmd: get-flag 8194
Foldhash: 0x6e50d9ae8bc384c626c3
Foldhash factors: ['0xb', '0xad', '0x107', '0x88a5', '0x8d5b', '0x3102f39d']
Cmd = 'echo 5123\x15~Y(' (crc32: 0xb)
Cmd = 'echo 628a\xdcE\xf7' (crc32: 0xad)
Cmd = 'echo 6584\xef\xab\xba%' (crc32: 0x107)
Cmd = 'echo 7969\x99tK\xee' (crc32: 0x88a5)
Cmd = 'echo 9777~\x83\xa1y' (crc32: 0x8d5b)
Cmd = 'echo 8141\x98\xa8\x86b' (crc32: 0x3102f39d)
The flag is: CTF{ugh_math_is_so_hard}
```