Tags: crypto rsa 

Rating:

It's a basic RSA challenge, where we have in the data.txt the following informations:
* The public key.
* The encrypted flag.

N = 2095975199372471
e = 5449
gigem{ 875597732337885 1079270043421597 616489707580218 2010079518477891 1620280754358135 616660320758264 86492804386481 171830236437002 1500250422231406 234060757406619 1461569132566245 897825842938043 2010079518477891 234060757406619 1620280754358135 2010079518477891 966944159095310 1669094464917286 1532683993596672 171830236437002 1461569132566245 2010079518477891 221195854354967 1500250422231406 234060757406619 355168739080744 616660320758264 1620280754358135 }

we factorize N using factordb.com and we find :
p = 21094081
q = 99363191
which give us access to the private key, as shown in the exploit code.

```
#exploit code
from Cryptodome.Util.number import *

N = 2095975199372471
e = 5449

p = 21094081
q = 99363191

phi =(p-1)*(q-1)

d =inverse(e,phi)
m = "875597732337885 1079270043421597 616489707580218 2010079518477891 1620280754358135 616660320758264 86492804386481 171830236437002 1500250422231406 234060757406619 1461569132566245 897825842938043 2010079518477891 234060757406619 1620280754358135 2010079518477891 966944159095310 1669094464917286 1532683993596672 171830236437002 1461569132566245 2010079518477891 221195854354967 1500250422231406 234060757406619 355168739080744 616660320758264 1620280754358135"
res = []
for i in m.split():
c= int(i)
m = pow(c,d,N)
print(long_to_bytes(m))
res.append(str(long_to_bytes(m))[2:-1])
print(''.join(res))
#output: RSA_s3cur1ty_1s_4b0ut_pr1m3s
```