CTFtime.org

Little e

by HuntClauss / WaletSec

Rating:

# Little e | Crypto

### Solution

From ctf we have got encrypted.txt file.

##### encrypted.txt
```txt
N: 17260541145579198891286838820507756585494408484294770862002805660577661138753926064444981930310528890773266098356882517290033235056654103412024620204547445159627671127518965960486480229617902782023368077819854820837387791591683428592246121552228695417314295153721144499366280389254552597040315734269703314601367296670296596449184388246232676724558126845148454433428619114310396032130452938580427564701080866025573039407415733982384144637567337164211240182263026767455207192185903776322079215198832973810587735067694801737731617941390472537291532113711292822595269219795255224521641891049508289784761579371125213474439
e: 3
ct: 1112413624683819960899152482895461211039349964898672381675850025556800617245120168928400758297834676330400246617472191750627367991315450127361583383350639760738254818244740474313061192563860605923503717
```

In this challenge we have to do something called **low public exponent attack**.

I started from searching python script for it, and I found one:
```py
import gmpy2

n = 17260541145579198891286838820507756585494408484294770862002805660577661138753926064444981930310528890773266098356882517290033235056654103412024620204547445159627671127518965960486480229617902782023368077819854820837387791591683428592246121552228695417314295153721144499366280389254552597040315734269703314601367296670296596449184388246232676724558126845148454433428619114310396032130452938580427564701080866025573039407415733982384144637567337164211240182263026767455207192185903776322079215198832973810587735067694801737731617941390472537291532113711292822595269219795255224521641891049508289784761579371125213474439
e = 3
ct = 1112413624683819960899152482895461211039349964898672381675850025556800617245120168928400758297834676330400246617472191750627367991315450127361583383350639760738254818244740474313061192563860605923503717

m, result = gmpy2.iroot(ct,e)

try:
flag = binascii.unhexlify(format(m, 'x')).decode()
except Exception as e:
flag = m

hexed = hex(flag)[2:]
print(hexed)
string = bytearray.fromhex(hexed).decode()
print(string)
```

### Flag

bcactf{R54_N0T_50_S3CUR3_33}

#### Credits

- Writeup by [HuntClauss](https://ctftime.org/user/106464)
- Solved by [HuntClauss](https://ctftime.org/user/106464)
- WaletSec 2021

#### License

**CC BY 4.0** WaletSec + HuntClauss

Original writeup (https://github.com/HuntClauss/Writeups/blob/main/bcactf/little-e.md).

Comments