Rating:
# Awesome Mix1
## Challenge
+ The challenege was to break the Crypto Algorithm being used to get access.
+ Source code service.py is:
```python
from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5 as RSAsign
from Crypto.Hash import SHA
from pad import PKCS1_pad as pad
from SECRET import flag
import sys
def verify(s,m,n,e):
if pow(s,e,n) == pad(m):
return True
else:
return False
key = RSA.generate(1024)
message = "super important information for admin only"
h = SHA.new(message)
signer = RSAsign.new(key)
signature = signer.sign(h)
s = int(signature.encode("hex"),16)
print "Welcome to admin's music portal.\nTo verify that you are the owner of this service\nsend the public key which will verify the following signature :\n"
print "Message ->", message
print "Signature ->", sig
print
sys.stdout.flush()
n = long(raw_input("Enter n:"))
print "n: " , n
e = long(raw_input("Enter e:"))
print "e : " , e
sys.stdout.flush()
input_key = RSA.construct((n,e))
print "input key : ", input_key
print
if verify(s,h.hexdigest(),n,e):
print flag
else:
print "Music is only for admin's eyes."
```
+ source code for pad.py :
```python
def PKCS1_pad(data):
asn1 = "003021300906052b0e03021a05000414"
ans = asn1+data
n=len(ans)
padding = '0001'+'f'*(1024/4-n-4)
return int((padding + ans),16)
```
## Analysis
+ the if statement in verify checks the input against `pad(m)` which is always `h.hexdigest()` and thus constant
+ so now we need the correct values of `s, n, and e`
+ `pow(s,e,n) =: s^e % n`
+ if `e=1` , `s%n = pad(m)`
+ thus `n = pad(m) - s`
## Own Code:
```pthon
from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5 as RSAsign
from Crypto.Hash import SHA
from pad import PKCS1_pad as pad
import sys
message = "super important information for admin only"
h = SHA.new(message)
padding = pad(h.hexdigest())
sig = raw_input('enter signature > ').strip()
s = int(sig,16)
print "s : " , s
print
print "n = ", s - padding
print
print "e = 1"
```
# The values of n and e when input to the service gives the flag!
