本文介绍了在CTF比赛中密码学中常用的工具及python库:简要讲解了安装方法,常用的使用方法。
根据p,q生成私钥文件key.pem
python rsatool.py -f PEM -o key.pem -n 13826123222358393307 -d 9793706120266356337
<pre>Using (n, d) to initialise RSA instance n = 13826123222358393307 (0xbfe041d1197381db) e = 65537 (0x10001) d = 9793706120266356337 (0x87ea3bd3bd0b9671) p = 4184799299 (0xf96ef843) q = 3303891593 (0xc4ed6289) Saving PEM as key.pem </pre>
提供(p,q)生成key.der
python rsatool.py -f DER -o key.der -p 4184799299 -q 3303891593
<pre>Using (p, q) to initialise RSA instance n = 13826123222358393307 (0xbfe041d1197381db) e = 65537 (0x10001) d = 9793706120266356337 (0x87ea3bd3bd0b9671) p = 4184799299 (0xf96ef843) q = 3303891593 (0xc4ed6289) Saving DER as key.der </pre>
openssl可以查看公钥得到n和e,也可以利用私钥文件解密公钥加密的内容
查看公钥文件
openssl rsa -pubin -in pubkey.pem -text -modulus
解密
rsautl -decrypt -inkey private.pem -in flag.enc -out flag
本地对应pip安装即可:
pip3 install factordb-python
更新factordb-python
pip3 install --upgrade factordb-python
命令行使用
C:\Users\fishmouse>factordb 16
<pre>2 2 2 2</pre>
获得更多信息:
C:\Users\fishmouse>factordb --json 16
<pre>{"id": "http://factordb.com/api/?id=2", "status": "FF", "factors": [2, 2, 2, 2]}</pre>
FacotrDB库的使用
xxx\yafu-1.34> .\yafu-x64.exe
factor(21)
whl文件形式安装,下载对应python版本的whl文件:https://www.lfd.uci.edu/~gohlke/pythonlibs/
pip3 install gmpy2-2.0.8-cp37-cp37m-win_amd64.whl
安装gmpy2这个库还需要一些相应的环境mpfr和mpc
首先安装mpfr,因为要安装mpc必须先安装mpfr
root@kali:~# wget https://www.mpfr.org/mpfr-current/mpfr-4.1.0.tar.bz2
若失败到官网:https://www.mpfr.org/mpfr-current查看最新
root@kali:~# tar -jxvf mpfr-4.1.0.tar.bz2
root@kali:~# cd mpfr-4.1.0
root@kali:~/mpfr-4.1.0# ./configure
root@kali:~/mpfr-4.1.0# make && make check && make install
安装mpc
root@kali:~# wget ftp://ftp.gnu.org/gnu/mpc/mpc-1.1.0.tar.gz
root@kali:~# tar -zxvf mpc-1.1.0.tar.gz && cd mpc-1.1.0
root@kali:~/mpc-1.1.0# ./configure
root@kali:~/mpc-1.1.0# make && make check && make install
安装gmpy2
root@kali:~# pip3 install gmpy2
pip3 install libnum
pip3 install pycryptodome
安装后,可以使用Crypto 这个模块,注意点:在对应python下的库Lib\site-packages中crypto开头为小写时,将其改为Crypto 即可
openssl rsa -pubin -in pubkey.pem -text -modulus
python rsatool.py -f PEM -o prvkey.pem -p 4184799299 -q 3303891593
OpenSSL> rsautl -decrypt -in test.enc -inkey private.pem
FactorDB存储了已经知道的整数的分解,这个工具可以在命令行上使用,对python2和python3也适用
FactorDB存储了已经知道的整数的分解,这个工具可以在命令行上使用,对python2和python3也适用
from
factordb.factordb
import
FactorDB
f
=
FactorDB(
16
)
from
factordb.factordb
import
FactorDB
f
=
FactorDB(
16
)
f.get_factor_list()
f.connect()
<Response [
200
]>
f.get_factor_list()
[
2
,
2
,
2
,
2
]
f.get_factor_from_api()
[[
'2'
,
4
]]
f.get_status()
'FF'
import
gmpy2
gmpy2.gcd(
2
,
4
)
import
gmpy2
gmpy2.gcd(
2
,
4
)
mpz(
2
)
gmpy2.invert(
5
,
26
)
mpz(
21
)
gmpy2.gcdext(
5
,
26
)
(mpz(
1
), mpz(
-
5
), mpz(
1
))
(mpz(
1
), mpz(
-
5
), mpz(
1
))
gmpy2.iroot(
4
,
2
)
(mpz(
2
),
True
)
import
libnum
libnum.gcd(
2
,
4
)
import
libnum
libnum.gcd(
2
,
4
)
2
libnum.invmod(
5
,
26
)
libnum.xgcd(
5
,
26
)
(
-
5
,
1
,
1
)
libnum.s2n(
"hell0"
)
448378203184
libnum.n2s(
448378203184
)
'hell0'
import
libnum
libnum.s2n(
"hello"
)
import
libnum
libnum.s2n(
"hello"
)
448378203247
libnum.n2s(
448378203247
)
'hello'
from
Crypto.Util.number
import
long_to_bytes,bytes_to_long
bytes_to_long(
'hello'
.encode())
from
Crypto.Util.number
import
long_to_bytes,bytes_to_long
bytes_to_long(
'hello'
.encode())
448378203247
long_to_bytes(
448378203247
)
long_to_bytes(
448378203247
)
b
'hello'
import
random
def
rabin_miller(num):
s
=
num
-
1
t
=
0
while
s
%
2
=
=
0
:
s
=
s
/
/
2
t
+
=
1
for
trials
in
range
(
5
):
a
=
random.randrange(
2
, num
-
1
)
v
=
pow
(a, s, num)
if
v !
=
1
:
i
=
0
while
v !
=
(num
-
1
):
if
i
=
=
t
-
1
:
return
False
else
:
i
=
i
+
1
v
=
(v
*
*
2
)
%
num
return
True
def
is_prime(num):
if
num <
2
:
return
False
small_primes
=
[
2
,
3
,
5
,
7
,
11
,
13
,
17
,
19
,
23
,
29
,
31
,
37
,
41
,
43
,
47
,
53
,
59
,
61
,
67
,
71
,
73
,
79
,
83
,
89
,
97
,
101
,
103
,
107
,
109
,
113
,
127
,
131
,
137
,
139
,
149
,
151
,
157
,
163
,
167
,
173
,
179
,
181
,
191
,
193
,
197
,
199
,
211
,
223
,
227
,
229
,
233
,
239
,
241
,
251
,
257
,
263
,
269
,
271
,
277
,
281
,
283
,
293
,
307
,
311
,
313
,
317
,
331
,
337
,
347
,
349
,
353
,
359
,
367
,
373
,
379
,
383
,
389
,
397
,
401
,
409
,
419
,
421
,
431
,
433
,
439
,
443
,
449
,
457
,
461
,
463
,
467
,
479
,
487
,
491
,
499
,
503
,
509
,
521
,
523
,
541
,
547
,
557
,
563
,
569
,
571
,
577
,
587
,
593
,
599
,
601
,
607
,
613
,
617
,
619
,
631
,
641
,
643
,
647
,
653
,
659
,
661
,
673
,
677
,
683
,
691
,
701
,
709
,
719
,
727
,
733
,
739
,
743
,
751
,
757
,
761
,
769
,
773
,
787
,
797
,
809
,
811
,
821
,
823
,
827
,
829
,
839
,
853
,
857
,
859
,
863
,
877
,
881
,
883
,
887
,
907
,
911
,
919
,
929
,
937
,
941
,
947
,
953
,
967
,
971
,
977
,
983
,
991
,
997
]
if
num
in
small_primes:
return
True
for
prime
in
small_primes:
if
num
%
prime
=
=
0
:
return
False
return
rabin_miller(num)
def
get_prime(key_size
=
1024
):
while
True
:
num
=
random.randrange(
2
*
*
(key_size
-
1
),
2
*
*
key_size)
if
is_prime(num):
return
num
print
(get_prime(
50
))
import
random
def
rabin_miller(num):
s
=
num
-
1
t
=
0
while
s
%
2
=
=
0
:
s
=
s
/
/
2
t
+
=
1
for
trials
in
range
(
5
):
a
=
random.randrange(
2
, num
-
1
)
v
=
pow
(a, s, num)
if
v !
=
1
:
i
=
0
while
v !
=
(num
-
1
):
if
i
=
=
t
-
1
:
return
False
else
:
i
=
i
+
1
v
=
(v
*
*
2
)
%
num
return
True
def
is_prime(num):
if
num <
2
:
return
False
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课