首页
社区
课程
招聘
[分享]RSA Attacking Toolkit v0.1f
发表于: 2008-12-3 15:41 9720

[分享]RSA Attacking Toolkit v0.1f

2008-12-3 15:41
9720

RSA Attacking Toolkit v0.1f By bLaCk-eye [RET]



  .About
  ******
  
          This tool is supposed to help crackers who are cracking targets
  protected by RSA and who aren't attackable by the classic method of
  factoring i.e who'se modulus is > 400 bits.

  .How to use
  ***********
       
          It's very easy to use it once you know the when the attacks
  apply.So here are the explanations:

  1.Common Modulus Attack: not really an attack but more of a tool, its
  purpose is to find the factors of the modulus given the public AND
  secret key, i.e E and D
          So entering N,D,E you find P,Q so that N = P * Q.
          I included it in this 'toolkitt' as i got asked many times
  by other crackers if you can find the factors of N given D and E is
  possible. The answer is yes. The algo which i used can be found here:

  http://math.usask.ca/~wurtz/crypt/attacks_rsa/node1.html

  2. Weger Attack: this attack applies when the factors of N are close
  one another i.e the diference |P - Q| is small in comparison to P and
  Q.
          So if let's say P and Q have the same bitsize s than for the
  RSA key to be susceptible to this attack then |P-Q|  bitsize must
  be smaller then (s/2)
  E.g.        P bitsize=256 bits
          Q bitsize=256 bits
          |P-Q| bitsize is 100bits then they key generated with this
  primes is attackble.
  When testing a RSA key for this attack if you don't get any
  result after at most 5mins then the attack don't work.
  
  BTW: you can try this attack on Amenesia Basis#1 Crackme that presents
  an RSA key with exactly this weakness.

  3. Wiener Attack: this attack applies when the private key is
          D < (1/3)*N^(1/4) and if P < Q < 2P (which is true most of the
  times.).
          So if you have an s bit modulus and if the bitsize of the
  private key is < (s/4) bits than you can succesfully recover.
          The attack can be improved, but i'm lazy so i only did the
  easier version :).

  4. Low Exponent Attack:
          If E=3 and the message is short enough and not padded then
  there's a possibility that M^E < N so the modular reductions don't
  take place so computing M having the ciphertext is just a matter
  of computing the E'th root from the cipher text.
        As input you must provide N and the ciphertext

  BTW: you can try this attack on Amenesia Basis#2 Crackme that presents
  an RSA key with exactly this weakness.

  .Bugs
  ******
          Send them to bLaCk@reteam.org or correct them yourself, i gave
  you the source right? :)

  .Future plans
  *************

  - add threads for Weger attack
  - add Cycling attack - i need to find more info about how to efficiently
  implemented (i know it's not an efficient attack from the start but
  people asked for it)
  - add ? (here you put what you think is missing)

  .History
  *********
          - v.0.1f - added the low public exponent 'attack' :)
                   - added automatic base convertion, so it's easier to
                     work with
                   - added automatic md5 hasher (a request)
                   - added Encrypt/Decrypt functions to play with
                     the RSA keys
   
    - v.0.1b - first version released

  .Greets
  *******
          RET, TKM!, KANAL23, LZ0 Members as they all put up with my
  stupid questions :P

tf25.rar


[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)

上传的附件:
收藏
免费 7
支持
分享
最新回复 (5)
雪    币: 192
活跃值: (11)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
2
ms不错 下载试一下 多谢lz了
2008-12-4 00:46
0
雪    币: 471
活跃值: (4048)
能力值: ( LV9,RANK:170 )
在线值:
发帖
回帖
粉丝
3
暴力破解太费力气了,直接替换公钥更方便
2008-12-4 18:13
0
雪    币: 834
活跃值: (38)
能力值: ( LV2,RANK:15 )
在线值:
发帖
回帖
粉丝
4
我不记得哪里下的版本,是v0.2,没有源码.

I can't remember where i got it, but it is 0.2 without source-code.
上传的附件:
2008-12-4 18:53
0
雪    币: 200
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
5
thanx for sharing
nice tool for RSA encryption
2008-12-10 20:04
0
雪    币: 328
活跃值: (34)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
6
不错的东西,多谢!
about中的那个链接已经失效了,附件中的程序是07年5月的,不知道现在是否有最新版
另外tf25.rar中的Source.srs是加密的RAR文件?请问口令是多少?
2010-1-4 15:38
0
游客
登录 | 注册 方可回帖
返回
//