1 of 5

Crypto

Homecooked

This is kinda more rev imo but whatever.

We don't need to understand the main body of the script that much.

What we need to know is that it gets to incredibly large numbers, at which point the two functions it uses - a and b - become much too slow and inefficient to be useful.

Let's review the two functions: What do they do?

Function a simply iterates through all numbers between 2 and num - 1, and returns False if num % i == 0. Essentially, it checks if any numbers below a number are divisible by a number. What's that?

A prime checker.

We can just use Crypto.Util.number.isPrime, which is much more efficient.

As for b, it's much simpler. It just checks if the reverse of the string version of the number is the same as the number - checks if it's a palindrome. I just copied some more efficient code off stack overflow.

Flag: flag{pR1m3s_4re_co0ler_Wh3n_pal1nDr0miC}

raspberry

Rsactftool doesnt work for this one because n has multiple factors.

This is the script:

primes = [2208664111,2214452749,2259012491,2265830453,2372942981,2393757139,2465499073,2508863309,2543358889,2589229021,2642723827,2758626487,2850808189,2947867051,2982067987,3130932919,3290718047,3510442297,3600488797,3644712913,3650456981,3726115171,3750978137,3789130951,3810149963,3979951739,4033877203,4128271747,4162800959,4205130337,4221911101,4268160257]

from Crypto.Util.number import inverse, long_to_bytes

n = 7735208939848985079680614633581782274371148157293352904905313315409418467322726702848189532721490121708517697848255948254656192793679424796954743649810878292688507385952920229483776389922650388739975072587660866986603080986980359219525111589659191172937047869008331982383695605801970189336227832715706317

e = 65537
ct = 5300731709583714451062905238531972160518525080858095184581839366680022995297863013911612079520115435945472004626222058696229239285358638047675780769773922795279074074633888720787195549544835291528116093909456225670152733191556650639553906195856979794273349598903501654956482056938935258794217285615471681

phi = 1
for p in primes:
  phi *= (p - 1)
d = inverse(e, phi)
pt = pow(ct, d, n)
decrypted = long_to_bytes(pt)
print(str(decrypted))

flag:flag{there_are_a_few_extra_berries_in_this_one}

docxor

file with 4 byte xor (like in desc) xor : 5a4199bb

flag{xor_is_not_for_security}

Twinning

easy RSA

factor the numbers

>>> from Crypto.Util.number import *
>>> phi = (2256911-1)*(2256913-1)
>>> n = 5093651775743
>>> e = 65537
>>> d = inverse(e, phi)
>>> ct = 3084160692905
>>> pow(ct, d, n)
6444
>>>

flag{thats_the_twinning_pin_to_win}

Homecooked

This is kinda more rev imo but whatever.

We don't need to understand the main body of the script that much.

What we need to know is that it gets to incredibly large numbers, at which point the two functions it uses - a and b - become much too slow and inefficient to be useful.

Let's review the two functions: What do they do?

Function a simply iterates through all numbers between 2 and num - 1, and returns False if num % i == 0. Essentially, it checks if any numbers below a number are divisible by a number. What's that?

A prime checker.

We can just use Crypto.Util.number.isPrime, which is much more efficient.

Flag: flag{pR1m3s_4re_co0ler_Wh3n_pal1nDr0miC}

raspberry

Rsactftool doesnt work for this one because n has multiple factors.

This is the script:

primes = [2208664111,2214452749,2259012491,2265830453,2372942981,2393757139,2465499073,2508863309,2543358889,2589229021,2642723827,2758626487,2850808189,2947867051,2982067987,3130932919,3290718047,3510442297,3600488797,3644712913,3650456981,3726115171,3750978137,3789130951,3810149963,3979951739,4033877203,4128271747,4162800959,4205130337,4221911101,4268160257]

from Crypto.Util.number import inverse, long_to_bytes

n = 7735208939848985079680614633581782274371148157293352904905313315409418467322726702848189532721490121708517697848255948254656192793679424796954743649810878292688507385952920229483776389922650388739975072587660866986603080986980359219525111589659191172937047869008331982383695605801970189336227832715706317

e = 65537
ct = 5300731709583714451062905238531972160518525080858095184581839366680022995297863013911612079520115435945472004626222058696229239285358638047675780769773922795279074074633888720787195549544835291528116093909456225670152733191556650639553906195856979794273349598903501654956482056938935258794217285615471681

phi = 1
for p in primes:
  phi *= (p - 1)
d = inverse(e, phi)
pt = pow(ct, d, n)
decrypted = long_to_bytes(pt)
print(str(decrypted))

Crypto

Homecooked

hashtagFlag: flag{pR1m3s_4re_co0ler_Wh3n_pal1nDr0miC}

raspberry

hashtagflag:flag{there_are_a_few_extra_berries_in_this_one}

docxor

hashtagflag{xor_is_not_for_security}

Twinning

hashtagflag{thats_the_twinning_pin_to_win}

Homecooked

hashtagFlag: flag{pR1m3s_4re_co0ler_Wh3n_pal1nDr0miC}

docxor

hashtagflag{xor_is_not_for_security}

Twinning

hashtagflag{thats_the_twinning_pin_to_win}

Crypto

raspberry

hashtagflag:flag{there_are_a_few_extra_berries_in_this_one}

Flag: flag{pR1m3s_4re_co0ler_Wh3n_pal1nDr0miC}

flag:flag{there_are_a_few_extra_berries_in_this_one}

flag{xor_is_not_for_security}

flag{thats_the_twinning_pin_to_win}

Flag: flag{pR1m3s_4re_co0ler_Wh3n_pal1nDr0miC}

flag{xor_is_not_for_security}

flag{thats_the_twinning_pin_to_win}

flag:flag{there_are_a_few_extra_berries_in_this_one}