文章目录
- 信息收集
- RSA 算法
- 题目解密
信息收集
下载,解压 (密码都是hackthebox)
enc后缀的文件是一种加密文件,打开为乱码,key.pub内容如下,是 RSA 加密算法的公钥
-----BEGIN PUBLIC KEY-----
MIIBHzANBgkqhkiG9w0BAQEFAAOCAQwAMIIBBwKBgQMwO3kPsUnaNAbUlaubn7ip
4pNEXjvUOxjvLwUhtybr6Ng4undLtSQPCPf7ygoUKh1KYeqXMpTmhKjRos3xioTy
23CZuOl3WIsLiRKSVYyqBc9d8rxjNMXuUIOiNO38ealcR4p44zfHI66INPuKmTG3
RQP/6p5hv1PYcWmErEeDewKBgGEXxgRIsTlFGrW2C2JXoSvakMCWD60eAH0W2PpD
qlqqOFD8JA5UFK0roQkOjhLWSVu8c6DLpWJQQlXHPqP702qIg/gx2o0bm4EzrCEJ
4gYo6Ax+U7q6TOWhQpiBHnC0ojE8kUoqMhfALpUaruTJ6zmj8IA1e1M6bMqVF8sr
lb/N
-----END PUBLIC KEY-----
RSA 算法
计算机的数据都是以 01 形式存储的,一个字节 8 位可以用两位 16 进制数表示,如 1111 1111 = FF,很多算法都是对数字进行运算与求逆的过程
RSA 算法的步骤:
选择一对不相等的大质数
p、q
-
质数要足够大,不容易破解,举例使用小数字
-
质数:除了 1 和它本身无法被其他自然数整除,例如:3 的因数是 1和3,11 的因数是 1和11
p = 3 , q = 11 p=3,q=11 p=3,q=11
计算 p、q 的乘积
n
n = p × q = 3 × 11 = 33 n=p×q=3×11=33 n=p×q=3×11=33
计算 n 的欧拉函数
φ(n)
-
欧拉函数:小于或等于n 的正整数中与 n 互质的数的数目,例如 φ(3)={1,2} = 2;φ(11)={1,2,3,4,5,6,7,8,9,10}=10,即质数除了它本身都与其互质,所以 φ(n) = n-1
-
互质:两个数的公因数只有1 时称为互质数,例如 5和6互质,5和9互质,6和9不互质,因为 3 也是它们的公因数
φ ( n ) = ( p − 1 ) ( q − 1 ) = ( 3 − 1 ) ( 11 − 1 ) = 2 × 10 = 20 φ(n)=(p-1)(q-1)=(3-1)(11-1)=2×10=20 φ(n)=(p−1)(q−1)=(3−1)(11−1)=2×10=20
选择一个与
φ(n)互质的整数e,随便选一个 3 吧,方便计算
1 < e < φ ( n ) , e ∈ { 3 , 7 , 9 , 11 , 13 , 17 , 19 } 1<e<φ(n)\quad,\quad e∈\{3,7,9,11,13,17,19\} 1<e<φ(n),e∈{3,7,9,11,13,17,19}
计算
e对于φ(n)的模反元素d
-
模反元素:正整数 a、n互质,可以找到整数 b,满足:
a·b mod n=1 -
mod:取余,
a mod b即 a除b的余数,例如:10 mod 3 =1,19 mod 4 = 3,3 mod 5 = 5,36 mod -10 = - 4
d ⋅ e m o d φ ( n ) = 1 d·e \,\,\, mod \,\,\, φ(n) = 1 d⋅emodφ(n)=1 -
k 的取值为整数集
d = [ k φ ( n ) + 1 ] / e , k ∈ Z d=[kφ(n)+1]/e,k∈\Z d=[kφ(n)+1]/e,k∈Z -
还是取最简单的 k=1,d=7
d = [ 1 × 20 + 1 ] / 3 = 7 d=[1×20+1]/3=7 d=[1×20+1]/3=7
计算公钥
KU
K U = ( e , n ) = ( 3 , 33 ) KU=(e,n)=(3,33) KU=(e,n)=(3,33)
计算私钥
KR
K R = ( d , n ) = ( 7 , 33 ) KR=(d,n)=(7,33) KR=(d,n)=(7,33)
加密:M 是明文,C是密文,例如 M = 20
C = M e m o d n = 2 0 3 m o d 33 = 8000 m o d 33 = 14 C=M^e \,\, mod \,\,n=20^3\,\,mod\,\,33=8000\,\,mod\,\,33=14 C=Memodn=203mod33=8000mod33=14
解密
M = C d m o d n = 1 4 7 m o d 33 = 105413504 m o d 33 = 20 M=C^d\,\,mod\,\,n=14^7\,\,mod\,\,33=105413504\,\,mod\,\,33=20 M=Cdmodn=147mod33=105413504mod33=20
题目解密
openssl:一个常用的加解密的库,执行如下命令
openssl rsa -pubin -text -modulus -in warmup -in key.pub
Modulus:代表 n ;Exponent:代表 e ;
上面是 16 进制,下面是去除冒号的,在线工具获取e和n:http://www.hiencode.com/pub_asys.html
拿到了 n 首先要转换为 10进制再计算,使用 python 转换,在线转换工具:https://c.runoob.com/unit-conversion/7999/
# 16进制转10进制
>>> s='3303B790FB149DA3406D495AB9B9FB8A9E293445E3BD43B18EF2F0521B726EBE8D838BA774BB5240F08F7FBCA0A142A1D4A61EA973294E684A8D1A2CDF18A84F2DB7099B8E977588B0B891292558CAA05CF5DF2BC6334C5EE5083A234EDFC79A95C478A78E337C723AE8834FB8A9931B74503FFEA9E61BF53D8716984AC47837B'
>>> int(s,16)
573177824579630911668469272712547865443556654086190104722795509756891670023259031275433509121481030331598569379383505928315495462888788593695945321417676298471525243254143375622365552296949413920679290535717172319562064308937342567483690486592868352763021360051776130919666984258847567032959931761686072492923
分解为 p 和 q,使用在线工具分解:http://www.factordb.com/
p=20423438101489158688419303567277343858734758547418158024698288475832952556286241362315755217906372987360487170945062468605428809604025093949866146482515539
q=28064707897434668850640509471577294090270496538072109622258544167653888581330848582140666982973481448008792075646342219560082338772652988896389532152684857
e的处理,去除冒号,转为10 进制
echo '61:17:c6:04:48:b1:39:45:1a:b5:b6:0b:62:57:a1:
2b:da:90:c0:96:0f:ad:1e:00:7d:16:d8:fa:43:aa:
5a:aa:38:50:fc:24:0e:54:14:ad:2b:a1:09:0e:8e:
12:d6:49:5b:bc:73:a0:cb:a5:62:50:42:55:c7:3e:
a3:fb:d3:6a:88:83:f8:31:da:8d:1b:9b:81:33:ac:
21:09:e2:06:28:e8:0c:7e:53:ba:ba:4c:e5:a1:42:
98:81:1e:70:b4:a2:31:3c:91:4a:2a:32:17:c0:2e:
95:1a:ae:e4:c9:eb:39:a3:f0:80:35:7b:53:3a:6c:
ca:95:17:cb:2b:95:bf:cd'|tr -d ':'
e=68180928631284147212820507192605734632035524131139938618069575375591806315288775310503696874509130847529572462608728019290710149661300246138036579342079580434777344111245495187927881132138357958744974243365962204835089753987667395511682829391276714359582055290140617797814443530797154040685978229936907206605
求出 d
import gmpy2
p=20423438101489158688419303567277343858734758547418158024698288475832952556286241362315755217906372987360487170945062468605428809604025093949866146482515539
q=28064707897434668850640509471577294090270496538072109622258544167653888581330848582140666982973481448008792075646342219560082338772652988896389532152684857
e=68180928631284147212820507192605734632035524131139938618069575375591806315288775310503696874509130847529572462608728019290710149661300246138036579342079580434777344111245495187927881132138357958744974243365962204835089753987667395511682829391276714359582055290140617797814443530797154040685978229936907206605
phi = (p-1) * (q-1)
d = gmpy2.invert(e, phi)
print(d)
d=44217944188473654528518593968293401521897205851340809945591908757815783834933
python2脚本生成私钥文件private.pem
#coding=utf-8
import math
import sys
from Crypto.PublicKey import RSA
arsa=RSA.generate(1024)
arsa.p=20423438101489158688419303567277343858734758547418158024698288475832952556286241362315755217906372987360487170945062468605428809604025093949866146482515539
arsa.q=28064707897434668850640509471577294090270496538072109622258544167653888581330848582140666982973481448008792075646342219560082338772652988896389532152684857
arsa.e=68180928631284147212820507192605734632035524131139938618069575375591806315288775310503696874509130847529572462608728019290710149661300246138036579342079580434777344111245495187927881132138357958744974243365962204835089753987667395511682829391276714359582055290140617797814443530797154040685978229936907206605
arsa.n=arsa.p*arsa.q
arsa.d=44217944188473654528518593968293401521897205851340809945591908757815783834933
Fn=long((arsa.p-1)*(arsa.q-1))
private=open('private.pem','w')
private.write(arsa.exportKey())
private.close()
ps:kali 安装crypto报错
apt-get install python2-dev
pip install pycrypto
最后使用 openssl解密
OpenSSL> rsautl -decrypt -in flag.enc -inkey private.pem
