#zh3ro_CTF_2021 from random import randint, random from collections import Counter class Agent: def __init__(self,N,K,mutation,guess_limit): self.N = N self.K = K self.mutation = mutation self.guess_limit = guess_limit self.secret = [randi…

#tetctf_2021 import json import os from hashlib import sha256 from typing import Callable, Dict H: Callable[[bytes], bytes] = lambda s: sha256(s).digest() def get_mac(key: bytes, data: bytes) -> bytes: """Just a MAC generation function sim…

#srdnlen_CTF_2022 #!/usr/bin/env python3 from Crypto.Util.number import getPrime, bytes_to_long def padding(text, n): for j in range(n % 2**8): text += b"poba" return bytes_to_long(text) if __name__ == '__main__': f = open('flag.txt', 'r')…

#nullconHackIM2019 https://ctftime.org/task/7528 https://gitlab.com/n0tsobad/ctf-writeups/tree/master/2019-02-01-nullcon/Singular https://grosquildu.github.io/writeups/2019/01/03/nullcon-singular/ https://crypto.stackexchange.com/questions…

#foobarCTF_2022 #!/usr/bin/env python3 from Crypto.Util.number import * from random import getrandbits flag = b'***********************REDACTED***********************' FLAG = bytes_to_long(flag) p = getStrongPrime(512) q = getStrongPrime(5…

#foobarCTF_2022 ncする問題んだけどつながらなくて泣いた

InvalidCurveAttackのこと

#corctf2021 fib = [1, 1] for i in range(2, 11): fib.append(fib[i - 1] + fib[i - 2]) def c2f(c): n = ord(c) b = '' for i in range(10, -1, -1): if n >= fib[i]: n -= fib[i] b += '1' else: b += '0' return b flag = open('flag.txt', 'r').read() …

from Crypto.Util.number import bytes_to_long from Crypto.Random.random import getrandbits # cryptographically secure random get pranked from Crypto.PublicKey import RSA from secret import d, flag # 1024-bit rsa is unbreakable good luck n =…

require 'json' require 'openssl' p = OpenSSL::BN::generate_prime(1024).to_i q = OpenSSL::BN::generate_prime(1024).to_i while true d = OpenSSL::BN::generate_prime(1024).to_i break if ((p - 1) * (q - 1)).gcd(d) == 1 && ((p - 1) * (q - 1)).gc…

#tetctf2022 """ This is an (incomplete) implement for a new (and experimental) secret/password sharing scheme. The idea is simple. Basically, a secret or password is turned into a set of finite field elements and each share is just a linea…

#TSGCTF_2021 from Crypto.Util.number import isPrime from random import randrange from secret import p, q, L, e, d class RSA: def __init__(self, p, q, L, e, d): assert(isPrime(p) and isPrime(q)) self.N = p * q self.L = L self.e = e self.d =…

#ECDH from flag import FLAG FLAG = int(FLAG.encode('hex'),16) P = 0xd3ceec4c84af8fa5f3e9af91e00cabacaaaecec3da619400e29a25abececfdc9bd678e2708a58acb1bd15370acc39c596807dab6229dca11fd3a217510258d1b A = 0x95fc77eb3119991a0022168c83eee7178e6c…

#SECCON_Beginners_2022 from Crypto.Util.number import * from flag import flag p, q, r = getPrime(512), getPrime(256), getPrime(256) n = p * q * r phi = (p - 1) * (q - 1) * (r - 1) e = 2003 d = inverse(e, phi) flag = bytes_to_long(flag.enco…

https://ctftime.org/task/7778 #pragyanctf Ram has something to show you, which can be of great help. It definitely contains the piece of text "pctf" and whatever follows it is the flag. Can you figure out what it is? Note: Enclose it in pc…

#!/usr/bin/env sage from Crypto.Util.number import bytes_to_long as b2l def generate(): p = random_prime(2 ** 1024) q = random_prime(2 ** 1024) e = random_prime(200, False, 150) d = inverse_mod(e, (p-1)*(q-1)) n = p * q return [n, e, p, q,…

#hsctf8 from collections import Counter from Crypto.Util.number import * import sys import random import sympy flag = open('flag.txt','rb').read() print("Loading... this may take a while.") p,q = getPrime(4096),getPrime(4096) e = 0x10001 n…

#joseph #downunderctf2021 def G_add(A, B): x1, y1 = A x2, y2 = B return ((x1*x2 + D*y1*y2) % p, (x1*y2 + x2*y1 + 2*y1*y2) % p) def G_mul(A, k): out = (1, 0) while k > 0: if k & 1: out = G_add(out, A) A = G_add(A, A) k >>= 1 return out def …

#joseph #downunderctf2021 #!/usr/bin/python3 import re from Crypto.Util.number import long_to_bytes from Crypto.Random import random from secret import REAL_COORDS, FLAG_MSG FAKE_COORDS = 575462271004247427844974531438712885812843213815360…

no crypto

RSAで同一modにおける2つの暗号文があり、2つの平文の差が小さい時に使える攻撃。つまり このとき、としてresultantでを消去した を求めるとはだけの式になり、univariate coppersmith methodで小さい根を求められれば、Franklin-Reiter Related Message Att…

#circle_city_con_2021 import sys, json from collections import namedtuple from Crypto.Random.random import randrange q = 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab r = int(0x73eda7532…

#bsidesnoidactf #good_challenges_2021 from decimal import Decimal, getcontext from Crypto.Util.number import bytes_to_long, getRandomNBitInteger def is_valid_privkey(n): if n < 0: return False c = n * 4 // 3 d = c.bit_length() a = d >> 1 i…

#bsidesnoidactf from Crypto.Util.number import getRandomNBitInteger, isPrime # extended gcd def egcd(a, b): old_x, new_x = 1, 0 old_y, new_y = 0, 1 while a != 0: q, a, b = b // a, b % a, a new_x, old_x = old_x, new_x - q * old_x new_y, old…

#AeroCTF2019 https://ctftime.org/task/7826 Our programmers decided not to use that encoder written in Golange and created a new one in Python. Needless to say that we again lose our drawings? Could you look again at the encoder and an exam…

#AeroCTF2019 https://ctftime.org/task/7825 In our design office work young guys who love Golang. They developed a secure storage system for drawings using their encryption. We wrote a program for this on Go and now we all use it. However, …

アダマール行列（全要素が で、となる）の一部分が? に置き換えられた行列が与えられるので、?を適切に埋める。 アダマール行列は簡単な構成法がある（Sylvester's constructionなど）のだが、行列式の値を変えないような変形、すなわち、行と行のswap, 列同…

x, y, zの大きさとかを考えると らしい 更に 算数 これわかんないわ https://ctftime.org/writeup/22112 #!/usr/bin/python import gmpy2 from Crypto.Util.number import * from hashlib import sha1 def crow(x, y, z): return (x**3 + 3*(x + 2)*y**2 + y…

#acsc2021 #!/usr/bin/env python3 import base64 import json import os from Crypto.Cipher import AES from Crypto.Util.Padding import pad, unpad from flag import flag key = os.urandom(16) iv1 = os.urandom(16) iv2 = os.urandom(16) admin_userna…