The description mentioned e
. Looking through the given data, some of the e
are greater than their respective N
. Going through the toolbox of standard
RSA attacks, we find Wiener's attack, which lets us recover d < 1/3*N**(1/4)
I found an implementation, and threw the numbers at it.
flag_S0Y0UKN0WW13N3R$4TT4CK!