Nicholaz99/rsa-2-solve.py

## rsa-2-solve.py
from Crypto.Util.number import *
from Crypto.Cipher import PKCS1_OAEP
from Crypto.PublicKey import RSA

n = 0x00b96b6278808668de6ce3d0b75315b1129300feb48ba23353f097b67c023fbdcdd0e63086ee8c711a9b153ea2c2a3121fc141e27a7d662e72b8c31e5890a0314be92a328ed8b6dbcc90c3d7f0a75dc8c13b0f41aa34776253650dfa27d3c3809b81bfb103a356ec2761b6dd233549a22bab33224092342e7027964c70a9e3eecb
e = 65537
a = 84733215803103612460901465701232424798609470209825913961212238457798293111098195061837071495218083197429913141798442522950831495758395873695688189182925448736211066067276791533151828542439575601763801135131479532656528730453020404557236783254278625529895480234633323403399468237577058553920576024305830379725
r = 21700996784810065805847020455080940987640304282783092123992896363328128691169420271855815648912121417792054646557156071514079520782530801688062034321252682229729442734741486715339008457753023855600772948737800521010217600436912058582658334252483984244806083617513596479033871117464319239681526924092910597300
c = 85407181759755287105309527383534372436668736072315927293076398182206068631971587183149437554341349819060482477969350837066653250734556920049021810122548703168301872412719117857995283679569989680329696657609285728934732302846152702363240223251805773071022405764521081142920227557091217872210813095318042763847

b = pow(a, r/2, n)
p = GCD(b - 1, n)
q = n/p
phi = (p-1)*(q-1)
d = inverse(e, phi)

class Key:
    # Emulate pycryptodome's private RSA key
    def __init__(self, n, e, d):
        self.n = n
        self.e = e
        self.d = d

    def _decrypt(self, ciphertext):
        result = pow(ciphertext, self.d, self.n)
        return result

key = Key(n, e, d)
cipher = PKCS1_OAEP.new(key)
flag = cipher.decrypt(long_to_bytes(c))
print "[+] Flag:", flag
	from Crypto.Util.number import *
	from Crypto.Cipher import PKCS1_OAEP
	from Crypto.PublicKey import RSA

	n = 0x00b96b6278808668de6ce3d0b75315b1129300feb48ba23353f097b67c023fbdcdd0e63086ee8c711a9b153ea2c2a3121fc141e27a7d662e72b8c31e5890a0314be92a328ed8b6dbcc90c3d7f0a75dc8c13b0f41aa34776253650dfa27d3c3809b81bfb103a356ec2761b6dd233549a22bab33224092342e7027964c70a9e3eecb
	e = 65537
	a = 84733215803103612460901465701232424798609470209825913961212238457798293111098195061837071495218083197429913141798442522950831495758395873695688189182925448736211066067276791533151828542439575601763801135131479532656528730453020404557236783254278625529895480234633323403399468237577058553920576024305830379725
	r = 21700996784810065805847020455080940987640304282783092123992896363328128691169420271855815648912121417792054646557156071514079520782530801688062034321252682229729442734741486715339008457753023855600772948737800521010217600436912058582658334252483984244806083617513596479033871117464319239681526924092910597300
	c = 85407181759755287105309527383534372436668736072315927293076398182206068631971587183149437554341349819060482477969350837066653250734556920049021810122548703168301872412719117857995283679569989680329696657609285728934732302846152702363240223251805773071022405764521081142920227557091217872210813095318042763847

	b = pow(a, r/2, n)
	p = GCD(b - 1, n)
	q = n/p
	phi = (p-1)*(q-1)
	d = inverse(e, phi)

	class Key:
	# Emulate pycryptodome's private RSA key
	def __init__(self, n, e, d):
	self.n = n
	self.e = e
	self.d = d

	def _decrypt(self, ciphertext):
	result = pow(ciphertext, self.d, self.n)
	return result

	key = Key(n, e, d)
	cipher = PKCS1_OAEP.new(key)
	flag = cipher.decrypt(long_to_bytes(c))
	print "[+] Flag:", flag