Skip to content

Instantly share code, notes, and snippets.

Shiho Midorikawa elliptic-shiho

Block or report user

Report or block elliptic-shiho

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@elliptic-shiho
elliptic-shiho / solve.rb
Last active Sep 2, 2019
TokyoWesterns CTF 2019 - happy! Solver & simple writeup
View solve.rb
require_relative './happy' # rename happy -> happy.rb
q = 180754955592872777770305021165949447837520820408608437544593001477325680227199967219036800612237524673886247520794601572290402702594122131782305474875236404413820478308317235725623037177247985490515533618988964977186476558003216903
p = 166878663790065040663149504970052368124427462024107500159158464138407657299730521908976684364578086644682045134207945137293534705688910696520830729908263578233018529387676221035298300775812585471932551347478303730822844748034186479
k = 2
e = 65537
d1 = e.pow((p - 1) / 2 - 2, (p - 1))
d2 = e.pow(((q - 1) / 2 - 1) * (q - 1) * (k > 1 ? q ** (k - 2) : 1) - 1, q ** (k - 1) * (q - 1))
cf = p.pow(q ** (k - 1) * (q - 1) - 1, q ** k)
key = Key.new({
@elliptic-shiho
elliptic-shiho / solve.py
Created Jun 24, 2019
Solver of Google CTF 2019 Quals "reality" (solved after the competition)
View solve.py
from Crypto.Util.number import long_to_bytes
from Crypto.Cipher import AES
import base64
E = 226611012014558802453288800032037813546
key = long_to_bytes(E)
IV = b'\x00' * 16
ciphertext = base64.b32decode("YQLAC5DCJR57PYVUBQ4PXMH47IO5IETPUI7EDFUR7JWTNIHNTEAA====")
print([AES.new(key, AES.MODE_CBC, IV=IV).decrypt(ciphertext)])
@elliptic-shiho
elliptic-shiho / solve.py
Created Sep 4, 2018
TokyoWesterns CTF 2018: Revolutional Secure Angou
View solve.py
from scryptos import *
# test parameters
# p, q = 14056259838232570373, 3909938154797744143
# p, q = 110641318332500553225796279828587613489797458859835222045512182391168598134167, 41341297333205266450910162205203983690711509110268167866251160754916102829081
# p, q = 10228796114311354522393980901045139447044341433203094817361313657771454169784897994605194490320353121541462445378267256058403046516520932633258044274994937, 9674880045377912387417155013106887773980875486540327472093521385140255139488018323841292644856768684836232571892336095160722768016023003373215125021261061
rsa = RSA.import_pem(open('publickey.pem').read())
e = rsa.e
n = rsa.n
View solve.py
from scryptos import *
import hashlib
'''
DEFCON Quals 2018 Official: Crypto part
Partial random-value Exposure Attack for DSA (<=> biased-k DSA)
References: https://crypto.stackexchange.com/questions/44644/how-does-the-biased-k-attack-on-ecdsa-work
Thanks: @Bono_iPad and binja members
'''
@elliptic-shiho
elliptic-shiho / solve.py
Created May 1, 2018
ASIS CTF 2018 Quals: Iran Solver (solved after contest finished)
View solve.py
from scryptos import *
import itertools
import gmpy
pk_1 = '''-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQt5IN0XusElxNCZ3pj5YlTtqZiq
dORNqKaBilvYRmreqtHtX2MD5y3X3PShmF/eyC+Sz2EMHZVrWRNHW4mz7U1EcaDd
tVLQdnl1rB/wI+3dqr+3PTBAJ5uVQs/h7XxMjsxAFMxYFBmVze7gpyRRPXFPWP9K
4idj49HtS4rzKiRwXQIDAQAB
-----END PUBLIC KEY-----'''
@elliptic-shiho
elliptic-shiho / OCR.txt
Created Apr 30, 2018
ASIS CTF 2018 Quals: Uncle Sam Solver
View OCR.txt
factoreal @ myThinkMate in ... E$ python Uncle_Sam.py ]
def generate_key(k): p, q = getPrime(k), getPrime(k) pubkey = p**2 * q 1 = (p-1)*(q-1) / gcd(p-1, q-1) privkey = inverse(n, 1) return pubkey, privkey
def encrypt(m, pubkey): return pow(bytes_to_long(m), pubkey, pubkey)
pubkey = 104324738132004141014637484768390560888606798880281575965549007150696481142773349666805536470082277990816674819353434190328538733265808156204153422896153845183002504176253763998515034491758406482 761535653576387253992598998411706820755549870058537633073142835948979160031963607977702534421724847548583529868943792600395857814178437985795126497310921480391644570296404789944700219154896523988409580209 179878798874541517857859720681512291543835163667268135551798241012356996124256319448039934796175367815921021799352673830679650366056316302928741973221024757979326689108517881704753675846523995086126659252 42063908698229724691375660451766902778133525633928388474176745292516274194798150978688909931532155154888770977602723994831110136026
@elliptic-shiho
elliptic-shiho / solve.py
Created Apr 30, 2018
ASIS CTF 2018 Quals: OPEC Solver
View solve.py
from roputils import Proc
from scryptos import *
import proofofwork
import string
'''
proc = Proc(host='37.139.22.174', port=12432, display=True)
proc.read_until('Submit a printable string X, such that sha256(X)[-6:] = ')
crib = proc.readline().strip()
x = proofofwork.sha256('?' * (64 - len(crib)) + crib, alphabet=string.ascii_letters)
@elliptic-shiho
elliptic-shiho / solve.py
Created Feb 3, 2018
Sharif CTF 8 Crypto 100pts: OSS easy Solver
View solve.py
from scryptos import *
n = 25002746673023214443255611415004163622813167852050923858455529030203886977840435991633024079845736335150468784530123301961464111492802951263984843039164056430832125163123383805713707250515254073169424707009359341759806003392594138294458167902830484152672696274313541002376076183872266230285338817553110422277895445022423407252341583782719664554600485831653496762352727294140410862007839241034826246409937408317586016100320118339304493568308875379717324497727750190898854014202895798781129867240530387323567711557244359201718574163779140769622702892937997637399632813759046725913242153879394145202439145824342609530733
k = 23362339402422379817772327315061502761593494363846640180372992347552364432329220756030231112957778618810078666762974577247225709089334422591782884749584385632941885055318288495081651413041625183693553233252837243762098828064089396976796784829512691690456121528386778151445275489241471824325584238311939845541912403985291213425145453729490975518843542282785674261698826757381
@elliptic-shiho
elliptic-shiho / solve.py
Last active Feb 3, 2018
Sharif CTF 8 Crypto 500+100pts: OSS hard Solver
View solve.py
'''
Attacking to the OSS (Ong-Schnorr-Shamir) Signature Scheme: The perfect solution
References:
[1] Jefferey Shallit. 1984. "An exposition of Pollard's algorithm for quadratic congruences"
[2] Robin Chapman (https://math.stackexchange.com/users/226/robin-chapman), Efficiently finding two squares which sum to a prime, URL (version: 2010-10-06): https://math.stackexchange.com/q/5883
'''
from scryptos import *
from ecpy import modular_square_root
@elliptic-shiho
elliptic-shiho / solve.py
Last active Jan 23, 2018
Insomni'hack 2018 teaser: Rule86
View solve.py
from scryptos import *
N_BYTES = 32
N = 8 * N_BYTES
RULE = [86 >> i & 1 for i in range(8)]
def next(x):
x = (x & 1) << N+1 | x << 1 | x >> N-1
y = 0
You can’t perform that action at this time.