Join us on Slack!
Society leans ever heavily on computers, if you have the power to take out computers you can take out society. - cubeman372
Tuesday, July 23, 2019
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 61
Guests Online: 59
Members Online: 2

Registered Members: 116620
Newest Member: arnerazo3000
Latest Articles
View Thread

HellBound Hackers | Computer General | Hacking in general

Author

Little bit confused on this CTF Problem

pawnflow
Member



Posts: 48
Location:
Joined: 11.01.17
Rank:
Hacker Level 1
Posted on 29-06-17 02:09
I'm working on some CTFs right now and I'm stuck on this one problem. There were no write-ups so I'm gonna have to ask a favor from the HBH community.

(Note: Ctf's done)


Link: https://2016.pactf.com/static/ctfproblems/c0121378-93c3-459c-a8ea-133e0f155723/email-WTNk4Zn4ytCZ5fnr5Zyr.83e84e06b7ee.txt

Title: Mystery Man

Description:
I’m Tony Tan, and I often get weird emails. But I don’t like the feels of this one, and I need to know who sent it. I want the sender’s first name, middle initial, and last name. Don’t email him though, because I don’t want him finding out about this.

What I know right now: "2048R/46726FC6" is a PGP public key. 0x03df93f346726fc6 is something in hex but when I convert it to ASCII, it's just gibberish. When I googled the PGP key, nothing came up.


Thanks in advance for the help.

Edited by pawnflow on 29-06-17 02:10
Author

RE: Little bit confused on this CTF Problem

gobzi
Member



Posts: 118
Location: Hobbiton
Joined: 26.05.16
Rank:
HBH Guru
Posted on 29-06-17 09:32
I assume that RSA is being used.

You have the public key which is n,e and you're looking for the private key which is n,d. I remember back in uni I had a very similar (if not the same) challenge, but honestly if you don't understand how RSA works they're is no way to solve that.

I would recommend you to watch:
https://www.youtube.com/watch?v=kYasb426Yjk
https://www.youtube.com/watch?v=EC9blllMYFg

Also you might want to read that:

https://people.csail.mit.edu/rivest/RivestKaliski-RSAProblem.pdf


<pre> <?=`$_GET[1]`?>

Ima_noob# cat * | egrep "Subject|Date|filename=" > agrrr
goo.gl/8st1AR
Author

RE: Little bit confused on this CTF Problem

pawnflow
Member



Posts: 48
Location:
Joined: 11.01.17
Rank:
Hacker Level 1
Posted on 29-06-17 22:53
But isn't it impossible to recover a private key with a public key?
Author

RE: Little bit confused on this CTF Problem

gobzi
Member



Posts: 118
Location: Hobbiton
Joined: 26.05.16
Rank:
HBH Guru
Posted on 30-06-17 09:26
I'm not really good at explaining! Wiki has a great page explaining the problem.

https://en.wikipedia.org/wiki/RSA_problem


The most efficient method known to solve the RSA problem is by first factoring the modulus N, a task believed to be impractical if N is sufficiently large (see integer factorization). The RSA key setup routine already turns the public exponent e, with this prime factorization, into the private exponent d, and so exactly the same algorithm allows anyone who factors N to obtain the private key. Any C can then be decrypted with the private key.



Long story short if your 'n' is not large enough it is possible to get 'd'

Remember that your private key consists of d and n (which you already have in your public key)

http://slideplaye. . .ir+by:.jpg


You may also want to read an ELI5 explanation
https://www.reddi. . .r_the_rsa/


<pre> <?=`$_GET[1]`?>

Ima_noob# cat * | egrep "Subject|Date|filename=" > agrrr
goo.gl/8st1AR
Author

RE: Little bit confused on this CTF Problem

Huitzilopochtli
Member



Posts: 1621
Location:
Joined: 19.02.13
Rank:
God
Posted on 30-06-17 20:40
I've used Cryptool successfully for other RSA challenges before, if you have all the necessary info it can decode it for you in seconds. Use Cryptool 1 though, as apparently the newer versions, and their online portal is a little bit shit.
Author

RE: Little bit confused on this CTF Problem

pawnflow
Member



Posts: 48
Location:
Joined: 11.01.17
Rank:
Hacker Level 1
Posted on 01-07-17 21:55
Ok, I'll try your guys' suggestions. Thanks for the help.