RSA tool for ctf - uncipher data from weak public key and try to recover private key Automatic selection of best attack for the given public key
Attacks :
- Weak public key factorization
- Wiener's attack
- Hastad's attack (Small exponent attack)
- Small q (q<100,000)
- Common factor between ciphertext and modulus attack
- Fermat's factorisation for close p and q
- Gimmicky Primes method
usage: RsaCtfTool.py [-h] (--publickey PUBLICKEY | --createpub) [--uncipher UNCIPHER] [--verbose] [--private] [--n N] [--e E]
Mode 1 - Attack RSA (specify --publickey)
- publickey : public rsa key to crack
- uncipher : cipher message to decrypt
- private : display private rsa key if recovered
Mode 2 - Create a Public Key File Given n and e (specify --createpub)
- n - modulus
- e - public exponent
./RsaCtfTool.py --publickey ./key.pub --uncipher ./ciphered_file
./RsaCtfTool.py --publickey ./key.pub --private
./RsaCtfTool.py --createpub --n 7828374823761928712873129873981723...12837182 --e 65537
- weak_public.pub, weak_public.cipher : weak public key
- wiener.pub, wiener.cipher : key vulnerable to Wiener's attack
- small\exponent.pub, small_exponent.cipher : key with e=3, vulnerable to Hastad's attack
- small_q.pub, small_q.cipher : public key with a small prime
- close_primes.pub, close_primes.cipher : public key with primes suceptible to fermat factorization
- elite_primes.pub : public key with a gimmick prime
- fermat.pub : public key with another vulnerability to fermat factorization
- GMPY
- libnum (https://github.com/hellman/libnum.git)