# Báo cáo lần 1
### Hackthebox
#### BabyEncryption
```
import string
from secret import MSG
def encryption(msg):
ct = []
for char in msg:
ct.append((123 * char + 18) % 256)
return bytes(ct)
ct = encryption(MSG)
f = open('./msg.enc','w')
f.write(ct.hex())
f.close()
```
Đây là Affine Cipher.
```
from Crypto.Util.number import*
def decryption(data):
pt = ''
for byte in data:
pt += chr((byte - 18)*inverse(123, 256) % 256)
return pt
data = bytes.fromhex("6e0a9372ec49a3f6930ed8723f9df6f6720ed8d89dc4937222ec7214d89d1e0e352ce0aa6ec82bf622227bb70e7fb7352249b7d893c493d8539dec8fb7935d490e7f9d22ec89b7a322ec8fd80e7f8921")
print(decryption(data))
```
#### Baby Time Capsule
```
from gmpy2 import iroot
import json
from Crypto.Util.number import*
from pwn import*
io = remote("159.65.20.166", 32371)
io.recvuntil(b'(Y/n) ')
io.sendline(b"Y")
data = io.recvuntil(b'}').decode()
data = json.loads(data)
time_capsule_1 = (data["time_capsule"])
n1 = data["pubkey"][0]
n1 = bytes_to_long(bytes.fromhex(n1))
time_capsule_1 = bytes_to_long(bytes.fromhex(time_capsule_1))
io.recvuntil(b'(Y/n) ')
io.sendline(b"Y")
data = io.recvuntil(b'}').decode()
data = json.loads(data)
time_capsule_2 = (data["time_capsule"])
n2 = data["pubkey"][0]
time_capsule_2 = bytes_to_long(bytes.fromhex(time_capsule_2))
n2 = bytes_to_long(bytes.fromhex(n2))
io.recvuntil(b'(Y/n) ')
io.sendline(b"Y")
data = io.recvuntil(b'}').decode()
data = json.loads(data)
time_capsule_3 = (data["time_capsule"])
n3 = data["pubkey"][0]
time_capsule_3 = bytes_to_long(bytes.fromhex(time_capsule_3))
n3 = bytes_to_long(bytes.fromhex(n3))
e = 5
c1,c2,c3 = time_capsule_1, time_capsule_2, time_capsule_3
N = n1*n2*n3
N1 = n2*n3
N2 = n1*n3
N3 = n1*n2
u1 = inverse(N1,n1)
u2 = inverse(N2,n2)
u3 = inverse(N3,n3)
x = (N1*c1*u1 + N2*c2*u2+ N3*c3*u3) % N
print(long_to_bytes(iroot(x,5)[0]))
io.close()
io.interactive()
```
#### The Last Dance
```
from pwn import xor
iv = bytes.fromhex("c4a66edfe80227b4fa24d431")
data = bytes.fromhex("7aa34395a258f5893e3db1822139b8c1f04cfab9d757b9b9cca57e1df33d093f07c7f06e06bb6293676f9060a838ea138b6bc9f20b08afeb73120506e2ce7b9b9dcd9e4a421584cfaba2481132dfbdf4216e98e3facec9ba199ca3a97641e9ca9782868d0222a1d7c0d3119b867edaf2e72e2a6f7d344df39a14edc39cb6f960944ddac2aaef324827c36cba67dcb76b22119b43881a3f1262752990")
flag = bytes.fromhex("7d8273ceb459e4d4386df4e32e1aecc1aa7aaafda50cb982f6c62623cf6b29693d86b15457aa76ac7e2eef6cf814ae3a8d39c7")
message = b"Our counter agencies have intercepted your messages and a lot "
message += b"of your agent's identities have been exposed. In a matter of "
message += b"days all of them will be captured"
print(xor(xor(data,flag),message))
```
#### xorxorxor
```
from pwn import*
data = bytes.fromhex("134af6e1297bc4a96f6a87fe046684e8047084ee046d84c5282dd7ef292dc9")
key = xor(data[:4], b'HTB{')
print(xor(data,key))
```
#### Lost Modulo
```
from pwn import*
from Crypto.Util.number import*
from gmpy2 import*
data = bytes_to_long(bytes.fromhex("05c61636499a82088bf4388203a93e67bf046f8c49f62857681ec9aaaa40b4772933e0abc83e938c84ff8e67e5ad85bd6eca167585b0cc03eb1333b1b1462d9d7c25f44e53bcb568f0f05219c0147f7dc3cbad45dec2f34f03bcadcbba866dd0c566035c8122d68255ada7d18954ad604965"))
print(long_to_bytes(iroot(data,3)[0]).decode())
```
#### RSAisEASY
```
from Crypto.Util.number import*
from math import gcd
from os import urandom
sum = 601613204734044874510382122719388369424704454445440856955212747733856646787417730534645761871794607755794569926160226856377491672497901427125762773794612714954548970049734347216746397532291215057264241745928752782099454036635249993278807842576939476615587990343335792606509594080976599605315657632227121700808996847129758656266941422227113386647519604149159248887809688029519252391934671647670787874483702292498358573950359909165677642135389614863992438265717898239252246163
n1 = 101302608234750530215072272904674037076286246679691423280860345380727387460347553585319149306846617895151397345134725469568034944362725840889803514170441153452816738520513986621545456486260186057658467757935510362350710672577390455772286945685838373154626020209228183673388592030449624410459900543470481715269
c1 = 92506893588979548794790672542461288412902813248116064711808481112865246689691740816363092933206841082369015763989265012104504500670878633324061404374817814507356553697459987468562146726510492528932139036063681327547916073034377647100888763559498314765496171327071015998871821569774481702484239056959316014064
c2 = 46096854429474193473315622000700040188659289972305530955007054362815555622172000229584906225161285873027049199121215251038480738839915061587734141659589689176363962259066462128434796823277974789556411556028716349578708536050061871052948425521408788256153194537438422533790942307426802114531079426322801866673
q = (gcd(sum,n1))
p = n1 // q
f1 = (long_to_bytes(pow(c1,inverse(65537,(p-1)*(q-1)),n1)))
n2 = sum%n1
z = n2 // q
f2 = (long_to_bytes(pow(c2,inverse(65537,(z-1)*(q-1)),n2)))
print(f1+f2)
```
#### Embryonic Plant
Challenge này khá hay, liên quan tới LCG, mình có [**LINK**](https://crypto.stackexchange.com/questions/87220/cryptographically-secure-linear-congruential-generator-is-it-possible) này có thể giúp ích cho bạn rất nhiều.
```
from Crypto.Util.number import*
from math import gcd
def extended_gcd(a, b):
if b == 0:
return a, 1, 0
else:
d, x, y = extended_gcd(b, a % b)
return d, y, x - (a // b) * y
def find_x(a, b, c):
gcd, x_prime, _ = extended_gcd(b, c)
if a % gcd != 0:
return None
a_prime = (a // gcd) % c
x = (x_prime * a_prime) % c
return x
def find_d(a, b, c, n):
bc_mod_n = (b * c) % n
d = (a - bc_mod_n) % n
return d
n = 875160154252520186251141359813376844205078837688859219647998263059390545455666959868272831956779132045330105458640460325486680058028233270020291614157451317894110269639780507518860757299450578151147748572019371950843986400076289065334864577087504297359676338166424192877389197803442490978821375794048316553853085966558794240760959161987598108459441945291723309230665829568115073301763544532552179053221908864303864014278134933463597319119189753348991487712539547783209384907074459767339389912999640300731884080101606842315180302622347685382825488775275363493924203654141256657466019975768214244502429057343992946031175889606627829209702720334661107181627261133702840164098042293465302874342367
s = [45948196110742333078791904670754464213578139076280109814760521831353273605782767324779081189039031009815013571451298379981707915542440414220083426012609548317078548002379773850309022768943249397294154504631709396600886029113258544, 665421018479354408650321321446504004021595291664664613059639369284378526681870680990726015080235767661978417143890017835302285399955943814186163819783105747360598346167878408804511855184450139017542601099343516459031570045750334635, 116901116055486713179543809270968616175254891027356317875260251653063459332706332539151662885597749087527500088196623717000607610204151297409257838680010556067036481294394312559141590536968964270065614095041734217016802912127551399, 257185387102952423422505329148493981831897715690584197952849048768011651303898015179171902245107615610642197589412557491017458513344338002354160349045327465820185865360211004133692933165886876481285477189851986291296987966454584913, 600597039831835988459465667623398229366883082253281715825043750022005882279772326647162809398726368298023180858058246314753665389921411839577046046481816334727242911521098595075675355340100111145925656700034968689114367721111389240]
x0 = s[0]
x1 = s[1]
x2 = s[2]
x3 = s[3]
x4 = s[4]
t0 = x1 - x0
t1 = x2 - x1
t2 = x3 - x2
t3 = x4 - x3
r = (gcd(abs(t2*t0-t1*t1),abs(t3*t1-t2*t2)))//2
p = (find_x(x1-x2,x0-x1,r))
q = find_d(x1,p,x0,r)
print(r)
print(p)
print(q)
from Crypto.Cipher import AES
key = b"'\xa2U\x03\xf6\x7fG?N\x1d\x11\xae\xda!\x07\xa60\xb1\xa8\x8bd\x9cr\xe2\xe4#\xf8i\xe9\xd7tR"
cipher = AES.new(key, AES.MODE_ECB)
print(cipher.decrypt(bytes.fromhex("df534b412fbbb5bf920a9c8a76f85013b2c6cb49642c30a7e5e801f9576b4f36071945f46d3e78c8b1e2adff0c090d7d88e9a068caae958d87ca56bcd0763e00e527371f271530bd6bb779284233ec45")))
```
#### Weak RSA
```
from Crypto.Util.number import*
from factordb.factordb import FactorDB
with open("flag.enc", "rb") as file:
ciphertext = file.read()
ciphertext = bytes_to_long(ciphertext)
e = 68180928631284147212820507192605734632035524131139938618069575375591806315288775310503696874509130847529572462608728019290710149661300246138036579342079580434777344111245495187927881132138357958744974243365962204835089753987667395511682829391276714359582055290140617797814443530797154040685978229936907206605
n = 573177824579630911668469272712547865443556654086190104722795509756891670023259031275433509121481030331598569379383505928315495462888788593695945321417676298471525243254143375622365552296949413920679290535717172319562064308937342567483690486592868352763021360051776130919666984258847567032959931761686072492923
f = FactorDB(n)
f.connect()
q, p = f.get_factor_list()
d = inverse(e,(p-1)*(q-1))
print(long_to_bytes(pow(ciphertext,d,n)))
```
### MAPNACTF
### Các task đã hoàn thành
#### Task 1
https://hackmd.io/@nhatviet/r1SLEfqua
#### Task 2
Part 1:
https://hackmd.io/@nhatviet/SJhi9nfKT
Part 2:
https://hackmd.io/@nhatviet/Bk6klwXt6
#### Task 3
https://hackmd.io/@nhatviet/ByBWmkz9p
Sign in with Wallet
Connect another wallet