[Plaid 2014] forensic : rsa 본문
[Plaid 2014] forensic : rsaZero Day 2016. 8. 27. 16:16
First, we need to recover corrupted private key. I just found a recovery tool.
For using this tool, we need to extract corrupted private key, public key and C(0x3 or 0x01001) value.
Following Codes could extract public key in public.pub. // i just got simple command line code extracting public key and 'C' in file
Corrupted private key -> extract from corrupted.pem
Making the file what 'rsabits' required. like below.
Result of rsabits is printing 'p' and 'q' values.
With these values, get corrected private key by using rsatool.py.
Finally, we can decrypt given 'encrypted' file using corrected private key!
zero@ubuntu:~/Desktop/ctf/plaid2014/rsa$ openssl rsautl -decrypt -in encrypted -out plaintext -inkey private.key
zero@ubuntu:~/Desktop/ctf/plaid2014/rsa$ cat plaintext
The flag is crypt0>>>f0rensics3~