Score:0

Unable to factorise the modulus from public key to extract a private key

in flag

I have a public key but struggling to get the modulus from it

alan@WW031779:/mnt/c/Users/alan/Downloads/rsatool$ openssl rsa -noout -text -inform PEM -in lol.pem -pubin
RSA Public-Key: (2048 bit)
Modulus:
    00:e6:23:97:28:84:b1:f4:d7:22:bd:d5:ee:5b:eb:
    84:cb:84:76:0c:2e:d0:ff:af:d9:3c:d6:03:0f:b2:
    0d:79:30:90:3b:d1:73:1d:c7:4c:95:4a:23:07:53:
    03:df:d7:1b:88:5c:d6:6e:98:5b:f7:59:ed:17:a9:
    85:f7:e7:d8:37:c8:57:bd:31:a1:47:d7:4d:a2:61:
    49:28:58:fa:5f:cf:b8:92:30:87:8e:f4:ff:fc:ff:
    92:fc:29:29:89:32:64:54:af:b5:1b:b7:ab:25:3f:
    ef:d5:b3:57:bf:83:a6:39:f1:53:20:4a:fc:56:28:
    f3:e0:20:22:c6:94:9d:c2:3c:b1:9d:2f:d6:39:b6:
    d5:98:7a:c3:32:a0:1d:d2:3b:43:7a:67:77:bb:96:
    7f:80:e5:22:e9:41:e5:f9:72:16:0a:ed:55:6d:b7:
    39:39:19:80:64:22:ae:1a:7d:c9:b1:99:96:fd:b7:
    b2:91:41:47:2d:68:03:df:f4:2a:71:3d:b5:7a:c0:
    78:fc:a4:8d:1a:68:61:42:3d:e3:a1:2e:d9:cf:af:
    b8:31:e5:d6:9b:92:d7:19:63:d0:23:22:8c:26:12:
    ea:33:4a:65:2c:46:12:1f:50:5d:1b:5a:55:12:24:
    c6:9f:c8:23:9c:fe:10:93:de:68:09:5f:71:53:15:
    96:67
Exponent: 3 (0x3)

This gives

00e623972884b1f4d722bdd5ee5beb84cb84760c2ed0ffafd93cd6030fb20d7930903bd1731dc74c954a23075303dfd71b885cd66e985bf759ed17a985f7e7d837c857bd31a147d74da261492858fa5fcfb89230878ef4fffcff92fc292989326454afb51bb7ab253fefd5b357bf83a639f153204afc5628f3e02022c6949dc23cb19d2fd639b6d5987ac332a01dd23b437a6777bb967f80e522e941e5f972160aed556db7393919806422ae1a7dc9b19996fdb7b29141472d6803dff42a713db57ac078fca48d1a6861423de3a12ed9cfafb831e5d69b92d71963d023228c2612ea334a652c46121f505d1b5a551224c69fc8239cfe1093de68095f715315966

In decimal it is equal to

29052360453120059177701146498207729611014362120841772147885284668310294675407700581246333337318872050600353022438909391852076208405990507154764842795064455368228014381969783955360165426546947312973195061115837228105648770122442650123819968683831588775039837617788817831554836487051931001049480790287468125246758818911220414888048673899462271009956700067150701189256017793349102117503912782889345559816174845605183913828898737756645848010661322897081850561427949550036638510279173557403134806365178654334553002357480355906235714208451535185647256346503450896572487047615057007598805977277186223884121839444217172432487

However on factodb.com it doesn't factorise. I was trying to follow https://0x90r00t.com/2015/09/20/ekoparty-pre-ctf-2015-cry100-rsa-2070-write-up/ but now stuck as where to go.

Any advice?

poncho avatar
my flag
Factorizing a well-chosen 2048 bit modulus is infeasible at the current time. Unless it is known that this modulus was selected to be easy to factor (say, in a CTF challenge), you are quite unlikely to succeed.
in flag
It is a CTF style lab at work so I imagine so but not sure where to start...
poncho avatar
my flag
Fermat factorization works if the two factors were chosen to be quite close together (which they may for a CTF challenge). Alternatively, one of the factors may be quite small (perhaps 100 bits); in that case, downloading an ECM factorization tool and having that run for a couple of hours may work. I'd try both (because they both work on different weaknesses that the CTF authors may have selected)
Daniel S avatar
ru flag
HINT: The fact that the encryption exponent is 3 suggests that it might not be necessary to factor the modulus to capture the flag.
Don Freecs avatar
sz flag
Coppersmith's attack
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.