Baby Time Capsule

Posted on Sat 28 December 2024 in HTB challenge

This is a writeup of the Baby Time Capsule challenge which is a crypto challenge from Hack The Box.

python3 -m venv venv
. ./venv/bin/activate
pip install pycryptodome
pip install gmpy2
pip3 install pwntools

python3 server.py

nc localhost 1337

# https://xanhacks.gitlab.io/ctf-docs/crypto/rsa/08-hastad-broadcast-attack/

from pwn import *
import ast
from gmpy2 import invert, iroot
from Crypto.Util.number import long_to_bytes


HOST = "94.237.52.112"
PORT = 50345
e = 5


def mul(lst):
    ret = 1
    for n in lst:
        ret *= n
    return ret

def crt(C, N):
    assert len(C) == len(N)

    total = 0
    modulo = mul(N)

    for n_i, c_i in zip(N, C):
        p = modulo // n_i
        total += c_i * invert(p, n_i) * p
    return total % modulo

def third_root(n):
    m, valid = iroot(n, e)
    if valid:
        print("Cleartext :", long_to_bytes(m))
    else:
        print("Unable to find the third root of :", n)

C = []
N = []

r = remote(HOST, PORT)

for i in range(e):
    r.recv(1024)
    r.sendline('Y')
    response = r.recvline()
    data = ast.literal_eval(response.decode('utf-8'))
    C.append(int(data['time_capsule'], 16))
    N.append(int(data['pubkey'][0], 16))

x = crt(C, N)
a = third_root(x)

crypto