Solved!! Thank you very much for this challenge.
1 Like
I have this expectation that āvery easyā challenges are all going to be solvable in 15 minutes. I have to get away from that mindset (especially for crypto which is apparently myā¦ cryptonite).
This took me all day, and I ended up with exposure to way more RSA than I expected. Which is a good thing. Tough challenge for me, loads of Google before I was on the right track thanks to nudges from others.
1 Like
Should I be getting a syntax error on line 34? its not missing any quotes.?
In line 34 f-strings are used the frist time, see Formatted String Literals. The f-string are introduced in Python version 3.6, PEP498. May be you used an older Python version.
1 Like
thanks!
Can anyone give me a hint? I have unciphered data from one tool for ctf, but that data is kind of chinese in utf-16 
Hi, i think i need a hint, i been implementing a c****** r******** solution but Iām not able to recover any usable flag 
Anyone can give me a hint or tell me what Iām missing?
maybe you are implementing it incorrectly? Have you tried one thatās been implemented for you?
you can PM me and give me the details of what youāve tried and I can point you in the right direction
Iām running in to the problem that my solution for the offline server.py file does not work for the actual server any tips maybe
i can get part of the flag but it cuts out the rest HTB{t3h the rest is missing. im using external libraries to calculate c****** and r*** to avoid big number problems. im using python.
Anyone had that problem? should i just use a different language?
1 Like
I have the same problem. I tried to convert a large float to bytes, but I receive only the beginning of the flag, just as you. Did you solve it creepto?
I have got it. Information gets lost when the int value is too large and you are doing log computations and devisions.
Hint: use libnum.nroot
1 Like
I have a quick question, is every time capsule solvable or is the expectation that we try to find a weak one? I can reliably solve for the redacted flag with a couple methods but the real capsules are just a little bit bigger and Iām losing accuracy when trying to work with the larger numbers. For reference Iāve worked with numpy, gmpy2 and libnum.
Ok, I figured it out. Read through this thread carefully, specifically @Hilbertās comment. It should get you started on the right track
I am stuck in 2 days . I know little bit about RSA but i dont understand how to get flag . Some guy previous tell he get flag
Without looking python code . How to get flag can anyone give me a hint .
should i brute force the value of m which is the int representation of the flag? because we canāt factorize N, i donāt have any idea this is my first time with crypto & RSA and i suck at math ):
edit:
After some math it turned out that i need at least 1E22 years to brute force that m, int representation of bāHTB{āREDACTEDā}ā which is 125 bit long, so the actual flag on the server would be much harder to brute force cuz i donāt know itās length. any hint? about that ch** r** thing ?
while bruteforcing it i noticed that the modulus N does not affect the encryption of the flag so the m value is just byte_to_long(flag) ** 5 , then i noticed that the server always generate the same ātime_capsuleā even that the N is changing, so i reversed the flag by : flag = M ** (1/5), and it worked! Locally, but the actual server doesnāt send the same time_capsule! i wonder why, any clarification?
Bruteforcing the key is a bad idea. Try to learn what each of the values corresponding to RSA does, and see if you can do anything with that.
what is that tecnic ch***** r****** ? Is this useful
I know that it is useless find d and factoring n and it is only way decrypt it ciper text ( i mean it always m^e<n ) use another way but how i try convert ciper msg to int and nroot (c**1/5) it
But is nt working then how to do it please give me hint
Thought Iād add as a supplementary that if you think you know what the method to crack this one is, donāt use any online tools! I worked out the correct answer to this one quickly and ended up spending way longer than I should, because most online tools ended up hitting the INTEGER_MAX and modulating my answer down to a reasonable size. Implement the decryption yourself using some science/math libraries that will keep track of large numbers. Happy hunting!