Challenge Description
In this challenge, we will be dealing with RSA certificates.
Downloaded certificate
The contents of the downloaded certificate is as follows:
-----BEGIN CERTIFICATE-----
MIIB6zCB1AICMDkwDQYJKoZIhvcNAQECBQAwEjEQMA4GA1UEAxMHUGljb0NURjAe
Fw0xOTA3MDgwNzIxMThaFw0xOTA2MjYxNzM0MzhaMGcxEDAOBgNVBAsTB1BpY29D
VEYxEDAOBgNVBAoTB1BpY29DVEYxEDAOBgNVBAcTB1BpY29DVEYxEDAOBgNVBAgT
B1BpY29DVEYxCzAJBgNVBAYTAlVTMRAwDgYDVQQDEwdQaWNvQ1RGMCIwDQYJKoZI
hvcNAQEBBQADEQAwDgIHEaTUUhKxfwIDAQABMA0GCSqGSIb3DQEBAgUAA4IBAQAH
al1hMsGeBb3rd/Oq+7uDguueopOvDC864hrpdGubgtjv/hrIsph7FtxM2B4rkkyA
eIV708y31HIplCLruxFdspqvfGvLsCynkYfsY70i6I/dOA6l4Qq/NdmkPDx7edqO
T/zK4jhnRafebqJucXFH8Ak+G6ASNRWhKfFZJTWj5CoyTMIutLU9lDiTXng3rDU1
BhXg04ei1jvAf0UrtpeOA6jUyeCLaKDFRbrOm35xI79r28yO8ng1UAzTRclvkORt
b8LMxw7e+vdIntBGqf7T25PLn/MycGPPvNXyIsTzvvY/MXXJHnAqpI5DlqwzbRHz
q16/S1WLvzg4PsElmv1f
-----END CERTIFICATE-----
Certificate Decoder
Since the challenge wants us to break the certificate, I used the CertLogik Certificate Decoder website to gain a better understanding of the certificate.
PicoCTF Hint: The flag is in the format picoCTF{p,q}
We have to find the values,
pandq, used.
Information about the certificate
The certificate decoder tool displayed information like the values of the
exponent eand themodulus nused for the RSA encryption, as shown above.Since
n = p * q, where bothpandqare prime numbers, we can factorisento find these values.
Finding p and q
We can use [dCode.fr’s prime factors decomposition tool] to find the 2 values, p and q.
This gives us 2 values, 67867967 and 73176001. But we don’t know which is p and q respectively. I first tried to submit picoCTF{67867967,73176001}, but the flag was incorrect.
PicoCTF Hint: Try swapping p and q if it does not work
Swapping the 2 values will allow us to get the correct flag.
Flag
picoCTF{73176001,67867967}