Never Skip Class Nor Multiplication

Description

You have access to a server that performs RSA signatures on arbitrary messages. During the connection, this server also sends you the encrypted flag that you need to decrypt.

The server is compromised and it is possible to inject glitchs to skip the multiply operations in the square and multiply algorithm used to perform the modular exponentiation of RSA.

Find the decryption key and recover the flag.

Note: Another similar challenge is available here: Never Skip Class Nor Squaring.

Files

docker-compose.yml
nscnm.py
1013 B – 90d42f4eb90b69c44261e5bf6894bf27033f2c1d2201d8f637b0ee946b8e37f1

Author

Ker

Challenge Instructions

First, download docker-compose.yml:
curl https://hackropole.fr/challenges/fcsc2022-hardware-never-skip-class-nor-multiplication/docker-compose.public.yml -o docker-compose.yml
Launch the challenge by executing in the same folder:
docker compose up
Then, in another console, access the challenge with Netcat:
nc localhost 4000

⚠️ Important: You must solve the challenge by interacting with the Docker container through the exposed network port. Any other way is not considered valid.

In case you encounter problems, please consult the FAQ.

Flag

You don't have JavaScript actived. No problem! You can check your flag like this: echo -n 'PUT_THE_FLAG_HERE' | sha256sum # possible output: 4ca05ae82895b7768ca0b807bc67836ea1d86fe8b7a4342996f600deeaeab468

Writeups

I've been looking for a long time and I still can't find the flag!

You can vote for the solutions you prefer by using the on their respective pages.

Date	Author	Language	Tags	Vote
2023-11-29	ribt	🇫🇷