RsaCtfTool: retreive private key from weak public key and/or uncipher data

RsaCtfTool

RSA tool for ctf – uncipher data from weak public key and try to recover private key Automatic selection of best attack for the given public key

Attacks :

• Weak public key factorization
• Wiener’s attack
• Hastad’s attack (Small public exponent attack)
• Small q (q < 100,000)
• Common factor between ciphertext and modulus attack
• Fermat’s factorisation for close p and q
• Gimmicky Primes method
• Past CTF Primes method
• Self-Initializing Quadratic Sieve (SIQS) using Yafu
• Common factor attacks across multiple keys
• Small fractions method when p/q is close to a small fraction
• Boneh Durfee Method when the private exponent d is too small compared to the modulus (i.e d < n^0.292)
• Elliptic Curve Method
• Pollards p-1 for relatively smooth numbers
• Mersenne primes factorization

Install

git clone https://github.com/Ganapati/RsaCtfTool.git
cd RsaCtfTool
pip install -r requirements.txt

Usage

usage: RsaCtfTool.py [-h] [--publickey PUBLICKEY] [--createpub] [--dumpkey] [--ext]

                     [--uncipherfile UNCIPHERFILE] [--uncipher UNCIPHER]

                     [--verbose] [--private] [--ecmdigits ECMDIGITS] [-n N]

                     [-p P] [-q Q] [-e E] [--key KEY]

                     [--attack {hastads,factordb,pastctfprimes,mersenne_primes,noveltyprimes,smallq,wiener,comfact_cn,primefac,fermat,siqs,Pollard_p_1,all}]

Mode 1 – Attack RSA (specify –publickey)

• publickey : public rsa key to crack. You can import multiple public keys with wildcards.
• uncipher : cipher message to decrypt
• private : display private rsa key if recovered

Mode 2 – Create a Public Key File Given n and e (specify –createpub)

• n – modulus
• e – public exponent

Mode 3 – Dump the public and/or private numbers from a PEM/DER format public or private key (specify –dumpkey)

• key – the public or private key in PEM or DER format

Tutorial

Source: https://github.com/Ganapati/