import libnum
from base64 import b64decode
from Crypto.Util.number import long_to_bytes
from Crypto.PublicKey import RSA
from gmpy2 import invert,powmod
n1=0x53a121a11e36d7a84dde3f5d73cf
e1=0x10001
q1=44106885765559411
p1=38456719616722997
#(192.168.0.13)
n2=0x99122e61dc7bede74711185598c7
e2=0x10001
q2= 49662237675630289
p2= 62515288803124247
#(192.168.0.37)
d1=libnum.invmod(e1, (p1 - 1) * (q1 - 1))
d2=libnum.invmod(e2, (p2 - 1) * (q2- 1))
c= 0x3b04b26a0adada2f67326bb0c5d6
m = pow(c, d2, n2)
print( long_to_bytes(m))
with open('C:\Users\kubopiy\Desktop\data.txt', 'r') as f2:
data = f2.read()
cips=data.split('
')
flag=['']*len(cips)
for i in cips[:-1]:#可能出现空格
data = b64decode(i)
print(data)
seq =int(data[(data.find(ord('='))+2):data.find(ord(';'))])
c=data[data.find(ord('x'))+1:data.find(ord('L'))]
sig = data[(data.rfind(ord('x')) + 1):data.rfind(ord('L'))]
m=pow(int(c,16),d2,n2)
print(m)
if m == powmod(int(sig, 16), e1, n1):
flag[seq] += chr(m)
print(flag)
追踪tcp流
flag{n0th1ng_t0_533_h3r3_m0v3_0n}