HackTheBox – Weak RSA

In this write-up we will be visiting the Weak RSA challenge from HackTheBox.

Can you decrypt the message and get the flag?


We are given two files, flag.enc and key.pub, of which the key.pub file contains the following contents.

-----BEGIN PUBLIC KEY-----
MIIBHzANBgkqhkiG9w0BAQEFAAOCAQwAMIIBBwKBgQMwO3kPsUnaNAbUlaubn7ip
4pNEXjvUOxjvLwUhtybr6Ng4undLtSQPCPf7ygoUKh1KYeqXMpTmhKjRos3xioTy
23CZuOl3WIsLiRKSVYyqBc9d8rxjNMXuUIOiNO38ealcR4p44zfHI66INPuKmTG3
RQP/6p5hv1PYcWmErEeDewKBgGEXxgRIsTlFGrW2C2JXoSvakMCWD60eAH0W2PpD
qlqqOFD8JA5UFK0roQkOjhLWSVu8c6DLpWJQQlXHPqP702qIg/gx2o0bm4EzrCEJ
4gYo6Ax+U7q6TOWhQpiBHnC0ojE8kUoqMhfALpUaruTJ6zmj8IA1e1M6bMqVF8sr
lb/N
-----END PUBLIC KEY-----

Looking at the contents of the key.pub file, it becomes evident that we are looking at an RSA public key. As with any RSA challenge in which we only have knowledge of the RSA public key, we will use RsaCtfTool to attempt various different types of attacks against the flag.enc file using the key.pub public key.

As can be seen in the illustration above, we were able to perform a Wiener’s attack to recover the plaintext flag from the flag.enc file. In case you are interested in the subject, you can read more about the Wiener’s attack here.

And there you have it – the challenge has been solved!

Leave a Reply