picoCTF 2025 – Cryptography • Easy
The challenge provides us with the source code used to encrypt the flag.
We can observe that the code follows a standard textbook-RSA approach, but the function that is used for generating primes.
The 'get_primes' function is a custom function which codes is not provided. We assume the weakness of the system is in this step.
Connecting to the provided webshell we can observe that the number N is an even number. Our guessing was correct, the custum function is not secure.
Given 'p = 2' we can easly obtain 'q' by dividing 'N' by 2 (we should also check that 'q' is a prime number).
Now that we have the secret key, it is just a matter of standard operation to recover the plaintext.
d = inverse(e, (p-1)*(q-1))flag = long_to_bytes(pow(cyphertext, d, N)).decode()