PicoCTF Writeup — john_pollard
The john_pollard challenge is a Cryptography challenge worth 500 points in picoCTF that revolves around RSA certificates. The objective of the challenge is to break the RSA certificate. Upon further investigation and research, it was discovered that the openssl software library can be utilised to solve this challenge.
Solution
The first step is to download the file using the wget command followed by the copied link address to retrieve the file from the link.
The ‘cert’ file will then be retrieved into the Downloads directory and can be viewed by using the ls command.
As the objective of the challenge is to break the RSA certificate, we will be using the X.509 certificate standard. The input file will be ‘cert’, and no output is expected since only the reading of certificate is necessary. Using openssl and the -in commands, specify the file that contains the certificate, which is ‘cert’. Following that, the -text and -noout commands are used since no output is required. Altogether, the command line will be: openssl x509 -in cert -text -noout . This will display the certificate details, as shown below.
Referring to the hints provided, it mentioned that the flag is simply the factored modulus. Scanning through the certificate, it is discovered that the value of the modulus is 4966306421059967. The next step is to factorize the acquired modulus.
This can be done by manual coding, but advanced technology allows a more simplified process of acquiring the modulus.
We can use this online tool called Alperton and enter the modulus in the ‘Value’ text box and click on the ‘Factor’ button.
The tool will display two numbers as the product of factorization, which are 67867967 and 73176001. Referring to the hints, the format of the flag is picoCTF{p,q}, in which the values of p and q are interchangeable. Thereafter, the solution to this challenge is either picoCTF{67867967,73176001} or picoCTF{73176001, 67867967}, which concludes the picoCTF challenge john_pollard.
