Code Monkey home page Code Monkey logo

gorsatool's People

Contributors

sourcekris avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar

gorsatool's Issues

Processing stopped after 5 attacks

I was taking part in a CTF challenge where we were given n, e and c. I installed goRsaTool on a Kali Linux 2022.1 box.

Commands executed:
goRsaTool -createkey -n 403...233 -e 65537 > key.pub
(I snipped the digits of n and the ... wasn't in the command. Happy to provide the whole number if that will help though. )
goRsaTool -key key.pub -attack all -verbose

Output:
rsatool: rsatool.go:94: starting up...
2022/03/19 09:21:34 small q attempt beginning with timeout 3m0s
2022/03/19 09:24:34 wiener attack failed, trying the the next variant
2022/03/19 09:24:34 wieners2 attack failed, trying the final variant
2022/03/19 09:26:30 fermat factorization attempt beginning with timeout 5m0s
2022/03/19 09:31:30 londahl attempt beginning with timeout 5m0s
zsh: killed goRsaTool -key key.pub -attack all -verbose

I followed the instructions for installing:
sudo apt install git golang libflint-dev libecm-dev make
git clone https://github.com/sourcekris/goRsaTool
cd goRsaTool
make
sudo make install

When it first stopped I rebooted, ran apt update then apt upgrade (nothing upgraded) and tried again. It stopped again after the same first few attack attempts.

I wasn't using the box otherwise while it was running. I just let it go and checked in say 15 minutes later.

londahl attack fails

attack fails getting killed by OS:

$ go run rsatool.go -attack londahl -key examples/londahl.pub                                                                                              
signal: killed

Native MacOS release

Similar to #4 , the goal would be to provide a native MacOS app, signed with an apple developer cert so MacOS users can use the tool without a VM.

I have no idea how to accomplish this but i suspect the build is easier than Windows given the tool already builds on MacOS natively.

JSON Key Support

It is uncommon but I saw a CTF or two distribute keys as JSON blobs.

something like:

{'n':'0x1234....', 'e':'0x123'} 

The text key parser is already overly complicated with regex matching. I don't really want to write an AST based key parser either. So perhaps a first pass at this with -json boolean flag where users can self identify the key is JSON.

The default should be false.

It should support lists / slices of keys and when a slice of keys is found it could act as in the -keylist flag.

Native windows release

There exist few RSA CTF tools for windows. People can use WSL and leverage python tools or this tool but nothing exists for native windows users.

Golang can cross compile for other platforms but its more complex when CGO code is used which this project makes extensive use of.

I'm looking into a native, static, binary release or a release w/DLLs if necessary.

Support wildcard key filenames

if a wildcard filename is provided, the tool should expand the filename and glob all of the files and act as if the keylist flag was passed.

The goal should be to deprecate the use of the -keylist flag as much as possible.

An example invocation that should work:

goRsaTool -key "*.pub" -attack commonmodulus

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.