https://app.hackthebox.com/challenges/438

Description

You used the cloak of invisibility to enter the bank and spy on the employees. They seem to be using magic to automate the paperwork. As you watched the papers flying around, you managed to steal one of them. It contains the details about the vault containing the Golden Grail with Valdemort's soul. After regrouping with Ermiani and Ran, you drank the transformation poison and entered the bank as one of the employees. The passphrase for the vault is encrypted and the only thing you can ask the bank for is a small hint that seems to be magic-proof.

Exploitation

#!/usr/bin/python3
import socket,sys,gmpy2

def main(host,port):
    s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
    s.connect((host,port))
    p=157875172209163519678943359148525333531716726677753633934296611712000756309667034596569133406098287955902929909543766113103871854290570427288416517970201806645975359034144521325212023682443479156175345265695523898222195390245489486286336622758826675848519763864114653366396161706216930716646891645418638230777
    c=0x226e64eaeac943cd2386a9e4a4c9298fb9cb7de03c7a213d1b322b97282b86048d5fca4196ac7a8fc4ad436a18dad51b8a61ba3f1abb6bc5c36c7d2d1b017f153e6d4abb36541c0d18b06fe3c3c62a37e491068c47cebb81b787c625d83a30c3bbf0b199af30f324fbbf3704b43d14cd33f96ad3d21f5ef7e2f8140825b9b0b3d6e4949f2cb99d6504e7de1efdea60d5fc86926757965d50ffcf0d6beabfc028aec797b0dde69ecec821aa847442fe944e11073d8af6199c0256b7585a1538ffd4ec48fcf4550d5d0db6843b96695f65ebeffd51c08e7920ab57a1e8ae6f66fd3d68d2ff4af64cba7f63a4f4278518247e4505091d94142173d6b1fd58418b96
    n=17415590906978433746472641764083504512019958412158092813450467355788577633087254416157801044394309487617942708339245514241198481677964708123680885650475742121129771766359967489634887005007988336291170522394424447782344637066887606424930021648088268320866687879629746818809145950310136907696781348429161849531727203320131362773603137160846675973851729681676355984788417018929487346062717582378311437452281097285000670744354738795391901185318315491985549861831660290116418075125748786314871734796448641636181705051487202260458576056902007899564398926860405655987541775486698325723575216153624082972207828956997490139773
    e=65537
    q = n//p
    phi = (p-1)*(q-1)
    d = int(gmpy2.invert(e, phi))
    m = pow(c,d,n)
    print("Decrypted hash:",bytes.fromhex(hex(m)[2:]).decode())
    data = s.recv(1024).decode()
    print("\nServer response:", end='')
    print(data)
    s.send(b"3\n")
    data = s.recv(1024).decode()
    print(">3\n")
    print("Server response:", end='')
    print(data)
    s.send(b"vault_68\n")
    data = s.recv(1024).decode()
    print(">vault_68\n")
    print("Server response:", end='')
    print(data)
    s.send(b"horcrux_horcrux_Helga_Hufflepuff's_cup\n")
    flag = s.recv(1024).decode()
    print(">horcrux_horcrux_Helga_Hufflepuff's_cup\n")
    print("Flag:", flag.strip())

if len(sys.argv) != 2:
    print(f"Usage: python {sys.argv[1]} <ip:port>")
    sys.exit(1)

try:
    host,port = sys.argv[1].split(":")
    main(host,int(port))
except Exception as e:
    print(f"Error: {e}")

Summary

Bank-er-smith: exploit the RSA structure, recover the missing secret, and decrypt the flag.