Leaked Data (Smart Airspace, 300p)
You have managed to acquire an encrypted message from the exfiltrated data together with set of RSA public keys that belong to employees of the airport.
The keys are already extracted from certificates and saved to files with random names, thus anonymous.
It is known that the message is encrypted with one of those keys.
Find out what data was extracted from the network by decrypting it.
Recovered files
solution
Given archive contains 12 public keys and one encrypted flag.
Looks like a classic crypto challenge, which can be solved with rsactftool.
% 7z l -ba output.zip
2022-09-08 07:02:37 D.... 0 0 output
2022-09-08 07:02:37 ..... 451 364 output/AykiOe5s4c.pub
2022-09-08 07:02:37 ..... 451 364 output/L0e8KNewg4.pub
2022-09-08 07:02:37 ..... 451 365 output/xbq0luU8M1.pub
2022-09-08 07:02:37 ..... 451 363 output/UkRXgScb9p.pub
2022-09-08 07:02:37 ..... 451 363 output/XlrKrhRwM_.pub
2022-09-08 07:02:37 ..... 451 364 output/14T7pHCJoT.pub
2022-09-08 07:02:37 ..... 451 364 output/srwg8STUt8.pub
2022-09-08 07:02:37 ..... 451 364 output/7xzHywx7OG.pub
2022-09-08 07:02:37 ..... 451 366 output/lp2vMVFg9_.pub
2022-09-08 07:02:37 ..... 451 363 output/SSK4agXIKT.pub
2022-09-08 07:02:37 ..... 451 364 output/OzKYw6szFp.pub
2022-09-08 07:02:37 ..... 256 261 output/encrypted_flag
2022-09-08 07:02:37 ..... 451 361 output/gHN0aq8HB2.pubRunning common factors attack with RsaCtfTool, returns flag almost immediately.
# python RsaCtfTool.py --publickey "$HOME/output/*.pub" --attack common_factors --uncipherfile "$HOME/output/encrypted_flag"
(..)
utf-8 : The flag is: CYBERSHOCK{a1146a7b613f34ec76d5179e90c93f676dbdd247}
Flag is CYBERSHOCK{a1146a7b613f34ec76d5179e90c93f676dbdd247}.
