Maojui

## Volga 2019 - blind (Crypto, 200)

2019-05-14

### Challenge

File : server.py

This is a challenge related to digital signature.

we can :

1. sign some command
2. call ls or cat after authentication

cat is black-listed command that forbid us to sign. However the way it check the black list is Base64Decode(input) == 'cat', and it is easy to bypass.

### Solution

1. First use ls command and we can see that flag is stored in flag.

Then we can simply convert cat flag into integer and factor it into a * b.

Since RSA is malleable, sign(a * b) == (sign(a) * sign(b)) % n, we can then get flag.

solve.py

Tags: RSA