بنقرة واحدة
crypto-recipes
Cryptographic attack recipes for CTFs and security assessments
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
Cryptographic attack recipes for CTFs and security assessments
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Create generative art using p5.js with seeded randomness so every render is reproducible. Useful for procedural posters, motion-style stills, and artistic frame studies.
Huashu / huashu-md-html-inspired magazine article layout for turning Markdown or notes into a polished long-form HTML essay.
推特金句 / 数据卡, 适合配推文
小红书风格知识卡片, 多张联排可滑动浏览
把 CSV/Excel/JSON 数据转成漂亮的可视化报告页
电子杂志 × 电子墨水; 10 个版面 + 5 套调色板 (墨水/靛蓝瓷/森林墨/牛皮纸/沙丘)
| name | crypto-recipes |
| description | Cryptographic attack recipes for CTFs and security assessments |
| license | MIT |
| compatibility | opencode |
| metadata | {"audience":"cryptographers","workflow":"crypto-ctf"} |
Small e (Cube Root): When e=3, 5, 17 and m^e < N → sage: Integer(c).nth_root(e)
Hastad Broadcast: Same message encrypted with e=3 to 3+ different N → CRT
Wiener: When d < N^0.25 → Wiener's continued fraction attack → RsaCtfTool
Boneh-Durfee: d < N^0.292 → sage script
Common Modulus: Same N, different e for same m → extended GCD
Franklin-Reiter: Related messages, same N → sage
Coppersmith: Partial knowledge → sage small_roots()
Fermat: p and q close together |p-q| < N^1/4 → Fermat factorization
Pollard p-1: p-1 smooth → sage
ROCA: Infineon TPM key generation flaw → neca/ROCA tool
ECB Byte-at-a-Time: No padding oracle needed. Use chosen plaintext to build "ecb dictionary". CBC Bit Flipping: Flip intermediate ciphertext bytes to modify next block decryption. CBC Padding Oracle: Server leaks whether padding is valid → decrypt any ciphertext. CBC-MAC Length Extension: Append blocks with known MAC. CTR Nonce Reuse: Same key+nonce = XOR of plaintexts. Use crib dragging.
Length Extension: MD5, SHA1, SHA256, SHA512 (Merkle-Damgard) → hashpumpy/hash_extender. Collision: MD5 chosen-prefix collision tools. Hash Identification: hashid tool or hashcat --example-hashes.
Base64: ends with = or ==, charset A-Za-z0-9+/
Base32: charset A-Z2-7, padding =
Base58: no 0OIl, used by Bitcoin
Base85: begins with <~
Hex: charset 0-9a-f, even length
ROT13: same length, chars shifted 13
Morse: dots/dashes
Binary: 0/1 in groups of 8
Single-Byte XOR: Frequency analysis. Score against English letter frequencies. Most printable = likely correct.
Multi-Byte XOR: Find key length with Hamming distance. Break into single-byte groups.
Known Plaintext: XOR keystream = ciphertext XOR plaintext.
File XOR: XOR with known file header magic bytes (e.g., PNG = 89504E470D0A1A0A, PDF = 25504446).
Berlekamp-Massey: Given enough output bits, recover LFSR polynomial. Sage implementation. Correlation Attack: Multiple LFSRs → Siegenthaler attack.
Invalid Curve: Send point not on curve → recover multiplier mod small factor. Small subgroup: Use Pohlig-Hellman on small order points. MOV Attack: Map ECDLP to DLP in extension field (low embedding degree). Singular Curve: ECC curve with discriminant = 0 → map to additive group.
# Factor
factor(n)
# Discrete log
discrete_log(g, h, mod)
# CRT
crt([r1, r2, r3], [n1, n2, n3])
# Roots
Integer(c).nth_root(e)
# Polynomial roots (Coppersmith)
P.<x> = PolynomialRing(Zmod(N))
f = x + known_prefix
roots = f.small_roots(X=2^(bits), beta=0.5)
# Elliptic curve
E = EllipticCurve(GF(p), [a, b])
RsaCtfTool.py --publickey key.pub --uncipherfile flag.enchashcat -m [mode] hash.txt wordlist.txtjohn --wordlist=rockyou.txt hash.txt