Forget safe primes... Here, we like to live life dangerously... >:)
-
Searching online for "pollard smooth prime" finds Pollard's p − 1 algorithm.
-
Using RsaCtfTool with the
pollard_p_1attack by runningpython RsaCtfTool.py --uncipher [c] -e 65537 -n [n] --attack pollard_p_1doesn't work since it doesn't try enough primes (relevant source code). So, we adapt their script to create the solution script.py, which tries 7000 primes. -
Interestingly, this prime is in factordb so RsaCtfTool will print the flag immediately when using the
factordbattack.
picoCTF{376ebfe7}