# No Padding, No Problem

## Problem

> Oracles can be your best friend, they will decrypt anything, except the flag's ciphertext. How will you break it? Connect with `nc mercury.picoctf.net 30048`.

## Solution

1. We can use a [Chosen Plaintext Attack](https://en.wikipedia.org/wiki/Chosen-plaintext_attack) because there is no padding (indicated by the challenge name) and because we can obtain a pair of ciphertext and plain text.
2. This [Cryptography StackExchange answer](https://crypto.stackexchange.com/a/2331) explains the math behind this attack and [this other answer](https://crypto.stackexchange.com/a/1409) gives a general overview. [zweisamkeit/RSHack](https://github.com/zweisamkeit/RSHack) will automatically perform the attack.
3. Launch `RSHack` with `python3 ./rshack.py` and choose `6. Chosen Plaintext Attack`. Enter the requested information that is given by the challenge: `-n 153317174058272550456436172449379299806606217553583761819287564877942534965046227344186058376803093993732545195006086816891944498697633187352196326580153807193033946265606650305982496810158441324600306024841309110972476195656440282902135076530067225540978713347941494454052999812070106156529492911343680242741 -e 65537 -c 17856665799347463433430880568845899354644746464433920082258619214879000598153275923217743069208871536178972863528995615460756303433973894149616582539818582439239784720267559459321138287482158169482468765162201663023135450768895056898831857379733724122898661531574080743044725582803949198990258704657232380979`
4. Decrypt the output ciphertext (`37059408608775406653278875603018311139510307136504672307865761675985156589489798839559188163928817978347370339638124833262152743672090581147412234838596461554223512297538748918111802748123952874981734233962360860833781482145874839293757683607729488658056554357895645071803058704036888058288942471423522328962`) using the challenge to get `580550060391700078946913236734911770139931497702556153513487440893406629034802718534645538074938502890769425795379846471930`.
5. Paste the decrypted text into `RSHack` to get the interpreted plaintext, aka the flag.

### Flag

`picoCTF{m4yb3_Th0se_m3s54g3s_4r3_difurrent_5052620}`


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://picoctf2021.haydenhousen.com/cryptography/no-padding-no-problem.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.