Cyber Apocalypse CTF 2022 Writeup — Down the Rabinhole

The challenge

from Crypto.Util.number import getPrime, isPrime, bytes_to_long
from Crypto.Util.Padding import pad
import os

FLAG = b"HTB{--REDACTED--}"

def getPrimes(coefficient):
    while True:
        a = getPrime(512)
        p = 3 * coefficient * a + 2
        if isPrime(p):
            break
    while True:
        b = getPrime(512)
        q = 3 * coefficient * b + 2
        if isPrime(q):
            break
    return p, q

def encrypt(message, coefficient):
    p, q = getPrimes(coefficient)
    n = p * q
    padded_message = bytes_to_long(pad(message, 64))
    message = bytes_to_long(message)
    c1 = (message * (message + coefficient)) % n
    c2 = (padded_message * (padded_message + coefficient)) % n
    return (n, c1, c2)

def main():
    coefficient = getPrime(128)
    out = ""
    message = FLAG[0:len(FLAG)//2]
    n1, c1, c2 = encrypt(message, coefficient)
    out += f"{n1}\n{c1}\n{c2}\n"
    message = FLAG[len(FLAG)//2:]
    n2, c3, c4 = encrypt(message, coefficient)
    out += f"{n2}\n{c3}\n{c4}"
    with open("out.txt", "w") as f:
        f.write(out)

if __name__ == '__main__':
    main()

The python script performs encryption on the flag then store in a text file:

596955664103759160850910…