u/CicadaIcy4500

hi guys,

so i got super tired of RsaCtfTool timing out during ctfs because of single-threaded python arithmetic. spent the last couple of weeks rewriting the attack suite in rust.

im using the rug crate for gmp bindings so the math backend is pretty much identical, but i hooked it up with rayon. basically it runs all single-key attacks in parallel on all cores and aborts the remaining threads the moment one thread finds p and q or gets the private key.

tested it on some fixtures, got around 50x speedup on average compared to python, and zero timeouts on vectors where python just died.

its completely offline-first right now. about 50 attacks are fully runnable out of 59 (the rest are just compatibility stubs for now until i implement them, z3 solver is a pain in rust).

the code is here: https://github.com/abdullaabdullazade/RsaRustTool
crates.io: https://crates.io/crates/rsa-rust-tool

lmk if you find any bugs or if my manual der parsing breaks on your public keys. open to prs if anyone wants to optimize the math modules.

Hey guys, im 17 and currently prepping for a big international under-20 security competition. I've done around 150+ medium challenges on picoctf but the format for this one is pretty intense: 7 hours a day for 2 days. Tasks have multiple subtasks (4-8) that all share the same codebase or binary. Also, pwn is only x86_64.

Crucially, we wont have external monitors and AI use is restricted and monitored during the game. I usually rely on AI quite a bit for quick scripting and explanations, so I need to get much better at "manual" work because of these rules.

I got a silver medal at an international event last year but im really pushing for gold this time.

Should I focus on pwn.college or is HTB better for this "subtask/common codebase" style? Also, any advice on building stamina for 7-hour sessions? I tend to hit a wall after 4-5 hours.

thanks!

#picoctf