08 Apr 2021
- Competition: ångstrom CTF 2021
- Challenge Name: Oracle of Blair
- Type: Crypto
- Points: 160 pts
- Description:
Not to be confused with the ORACLE of Blair. nc crypto.2021.chall.actf.co 21112.
Author: lamchcl
AES-CBC decryption oracle where attacker can have the server include the flag at any position in the ciphertext.
Read more...
07 Apr 2021
- Competition: ångstrom CTF 2021
- Challenge Name: substitution
- Type: Crypto
- Points: 130 pts
This challenge involves solving analyzing polynomials over a Galois field.
Read more...
07 Apr 2021
- Competition: ångstrom CTF 2021
- Challenge Name: I’m so random
- Type: Crypto
- Points: 100 pts
- Description:
Aplet’s quirky and unique so he made my own PRNG! It’s not like the other PRNGs, its absolutely unbreakable!
This challenge involves a very broken PRNG.
Read more...
04 Apr 2021
- Competition: Shakti CTF 2021
- Challenge Name: Art Gallery 2
- Type: Web
- Points: 300 pts
- Description:
I’m on the way to open my very own Art Gallery http://34.66.139.33/. I can allow you to take a peak if you want. But not everyone though. Author: Nimisha
Exploiting a boolean SQLi without WHERE
or the characters &
and =
using REGEXP and the albatar framework.
Read more...
28 Mar 2021
- Competition: UMass CTF 2021
- Challenge Name: replme
- Type: pwn
- Points: 500 pts
- Description:
Description: I found this new programming language and wanted people to be able to try it out. http://34.72.244.178:8085
I didn’t play the CTF, but the replme
task caught my attention. The challenge was about exploiting the interpreter for the Janet Language. As I like interpreters and had written some exploits for other interpreters in the past, I decided to take a look at this task after the CTF ended.
Running the interpreter reveals the version.
./janet
Janet 1.1.0-dev-6887dd05 Copyright (C) 2017-2019 Calvin Rose
janet:0:>
Read more...