ångstrom CTF 2021 - Oracle of Blair [crypto]

• Competition: ångstrom CTF 2021
• Challenge Name: Oracle of Blair
• Type: Crypto
• Points: 160 pts
• Description:

  Not to be confused with the ORACLE of Blair. nc crypto.2021.chall.actf.co 21112. Author: lamchcl

AES-CBC decryption oracle where attacker can have the server include the flag at any position in the ciphertext.

ångstrom CTF 2021 - substitution [crypto]

• Competition: ångstrom CTF 2021
• Challenge Name: substitution
• Type: Crypto
• Points: 130 pts

This challenge involves solving analyzing polynomials over a Galois field.

ångstrom CTF 2021 - I'm so random [crypto]

• Competition: ångstrom CTF 2021
• Challenge Name: I’m so random
• Type: Crypto
• Points: 100 pts
• Description:

  Aplet’s quirky and unique so he made my own PRNG! It’s not like the other PRNGs, its absolutely unbreakable!

This challenge involves a very broken PRNG.

Shakti CTF 2021 - Art Gallery 2 [web]

• Competition: Shakti CTF 2021
• Challenge Name: Art Gallery 2
• Type: Web
• Points: 300 pts
• Description:

  I’m on the way to open my very own Art Gallery http://34.66.139.33/. I can allow you to take a peak if you want. But not everyone though. Author: Nimisha

Exploiting a boolean SQLi without WHERE or the characters & and = using REGEXP and the albatar framework.

UMass CTF 2021 - replme [pwn]

• Competition: UMass CTF 2021
• Challenge Name: replme
• Type: pwn
• Points: 500 pts
• Description:

  Description: I found this new programming language and wanted people to be able to try it out. http://34.72.244.178:8085

I didn’t play the CTF, but the replme task caught my attention. The challenge was about exploiting the interpreter for the Janet Language. As I like interpreters and had written some exploits for other interpreters in the past, I decided to take a look at this task after the CTF ended.

Running the interpreter reveals the version.

./janet 
Janet 1.1.0-dev-6887dd05  Copyright (C) 2017-2019 Calvin Rose
janet:0:>