Google CTF 2023 - myTLS

During the Google CTF 2023, my college and I encountered a fascinating challenge which was TLS themed. The task at hand involved exploiting files writes, hashes and signatures. This writeup is intended to walk you thought he process of how we solve the challenge and is also going to provide an overview of the challenge. If you are only interested in the solution just skip to the Exploit section. Challenge description I implemented my own mTLS....

June 26, 2023 · 6 min · mcsch

AngstromCTF 2023 - Royal Society of Arts 2

Challenge description RSA strikes strikes strikes strikes strikes again again again again again! Author: JoshDaBosh rsa2.py from Crypto.Util.number import getStrongPrime, bytes_to_long, long_to_bytes f = open("flag.txt").read() m = bytes_to_long(f.encode()) p = getStrongPrime(512) q = getStrongPrime(512) n = p*q e = 65537 c = pow(m,e,n) print("n =",n) print("e =",e) print("c =",c) d = pow(e, -1, (p-1)*(q-1)) c = int(input("Text to decrypt: ")) if c == m or b"actf{" in long_to_bytes(pow(c, d, n)): print("No flag for you!...

April 30, 2023 · 3 min · mcsch

Insomni'hack CTF 2023 - Still counting on you

There was only one crypto challenge at the Insomni’hack CTF 2023, and that was this one. Our application runs on a server, and we have a Python file that shows us how it works. The python file consists of 4 functions: xorshift128 encrypt_message encrypt_user_message menu We have the ability to encrypt a message of your choice using the encrypt_user_message function and we can get the encrypted admin_message which most likely also contains the flag....

March 29, 2023 · 4 min · mcsch