Write-Ups

KalmarCTF 2024 – One key to rule them all

Categorie: Web
Points: 484
Solves: 11
Description:
Encryption is easy, but key management is hard – I got the solution! Just use one key everywhere, i.e. nothing to manage (just don’t lose it)
http://one-key.chal-kalmarc.tf:5000
Attachments: official Github repo (not available yet)

Archive:  handout-onekey.zip
Length Date Time Name
--------- ---------- ----- ----
0 03-15-2024 19:44 handout-onekey/
1102 03-06-2024 23:04 handout-onekey/Dockerfile
6631 03-06-2024 23:04 handout-onekey/app.py
399 03-06-2024 23:04 handout-onekey/readflag.c
440 03-06-2024 23:04 handout-onekey/supervisord.conf
196 03-15-2024 19:44 handout-onekey/docker-compose.yml
16 03-06-2024 23:04 handout-onekey/flag
--------- -------
8784 7 files
Continue reading
Write-Ups

FCSC 2022 – Write-Ups for some of the crypto challenges

In this post, I’ll present my write-ups for some of the challenges listed in the “Crypto” category, in no particular order. Three of them are not directly written in this post and only contain a link to the actual write-up.

The challenges are:

  1. Shuffled
  2. My Tailor is Rich
  3. T-Rex
  4. Gaston La Paffe
  5. Surface
  6. Hash-ish
  7. Kahl Hash
  8. Share It
  9. IZNOGOOD
  10. Millenium

I didn’t manage to solve two of them, but I will briefly give my thoughts on them.

Continue reading
Posts

Solving RE tasks the crypto way

In this post I want to share with you my way of solving reverse engineering (RE) tasks in CTFs involving simple cryptography without reading a single bit of assembly, purely by cryptanalysis.

Of course this can’t be applied on all RE tasks you’ll encounter that make use of cryptography, but sometimes it might save you a lot of pain trying to solve a difficult RE task, like I did here. You might also have to do it simply because you don’t have access to the cryptographic code (Black Box), like in one of the parts of the Black Badge challenge for Le Hack 2019, which will serve as an example throughout this post.

If you’re new in the field of cryptanalysis this might also be of interest to you to see the methodology you can apply. You might even learn something new. 😉

Continue reading