Today the focus is on oracles ! You already encountered the decipher oracle in part 1 but now you’ll meet :
- The LSB oracle
- The padding oracle
Today the focus is on oracles ! You already encountered the decipher oracle in part 1 but now you’ll meet :
Before diving right into more advanced attacks, let’s take a minute to do a quick recap because it’s been a long time since the last part. Once your mind is warmed up you can safely move on.
On the program today you have :
Spoiler: There will be Maths 😉
Continue reading
RSA is my favorite cryptosystem. 🙂 It’s simple and powerful.
In this series I will try to go through every attacks (that I’m aware of) against RSA which are useful for solving CTF tasks.
I’m not going to give you scripts that will do all the work for you but rather explain how the attacks work. The aim of this series is to understand the attacks you use and which one is most appropriate depending on the task. I will try to be beginner friendly and repeat myself in the beginning but afterwards I will assume that the reader has learnt the concepts. Continue reading
EasyCTF is one of the largest student-run high school cybersecurity events.
It took place on Fri. 10/02/2018 until Sun. 20/02/2018. 1790 teams competed in the event. Continue reading
It seems we’ve intercepted 2 strings that were both encrypted with what looks like OTP! Is it possible to decrypt them?
c1 = 38445d4e5311544249005351535f005d5d0c575b5e4f481155504e495740145f4c505c5c0e196044454817564d4e12515a5f4f12465c4a45431245430050154b4d4d415c560c4f54144440415f595845494c125953575513454e11525e484550424941595b5a4b c2 = 3343464b415550424b415551454b00405b4553135e5f00455f540c535750464954154a5852505a4b00455f5458004b5f430c575b58550c4e5444545e0056405d5f53101055404155145d5f0053565f59524c54574f46416c5854416e525e11506f485206554e51
We had a flag, but lost it in a mess of alphabet soup! Can you help us find it?
Connect to the server via nc c1.easyctf.com 12484
. Continue reading
Bob is extremely paranoid, so he decided that just one RSA encryption is not enough. Before sending his message to Alice, he forced her to create 5 public keys so he could encrypt his message 5 times! Show him that he still is not secure…
Here are the 5 public keys that Bob used, each in the format of (N, e): (9247606623523847772698953161616455664821867183571218056970099751301682205123115716089486799837447397925308887976775994817175994945760278197527909621793469, 11) (9247606623523847772698953161616455664821867183571218056970099751301682205123115716089486799837447397925308887976775994817175994945760278197527909621793469, 41) (9247606623523847772698953161616455664821867183571218056970099751301682205123115716089486799837447397925308887976775994817175994945760278197527909621793469, 67623079903) (9247606623523847772698953161616455664821867183571218056970099751301682205123115716089486799837447397925308887976775994817175994945760278197527909621793469, 5161910578063) (9247606623523847772698953161616455664821867183571218056970099751301682205123115716089486799837447397925308887976775994817175994945760278197527909621793469, 175238643578591220695210061216092361657427152135258210375005373467710731238260448371371798471959129039441888531548193154205671) Here is his encrypted message: 7117565509436551004326380884878672285722722211683863300406979545670706419248965442464045826652880670654603049188012705474321735863639519103720255725251120
The Hackim 2018 CTF took place on Fri. 09/02/2018, 23:00 until Sun. 11/02/2018, 11:00. Over 1800 people took part in the event but only the top 40 were eligible to win a free conference pass for the Nullcom Goa 2018. Continue reading
By his grace, we have been successfully organizing nullcon, year on year and this is the Nullcon9. At this juncture we cannot forget what did he had said, the one panacea given by him…
In 2010 when we were all worried, how can we be successful with this first ever event… Continue reading