Skip to main content

Posts

2018

Analysing the worst ransomware - part 1
·15 mins
Reverse
Today we will reverse-engineer a simple “ransomware” made specifically for this purpose. Let’s give it the name Tupper. Tupper is not really a ransomware because it doesn’t ask for a ransom, it only attacks a specific location on the filesystem and I unintentionally forgot another important feature of ransomwares, try to find it. :)
Attacking RSA for fun and CTF points - part 3
·10 mins
Crypto Ctf Rsa

Today the focus is on oracles ! You already encountered the decipher oracle in part 1 but now you’ll meet :

  1. The LSB oracle
  2. The padding oracle
Attacking RSA for fun and CTF points - part 2
·9 mins
Crypto Ctf Rsa

Before diving right into more advanced attacks, let’s take a minute to do a quick recap because it’s been a long time since the last part. Once your mind is warmed up you can safely move on.

On the program today you have :

  1. Small public exponent
  2. Hastad broadcast attack
  3. Fermat’s attack
  4. Wiener’s attack
Attacking RSA for fun and CTF points - part 1
·10 mins
Crypto Ctf Rsa

RSA is my favorite cryptosystem. It’s simple and powerful.

In this series I will try to go through every attacks (that I’m aware of) against RSA which are useful for solving CTF tasks. I’m not going to give you scripts that will do all the work for you but rather explain how the attacks work. The aim of this series is to understand the attacks you use and which one is most appropriate depending on the task. I will try to be beginner friendly and repeat myself in the beginning but afterwards I will assume that the reader has learnt the concepts.

Our first attacks will be :

  1. Common modulus
  2. Decipher oracle
EasyCTF IV - Special Endings
·2 mins
Forensic Stegano Write-Up Ctf
She taught us so much… tribute
EasyCTF IV – Soupstitution
·2 mins
Reverse Write-Up Ctf
We had a flag, but lost it in a mess of alphabet soup! Can you help us find it?
EasyCTF IV - RSA V
·2 mins
Crypto Write-Up Ctf
Bob is extremely paranoid, so he decided that just one RSA encryption is not enough. Before sending his message to Alice, he forced her to create 5 public keys so he could encrypt his message 5 times! Show him that he still is not secure…
EasyCTF IV - Not OTP
·3 mins
Crypto Write-Up Ctf
It seems we’ve intercepted 2 strings that were both encrypted with what looks like OTP! Is it possible to decrypt them?
EasyCTF IV - Recap
·2 mins
Ctf
EasyCTF is one of the largest student-run high school cybersecurity events. It took place on Fri. 10/02/2018 until Sun. 20/02/2018. 1790 teams competed in the event.
Hackim18 - Web2
·2 mins
Web Write-Up Ctf
This is the second challenge in the web category of the hackim 2018 CTF. There is no description for this challenge besides what may be the challenge’s title: Hidden in Plain Sight