Skip to content

pcw109550/write-up

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CTF write-ups

CTF write-ups written by me. Mostly crypto and blockchain!

2023

  • TSG CTF 2023
    • Crypto 341 - Delta Force - Writeup
      • DLP over singular curve over composite ring: Reduction to additive Group / Pohlig Hellman
  • CCE 2023
    • Crypto 451 - NZK-SIARK - Writeup
      • AES intermdiate state forgery
    • Crypto 451 - De-Identification - Writeup
      • Format Preserving encryption
  • DiceCTF 2023
    • Crypto 199 - BBBB - Writeup
      • LCG parameter selection to make RNG cyclic + Coppersmith Attack

2022

  • CODEGATE 2022 Final
    • Blockchain 500 - Look It Up - Writeup-EN, Writeup-KR
      • Plonkup + frozen heart vulnerability + Solidity Optimizer Keccak Caching Bug
  • RCTF 2022
    • Crypto 769 - S2DH - Writeup
      • Cracking SIDH using Castryck-Decru Attack
    • Crypto 645 - IS_THIS_LCG? - Writeup
      • Truncated LCG + EC-LCG with only 7 x-coordinate + Matrix LCG
  • LakeCTF 2022
    • Crypto 416 - NeutronMail - Writeup
      • Decrypting PGP message with not so random public PGP keys, factoring with gcd.
    • Blockchain 372 - Immutable - Writeup
      • Update code of a deployed contract using CREATE, CREATE2, and SELFDESTRUCT
    • Blockchain 388 - QuinEVM - Writeup
      • Shortest EVM quine
  • angstromCTF 2022
    • Crypto 110 - logloglog - Writeup
      • Pohlig Hellman Algorithm for groups of prime-power order.
  • Plaid CTF 2022
    • Crypto 400 - choreography - Writeup
      • Complementation Slide + Twisted Slide Attack on generalized Feistel Structure.
  • LINE CTF 2022
    • Crypto 138 - Baby crypto revisited - Writeup
      • Reduction to ECDSA biased nonce atack.
  • zer0pts CTF 2022
    • Crypto 304 - Karen - Writeup
      • Solving Hidden Subset Sum Problem with Nguyen-Stern algorithm.

2021

  • POC Cutting Edge CTF 2021
    • Crypto 994 - vpoly - Writeup
      • Solving discrete logarithm problem over finite field.
  • InCTF 2021
    • Crypto 925 - Trouble With Pairs - Writeup
      • BLS Signature Forgery.
    • Reversing 100 - find_plut0 - Writeup
      • Simple reversing using z3.

2020

  • KAPO 2020
    • Crypto 100 - fixed point revenge - Writeup
      • Affine structure of crc.
    • Crypto 100 - Baby Bubmi - Writeup
      • Extension of knapsack cipher.
    • Crypto 100 - Child Beubmi - Writeup
      • Coppersmith attack on multiprime RSA.
  • Crypto CTF 2020
    • Crypto 316 - Fatima - Writeup
      • Solve tiny ECDLP and write inverse functions.
    • Crypto 285 - Complex to Hell - Writeup
      • Brute key matrix using flag oracle.
    • Crypto 142 - One Line Crypto - Writeup
      • Weak prime generation logic for textbook RSA.
    • Crypto 95 - Gambler - Writeup
      • Solve cubic equation over polynomial ring.
    • Crypto 90 - Three Ravens - Writeup
      • Small message with single factor leak.
    • Crypto 55 - Amsterdam - Writeup
      • Binomial coefficient based encoding.
    • Crypto 29 - Trailing Bits - Writeup
      • Trucated plaintext.
  • Defenit CTF 2020
    • Crypto 201 - Double Message - Writeup
      • Coppersmith's short pad attack + Franklin-Reiter related message attack.
    • Misc 906 - Dodge - Writeup
      • Automated dodge solver.
    • Misc 298 - Minesweeper - Writeup
      • Automated minesweeper solver.
    • Misc 181 - QR Generator - Writeup
      • QRCode repl.
  • Pwn2Win CTF 2020
    • Crypto 246 - Omni Crypto - Writeup
      • Coppersmith's attack on partial p exposure on RSA.
    • Crypto 115 - Androids Encryption - Writeup
      • Leak AES key on PCBC.
  • DEF CON CTF Qualifier 2020
    • Crypto 130 - coooppersmith - Writeup
      • Factor n using bivariate coppersmith with leaked info.
    • Reversing 120 - ooobash - Writeup
      • Bash shell reversing.
  • PlaidCTF 2020
    • Crypto 350 - MPKC - Writeup
      • Destroy multivariate quadratic polynomial based encyption scheme by linear algebra.
    • Crypto 250 - dyrpto - Writeup
      • Coppersmith's short pad attack + Franklin-Reiter related message attack.
  • TAMUctf 2020
    • Crypto 338 - ETERNAL_GAME - Writeup
      • Hash length extension attack.
    • Web 262 - MENTALMATH - Writeup
      • Ajax code injection.
    • Web 122 - FILESTORAGE - Writeup
      • LFI + php session poisoning.
    • Web 50 - PASSWORD_EXTRACTION - Writeup
      • Blind SQL injection.
    • Misc 50 - INSTAGRAM - Writeup
      • JPEG marker recovery.
    • Misc 50 - BLIND - Writeup
      • Reverse shell.
  • zer0pts CTF 2020
    • Crypto 636 - dirty laundry - Writeup
      • Paillier cryptosystem with Shamir's secret sharing.
    • Crypto 394 - diysig - Writeup
      • RSA with LSB oracle.
    • Crypto 260 - ROR - Writeup
      • Concat LSB for gaining ciphertext
    • Forensics 100 - Locked KitKat - Writeup
      • Bruteforce android pattern lock
  • Pragyan CTF 2020
    • Crypto 150 - AskTheOracle - Writeup
      • Oracle Padding Attack.
  • nullcon HackIM 2020
    • Crypto 419 - SecureLinearFunctionEvaluation - Writeup
      • Break Bellare-Micali OT by simple math.
  • WhiteHat Grand Pix 06 Quals
    • Crypto 200 - Cryptography 01 - Writeup
      • Simple substitution cipher.

2019

  • Christmas CTF 2019
    • Crypto 1000 - hide and seek - Writeup
      • Solving hidden number problem + Coppersmith's attack on partial p exposure on RSA.
    • Crypto 995 - christmas pockets - Writeup
      • Classical knapsack cryptosystem is vulnerable to low density attack.
  • HITCON CTF 2019 Quals
    • Crypto 200 - Lost Modulus Again - Writeup
      • Recover n to decrypt the flag since d is given.
    • Crypto 200 - Very Simple Haskell - Writeup
      • Decrypt Naccache-Stern Knapsack problem by directly knowing the private key.
  • KAPO 2019
    • Crypto 1 - Lenstra-Lenstra-Lovasz - Writeup
      • Recover dp by using Coppersmith's attack, and recover p.
    • Crypto 1 - Weak-Strong - Writeup
      • ROCA attack.
  • CSAW CTF Qualification Round 2019
    • Crypto 400 - Fault Box - Writeup
      • Fault attack on RSA CRT with a slight twist.
    • Crypto 300 - SuperCurve - Writeup
      • Solving ECDLP when order is small.
    • Crypto 100 - count on me - Writeup
      • Misdesigned block cipher leads to information leakage.
  • Affinity CTF 2019 Quals
    • Crypto 500 - Epic Poem - Writeup
      • XOR encryption, guessing based on flag format.
    • Crypto 350 - GolanG Heights - Writeup
      • Solve quartic equation to factor n on RSA.
  • HackCon 2019
    • Crypto 467 - AgainAndAgainAndAgain - Writeup
      • Multiple encryption with Rabin cryptosystem.
  • Crypto CTF 2019
    • Crypto 314 - NSA basement - Writeup
      • Factoring n using gcd, decryption with OAEP on multiprime condition.
    • Crypto 166 - Alone in the dark - Writeup
      • Solving pellian equation.
  • ISITDTU CTF 2019 Quals
    • Crypto 304 - Chaos - Writeup
      • Simple substitution cipher.
    • Crypto 100 - Easy RSA 1 - Writeup
      • n and e have similar size, so apply Boneh-Durfee attack.
    • Crypto 919 - Easy RSA 2 - Writeup
      • Crack multiprime RSA with Fermat factorization.
    • Crypto 238 - Old Story - Writeup
      • Base64 encoding with guessing.
    • Crypto 395 - decrypt to me - Writeup
      • Weak prng.
  • Facebook CTF 2019
    • Crypto 974 - netscream - Writeup
      • Dual_EC_DRBG with some reversing.
    • Crypto 919 - storagespace - Writeup
      • Order of curve is small, use sage's discrete_log() function.
  • DEF CON CTF Qualifier 2019
    • Crypto 182 - tania - Writeup
      • DSA with LCG nonces are broken using LLL, or apply biased nonce attack.
  • Harekaze CTF 2019
    • Crypto 200 - Now We Can Play!! - Writeup
      • Simple bruteforcing problem.
    • Crypto 100 - ONCE UPON A TIME - Writeup
      • Hill cipher with randomness and padding.
    • Crypto 200 - Show me your private key - Writeup
      • Order of elliptic curve defined over Zmod(n), where n is composite.

2018

  • KAPO 2018
    • Reversing 50 - hdbt - Writeup
      • Calculating inverse over finite field.
    • Reversing 50 - ezbt - Writeup
      • Consecutive XOR for inversion.