ångstromCTF 2021: Cache Money

ångstromCTF 2021: Cache Money

I played ångstromCTF 2021 for @blackb6a to spend my Easter holiday. I solved most of the reverse and cryptography challenges alone. In particular, Cache Money is one of the harder crypto challenges that I spent more than one day dealing with. It is very rewarding, and eventually four teams ended up solving it.

This challenge reimplements the Advanced Encryption Standard (AES) on 128, 192 and 256-bit keys. The encryptor is equipped with caches and we are given a service to encrypt (or decrypt) our messages. In short, there are four oracles provided by the service ($k_0$ is the fixed secret key and $b \in \{128, 192, 256\}$).

Read more →

My path of binary exploitation (1)

My path of binary exploitation (1)
It is the [insert an arbitrary number] time I have determined to learn binary exploitation since April 2017. However I have always lost intention as the problems are much more challenging than I am capable of. I could hardly remember anything on the next time when I have determined to study again. That’s an incentive for me to write blog posts - I could read them and recall what has happened, thus spending less time learning all over from zero. Of course, it would be always better if I could persist.
Read more →

HKCERT CTF 2020 Postmortem

HKCERT CTF 2020 Postmortem
On August 2020, @blackb6a was invited to co-organize HKCERT CTF 2020 (which is held on November 2020) as one of the challenge authors. This is a CTF for secondary and tertiary students in Hong Kong. Although I had experience preparing CTFs earlier, this is actually the first CTF officially prepared by Black Bauhinia. I have written four challenges for this CTF - Sanity Check II (Web), LF2 (Reverse), Sign In Please (Crypto) and Calm Down (Crypto). There will also be some stories behind the scenes.
Read more →

Aero CTF 2021 Writeup

Aero CTF 2021 Writeup
This time I am playing alone for @blackb6a and had all the crypto challenges solved (and nothing else). I found the crypto challenges in many of the CTFs this year are worth-trying, and these are no exceptions. I ended up at the 9th place. By the way, @SuperGuesser is the first to solve for all of the crypto challenges. Can we nerf @RBTree_ and @rkm0959?
Read more →

Union CTF 2021 (II): committee

We are given log.txt that contains the full commit history of the flag-containing repository. We are also given the content of the only file, namely flag.txt, for the first three commits. Also, three characters are filled in each subsequent commit. The objective is to recover the flag.
Read more →