Firebird Internal CTF 2022 Writeup

This is the time that Firebird Internal CTF happens. I made three crypto challenges this year - Lack of Entropy (⭐), Authenticator (⭐⭐) and Collider (⭐⭐). I will discuss the solution for all of them in the blog post.
Read more →

Intigriti’s XSS Challenge (January 2022)

Intigriti's XSS Challenge (January 2022)
@intigriti has a XSS challenge every month. The challenge is not hard this time and I am able to solve it in an hour or two. The best thing I learned is to recover source code using the source map file.
Read more →

Dragon CTF 2021: CRC Recursive Challenge (Warmup)

Dragon CTF 2021: CRC Recursive Challenge (Warmup)
@blackb6a played Dragon CTF 2021 last weekend and I spent most of the time solving the CRC duo. They are very fun but unfortunately that we were close enough while unable to get the second flag.
Read more →

Balsn CTF 2021: dlog

@blackb6a played Balsn CTF 2021 last weekend. There are three crypto challenges, and they are all pretty hard. In this blog post we will cover the dlog challenge, which is a timing attack on the CPython’s pow method. @grhkm2023 and I spent a lot of time working on this challenge. Although we did not solve it, we actually learned a lot from the challenge and lost a pile of hair (maybe it is just me).
Read more →

HKCERT CTF 2021 Postmortem (IV): The Remaining Ones

HKCERT CTF 2021 Postmortem (IV): The Remaining Ones
We will cover the remaining challenges I wrote in this part: Flag Checker™, The Wilderness and Potion of Ciphermath.
Read more →