tl;dr

Out of bounds write in trustlet ‘1’, allows us to write random bytes at an address of
our choice. We can write our shellcode to an rwx region with this, without any bruteforce.

Note: During the CTF we used a 1 byte brute-force to get write shellcode in the rwx segment and get shell. It was only afterwards that we realised that no bruteforce was required!

tl;dr

• You need to pass 999 levels to get the flag.
• Each of the levels involves multiple checks on input characters.
• Each check happens in seperate functions which are decrypted during runtime.
• Extract function order and arguments.
• Automate finding input for each check.

tl;dr

1. Find Elliptic Curve parameters from given points on the curve
2. Find x-coordinate of 2*P, given y-coordinate of 2*P
3. Invert 2 over mod (P.order()) and multiply the result with 2*P to get P
4. Submit ASIS{P.x} as the flag

Full solution of EZDSA challenge from MidnightSun CTF Quals 2019.

tl;dr retrieving key using Euler’s Criterion to break signature authentication

tl;dr solving RSA Digital Signature using it’s homomorphic property:

1. Calculate the signature of factors of message M to be signed, separately
2. Combine them by multiplication over modulus to get the signature of M

tl;dr Coppersmith’s Attack to recover RSA primes

tl;dr

1. Find roots in a polynomial ring over $ mod;p $
2. Use Hensel’s Lifting lemma to find roots over $ mod;p^k $

tl;dr Known plaintext attack on a multithreaded AES-CTR

tl;dr

1. Extract data from given images using binwalk
2. Tranform given diophantine equation into a cubic curve and retrieve EC parameters
3. Solve ECDLP given in extracted data using Pohlig Hellman Algorithm

This school CTF had a good set of challenges for beginners

pwn1

32-bit executable, dynamically linked, not stripped

When you run the executable in the terminal, the program simple asks for an input and checks whether it is the secret it is looking for or not.

debugging in GDB…

1
2
3
4
5
6

gdb-peda$ checksec
CANARY    : disabled
FORTIFY   : disabled
NX        : ENABLED
PIE       : disabled
RELRO     : Partial

Going through the assembly code, we can see that see a gets() function. This gives us a chance to corrupt any stack address higher than the stack address where the gets() is to read into. We can also see a call to ‘print_flag’ function. This call instruction is executed only after a cmp instruction which compares [ebp-0xc] with ‘0xf007ba11’.

1
2
3

0x0804861d <+107>:	cmp    DWORD PTR [ebp-0xc],0xf007ba11
0x08048624 <+114>:	jne    0x804862d <main+123>
0x08048626 <+116>:	call   0x804854b <print_flag>