CTFZone quals 2018 - WhateverNote

tldr; BREACH attack on TLS1.2 with AES GCM (HTTP level compression)

JHtC4BSK barsa

Crypto ctf challenge for JHtC team. The page have two standard functionalities: user registration and logging in. After playing with them for a while we can see that authentication is based on “auth” cookie, which contains two long numbers separated by dash. Next thing to check is html source. After not looking at robots.txt, we do not get encrypted zip file with challenge’s source code. src/static » unzip -l do_not_look_at_me.zip Archive: do_not_look_at_me.zip Length Date T...