Gros

Nullcon 2019 - Singular


tldr; discrete log on singular curve

CTFZone quals 2018 - WhateverNote


tldr; BREACH attack on TLS1.2 with AES GCM (HTTP level compression)

JHtC4BSK barsa


Crypto ctf challenge for JHtC team. Source code The page have two standard functionalities: user registration and logging in. After playing with them for a while we can see that authentication is based on “auth” cookie, which contains two long numbers separated by dash. Next thing to check is html source. After not looking at robots.txt, we do not get encrypted zip file with challenge’s source code. src/static » unzip -l do_not_look_at_me.zip Archive: do_not_look_at_me.zip Length ...