I wrote two challenges for Google CTF qualifier - Underhanded and Merkurated. There were 17 and 37 solves during the contest time. I will cover both in this blog post. Underhanded Challenge Summary Proudly sharing our Python implementation of AES. By the way, we sneakily hid a backdoor. Can you see sharp and see what went wrong? Attachments: underhanded.zip We are given yet another Python implementation of AES.| Mystify
I also wrote some reverse challenges this year: Void, Cyp.ress and Bashed!. We will cover them all in the last part of the blog post. Void Challenge Summary I made a simple webpage that checks whether the flag is correct… Wait, where are the flag-checking functions? We are given a static webpage (source code here), where it asks us for the flag: The goal is to provide a legit flag.| Mystify
Surprisingly, I also wrote three series of web challenges this year: Custom Web Server, Mystiz’s Mini CTF and ⚡. They are all inspired from the real-life – either from security reviews or the bugs I came across while developing web apps. Custom Web Server (1) Challenge Summary Someone said: ‘One advantage of having a homemade server is that it becomes much harder to hack.’ Do you agree? Give reasons.| Mystify
In the second part, I will cover the remaining cryptography challenges, including Almost DSA, mAEStro and Mask-mask-RSA. Almost DSA Challenge Summary According to an external auditor, my code implementing the data signature algorithm (DSA) has a one-byte security fix on a critical issue. Well, I am not bothered. Convince me by giving me the flag! Attachment: almost-dsa_148b8b2cd8c78df02bbdc24bd7fa3f56.zip We are given $(p, q, g)$, the public parameters of the data signature algorithm (DSA).| Mystify
Black Bauhinia co-organizes the HKCERT CTF for the fifth year. I wrote 18 challenges (in 11 series) this year and here is a series of blog posts covering all of them. I will cover two cryptography series in the first part: RSA LCG and Pigeon Post.| Mystify
I played NuttyShell CTF 2025 organized by the Hong Kong Polytechnic University, and came across siunam’s web challenges. In particular, memo-ry is a hard challenge that required players to chain multiple vulnerabilities to retrieve the flag. I found it really fun and decided to compile a writeup for this. Challenge Summary Memo-ry is a 90% finished web application that allows users to read, create, and edit different memos. For security reasons, this web application has 3 roles, which are ...| Mystify
Time flies. A week passed in the blink of an eye, and another month has passed with another blink... and here comes the end of 2024.| Mystify
This time I went to @DeFiHackLabs and attempt my very first Web3-focused CTF. I am fortunately able to solve some challenges. Nothing particular difficult, but that’s still something. 🚧 Syntax highlight to be fixed. I never imagine that I will work on Web3 challenges, thus I did not have syntax highlight for Solidity. I will have this addressed. 8Inch Challenge Summary After finding out CowSwap raising millions, Tony reluctantly coded an intent-based DeFi project, wrestling with his idea...| Posts on Mystify
The crypto challenge authors in HITCON 2024, @maple3142 and @_bronson113 prepared a set of exciting and difficult challenges. I collaborated with @thehackerscrew1 as a guest player this time. In this blog post, we will cover three challenges: ZKPoF, PCBC Revenge and Hyper512.| Mystify
This is Mystiz, a made in Hong Kong 🇭🇰 software engineer. Currently stationed at Taiwan 🇹🇼 working for Google. X: @mystiz613 Github: @samueltangz Website: mystiz.hk Capture-the-Flag I am better-known as a Capture the Flag player and I hack with Black Bauhinia as a former captain and Shellphish. I like to struggle at crypto and reverse challenges, and sometimes pulling my hair on ad hoc problems. You may expect me doing writeups on the challenges I liked.| Mystify
Here are a bunch of blogs those I learnt and I liked. Capture-the-Flag Black Bauhinia: https://b6a.black/ This is the Capture-the-Flag team I founded with some Hongkongers on 2019. Contains a number of writeups on various CTF games. Cocousin = Usin: https://klwu.co/ Cousin is a crypto guy in Black Bauhinia who is researching for his master of philosophy, and who can do math much better than I do.| Mystify
IDEA is a challenge written by @0xdeuterium. He even provided me the paper to refer, my only contribution to the challenge is to optimize the original solution so that we don’t need 65K-ish oracle calls. Challenge Summary We have a new idea about a cipher which we think may provide pretty good privacy. So bruce for impact as we may patent our new proposed encryption standard. nc idea.2024.ctfcompetition.com 1337| Posts on Mystify
ZKPOK is a challenge I made while learning Zero Knowledge Proofs on zk-learning.org. I was watching the first lecture video, I came across with the interactive proof for quadratic residues at 20:00. This made me ponder - it should be easy to apply Fiat-Shamir transform to make this non-interactive. Let’s also use MD5 so that it could be vulnerable. Hours later, this challenge appeared without a proper solve script. Surprisingly, the challenge ended up having three solves, which makes this t...| Posts on Mystify
This is yet another edition of Google CTF, where I wrote some crypto challenges with my colleagues. I contributed on three challenges this time, namely, Blinders, ZKPOK and IDEA. There are respectively 56, 3 and 4 solves (out of 267 teams scoring non-zero flags) during the contest period. Blinders is one of the challenges I coauthored, which introduces a protocol for private set membership.| Mystify
I came across with @intigriti’s XSS challenge this month. This time we are given a love letter storage system which allow us to show our love to our hacking buddies. Challenge Summary Solution Part I: Cross-site scripting on GET /readTestLetter/:uuid From the source code, we can see that GET /readTestLetter/:uuid is the only endpoint that returns the user input with the content type text/html. Let’s see how is our data handled:| Posts on Mystify
TetCTF comes back with their great crypto challenges. I played with @blackb6a and we ended up securing the 🥉 third place. In this blog post, I will walk through adapt, a challenge which required us to make fake proofs in an IAVL tree implementation. There are only three solves during the contest period.| Mystify
We will finally cover the non-crypto challenges that I wrote for HKCERT CTF 2023. This includes one misc (Hackforces), two pwn (ISA Jump Scare & ISA Jogger) and two reverse (The Flag Game & Loot and Scoot) challenges. Hackforces Challenge Summary Do you know Codeforces? Well, what you need is to find a corner case to make the given submission not work. Attachment: hackforces.zip We are given an introductory competitive programming problem (equivalent to Unique Paths II in LeetCode) with its s...| Posts on Mystify
In the second part of the series, I will cover four cryptography challenges: baDES, Maybe Someday, Cipher Bridging Service and RSA Triooo. Interestingly, most of them are somehow “plagiarized” from the other CTFs. baDES Challenge Summary DES, published as an official Federal Information Processing Standard in 1977, is considered bad in 2023. We will slightly change the cipher and attack that together! Note: There is a guide for this challenge here.| Posts on Mystify
This is yet another moment that Black Bauhinia co-organizes HKCERT CTF. This year, I am slightly more productive than the previous years and wrote 13 challenges for the CTF. There are three blog posts in this series, where I will respectively cover the author’s solutions to the easier crypto challenges, the harder crypto challenges and the remaining challenges.| Mystify
This is yet another annual Firebird CTF and I only wrote one cryptography challenge this time, Goldilocks. There were one solve (out of 53 participating teams) during the contest period.| Mystify
There are a lot of ups and downs for in 2023. There were some joyful gatherings and reunions, but at the same time, things did go very wrong. Despite my reluctance travelling back to Hong Kong, I was motivated enough and went back twice in January and June. Owing to various reasons, it is much harder for me to see the people I care if I couldn’t meet them in time.| Mystify
The crypto challenges in DownUnderCTF are very intriguing. Unfortunately I have very limited time during the contest and could only solve apbq rsa ii (26 solves), hhhhh (14 solves) and handshake (4 solves). I will be covering the latter two challenges in this writeup. hhhhh Challenge Summary The code given in this challenge is pretty short: #!/usr/bin/env python3 from os import getenv as hhhhhhh from hashlib import md5 as hhhhh def hhhhhh(hhh): h = hhhhh() hh = bytes([0] * 16) for hhhh in hhh...| Mystify
After four years of team formation, we organized our first edition of Bauhinia CTF last weekend. There are over 650 teams registered and over 200 teams scored. This year, I made one crypto challenge, How to Stop Time. I also coauthored a web/crypto challenge, Amnesia, with @chthollic_. This post is served as a short writeup of How to Stop Time, a crypto challenge with six solves during the contest period.| Mystify
Asian Cyber Security Challenge (ACSC) is an annual CTF where players are competing individually, and the best young Asians will be selected form a team to represent Asia to compete with others. I ended up winning the competition among 450+ players. Unfortunately, I am unable to qualify because of the age and nationality conditions. In this blog post, I will cover two web challenges, @t0nk42’s easySSTI (43 solves) and @tyage’s Gotion (9 solves).| Mystify
idekCTF 2022* definitely has a fun and inspiring set of cryptography challenges. I played with @blackb6a and we solved 8 of the 10 crypto challenges. In this blog post, I’ll include my solution on three of them: Primonumerophobia (10 solves), Chronophobia (5 solves) and Decidophobia (3 solves). Primonumerophobia Challenge Summary Let $T = \{0, 4, 6, 10, 16, 18, 24, 28, 30, 34, 36, 40, 42, 44, 45\}$. An initial state $(t_0, t_1, …, t_{46})$ with $t_0, t_1, …, t_{46} \in \{0, 1\}$ is gene...| Mystify
I prepared three challenges on behalf of @blackb6a for MOCSCTF, which is a 8-hour long CTF happened yesterday. This blogpost serves as the write-up for the three challenges that I wrote. There are two solves (out of 40 participants) for Three-pass, and zero solves for jav-asr-ipt and Catch-22 Mini. Three-pass Challenge Summary Shamir is a famous cryptographer. He invented the three-pass protocol, so I don’t see it is unsafe.| Mystify
Like in 2021 and 2022, I contributed some challenges for Firebird’s internal CTF, which are from the Hong Kong University of Science and Technology. This time I wrote three crypto challenges: Randomsum, Shelter and Threerider. There were 24 teams participating. There were three solves for Randomsum, while Shelter and Threerider were unsolved during the CTF. 🎉 Thank you! Kudos to @LifeIsHard for reading the write-up and giving me comments (including those erratas) so that I could improve ...| Mystify
💭 Is this technical? No. If you are looking for CTF writeups, this is not what you are interested. Instead, this is just me talking on my 2022. 2022 is a life-changer for me. There were some tough decisions and a few surprises. Leaving Hong Kong The #1 difference for me is I moved from Hong Kong 🇭🇰 to Taiwan 🇹🇼. The most obvious reason is to commence my new career at Google, which I think was an opportunity as well.| Mystify
In the last part, I will include the two non-crypto challenges I wrote for HKCERT CTF 2022: Numbers go brrr and Minecraft geoguessr. 觀塘海濱音樂噴泉 / Numbers go brrr (Reverse) Challenge Summary This program is generating 100 sets of random numbers and they are asking me to send something back, in exchange for a flag. Can you figure out how to get them through? There is a nc service, and we will be given some numbers upon connecting.| Mystify
✨ Regarding the thumbnail. This is my Discord avatar combined with Komi from the anime Komi can’t communicate, where the challenge Mystiz can’t code is referred to. Made by @byronwai. We will continue walking through the remaining crypto challenges I wrote for HKCERT CTF 2022: Mystiz can't code, Slow keystream and King of Rock, Paper, Scissors. 亞洲協會香港中心 / Mystiz can't code (Crypto) Challenge Summary Mystiz can't code! He wanted to implement Advanced Encryption Standard (...| Mystify
This is the third year Black Bauhinia co-organized HKCERT CTF. This time I wrote nine challenges: Seven crypto, one reverse and one misc. Similar to the last year, I have a series of three blog posts walking through the challenges that I wrote. We will discuss the four easier crypto challenges: Flawed ElGamal, Catch-22, Rogue Secret Assistant and Base64 encryption. This is an index of the challenges I wrote for HKCERT CTF 2022.| Mystify
HACKING GOOGLE is a documentary of Google’s cybersecurity teams and H4CK1NG G00GL3 is it’s CTF counterpart. Project Zero Adventure is a cryptography challenge I wrote. In the game, the players control the Security Princess to dodge the obstacles and catch the bugs (a variant of Google Chrome’s dinosaur game). After that, the server will sign messages consisting of the players' name and the score via the /sign API. The players will then submit it to the /highscore API.| Mystify
Credits. Thumbnail credit goes to Quasar! 🎉 vss is an interesting crypto challenge in BalsnCTF, which ended up having 9 solves. I took around 2.5 hours to solve the challenge. This challenge reminds me the yet another PRNG challenge from pbctf 2021 (challenge description, writeup written by @maple3142 and @rkm0959), but with a setting which looked harder. I was pretty surprised that LLL worked, too. lfsr is another crypto challenge in BalsnCTF with 6 solvers.| Mystify
This is the third year I had a writeup on Google CTF (see my writeup in 2020 and 2021). Yet this time it is the official writeup for a challenge - as the challenge author! There are eventually 35 solvers (out of 382 teams) for the challenge. Challenge Summary We are given a public key of Paillier cryptosystem $(n, g)$, and is asked to complete 16 rounds of challenge $\mathcal{C}$. In each round of $\mathcal{C}$:| Mystify
Signature is a crypto challenge from TSJ CTF 2022, which ended up having two solves. From this challenge, we can see how ECDSA private keys can be recovered by having a (weak) deterministic ephemeral key, $k$. Challenge Summary Suppose that $d$ is the private key for ECDSA (over curve secp256k1). We are given six signatures signed with the above private key. However, $k$ is computed by $k = d \oplus z$ ($z$ is the hash of the message) rather than generated randomly.| Mystify
Credits. I stole the banner image from TSJ CTF. Thanks! @blackb6a played TSJ CTF and CODEGATE CTF this weekend. Both of the CTFs had a bunch of epic (and hard-ish) crypto challenges, which made our head scratched for days. We were two points behind @balsnctf few minutes before the game ends and I found one more flag. It is proud to tell that we won TSJ CTF 🎉! Anyway, I will compile writeups for (at least) three challenges for TSJ CTF, namely Cipher Switching Service, Signature and Genie.| Mystify
@blackb6a helped preparing some challenges for MOCSCTF, a 8.5-hour long CTF in Macau. This time I wrote nine challenges and @hoifanrd made one of them (3-AES). This blog post covers the intended solution for all of them. These are the summary of the challenges: Challenge Name Category Solves RSA Trio Crypto 2/43 Slightly Informative Crypto 2/43 NP-SHA256 Crypto 1/43 HMAC-SHA256 Crypto 2/43 RC4 Crypto 0/43 HashTable Misc 3/43 Wordle Crypto, Misc 0/43 3-AES Crypto, Misc 0/43 Elementary Reverse ...| Mystify
This is another round of @intigriti's XSS challenge, and this time it is written by @aszx87410. I spent around four hours solving it. Challenge Summary We are given a form that allows us a create a character. We are allowed to choose a name (shorter than 24 characters), and inform if we have played the game. We will be redirected to /challenge/xss.html?q=mystiz&first=yes (if you are mystiz who is not a first-timer to the game).| Mystify
DiceCTF is an annual CTF competition prepared by @dicegangctf. The challenges are great and we had a lot of fun solving them. I might be compiling writeup for a number of them, which depends if I had time. Deja vu? I said similar things last year. Until now, part 2 of my writeup series on DiceCTF 2021 does not exist. I will first cover on a crypto challenge called commitment-issues, which had 16 solves (out of 1127 participating teams).| Mystify
This is the time that Firebird Internal CTF happens. I made three crypto challenges this year - Lack of Entropy (⭐), Authenticator (⭐⭐) and Collider (⭐⭐). I will discuss the solution for all of them in the blog post. What are the stars? They are the difficulties I estimated when comparing to global CTFs (where I documented them here since Q3 last year). Lack of Entropy (Crypto) Three (out of six) teams solved this during the CTF.| Mystify
@intigriti has a XSS challenge every month. The challenge is not hard this time and I am able to solve it in an hour or two. The best thing I learned is to recover source code using the source map file. Challenge Summary We are given a super secure HTML viewer - we can craft a HTML document and parse it. For example, we can send the below content and press the "Parse" button:| Mystify
@blackb6a played Dragon CTF 2021 last weekend and I spent most of the time solving the CRC duo. They are very fun but unfortunately that we were close enough while unable to get the second flag. Warmup edition only. If you are interested to learn the harder edition that involves a 128-bit CRC, you may want to look at hellman’s writeup. I would only cover a solution of the easier edition with some unsuccessful attempts of the harder one.| Mystify
@blackb6a played Balsn CTF 2021 last weekend. There are three crypto challenges, and they are all pretty hard. In this blog post we will cover the dlog challenge, which is a timing attack on the CPython's pow method. @grhkm2023 and I spent a lot of time working on this challenge. Although we did not solve it, we actually learned a lot from the challenge and lost a pile of hair (maybe it is just me).| Mystify
We will cover the remaining challenges I wrote in this part: Flag Checker™, The Wilderness and Potion of Ciphermath. 幫緊你!幫緊你! / Flag Checker™ (Pwn) Challenge Summary 幫緊你 幫緊你 當無力 堅持集氣幫你 等風向轉天氣 請相信你不死 組隊會撐得起 You will be Ok You will be Ok We are here to help validating your flag! Come use our Flag Checker™! nc HOST PORT When connected to the server, we are asked the name. We are also given 256 attempts to gue...| Mystify
As the third part of the series, three reversing challenges will be included: The Hardest Path, A Junior Mathematician and Let's Chill. 最難行的路 / The Hardest Path (Reverse) Challenge Summary 寧願不揀最易的路 行極還未到 寧願你最後未傾慕 但信念安好 在意的 不再是 愛的煩惱 是哪樣做人 更清高 餘生那段旅途 與哪類人共舞 When you think reverse engineering is hard, try working on reverse engineering challenges those need your algorithmic t...| Mystify
In this part, three harder crypto challenges will be covered: Tenet: The Plagarism, Sratslla SEA and Sign in Please, Again. FreeRider / Tenet: The Plagarism (Crypto) Challenge Summary 平日我又講 對住你講 email要check deadline要追 前日我提咗 你嗰part嘅功課 點解變咗我最立糯 The deadline for writing challenges is coming! Mystiz, who claimed himself not well-known reusing challenges, decided to free-ride and plagarize challenges from HKCERT CTF 2020. Maybe you can re...| Mystify
Black Bauhinia coorganized HKCERT CTF 2021 and helped 95% of the technical stuffs, including challenge setting, platform development, infrastructure and etc. I will be writing a series of blog posts talking about the contest, and the first four would be the writeups of the challenges those I wrote. In the first blog post, we will be going through four easier crypto challenges: A Joke Cipher, Cipher Mode Picker, Key Backup Service 1 and Key Backup Service 2.| Mystify
No, we did not win. I see that coming and took a screenshot during the game. BSides Ahmedabad CTF 2021 is organized by @zer0pts. That implies that players could spend a day happily working on the challenges. I enjoyed working on the challenges a lot. I'll go through the harder crypto challenges and the reversing challenge called Collapsed License in this blog post. SSSS.RNG Challenge Summary Let $p$ be a 512-bit prime and $a, b, g_0 \in [2, p)$.| Mystify
LagLeg is a crypto challenge in ASIS CTF Quals 2021. We are asked to factor a given $n$ with $n = (r^5 + s)(r + s)$ as part of the challenge. Hereby $r$ and $s$ are respectively 256 and 64 bits long. I think my approach used is very unique and creative - and definitely worth mentioning. It does not mean that it is a good approach, however. I will record the exact steps I solved the challenge.| Mystify
What’s the thumbnail? I sent it to rbtree after I sent him my solution on Yet Another PRNG and he responded “oh this works?”. I am playing as a part of @blackb6a this time for perfect blue's annual pbctf. This time there are six crypto challenges and I first blooded 🩸 half of them. I solved five of them, and collaborated with TWY (who made 99% of the process) for Seed Me.| Mystify
Credit. I stole the banner image from the background image of UIUCTF. I like the picture and their unique themes for these two CTFs… This is another time @blackb6a unites and plays UIUCTF together. It was my fourth time playing UIUCTF, and I still found the challenges fun. Although the crypto challenges are relatively easy, I had a lot of fun solving phpfuck with @02E774. Challenge Summary // Flag is inside .| Mystify
This is me playing another Google CTF with @blackb6a, ending up on the 25th place. I aced the crypto challenges and solved some challenges with my teammates. I have a strong feeling that Black Bauhinia grown a lot between the two Google CTFs and I am often backed by my teammates this time. Anyway, I will be covering all of the crypto challenges in this blog post. H1 Challenge Summary Crypto is not real hacking, they say.| Mystify
The problems today are Largest Magic Square1, Spiral Matrix II2, Find Kth Bit in Nth Binary String3, Reachable Nodes In Subdivided Graph4 and Subarrays with K Different Integers5. I am motivated today and decided to solve two more problems: Maximum Side Length of a Square with Sum Less than or Equal to Threshold6 and Jump Game V7. The solution scripts are available: A, B, C, D, E, F and G.| Mystify
The problems today are Construct the Lexicographically Largest Valid Sequence1, Make Sum Divisible by P2, Find the Winner of an Array Game3, Valid Permutations for DI Sequence4 and Closest Subsequence Sum5. The solution scripts are pushed on my Github repository: A, B, C, D and E. gantt dateFormat YYYY-MM-DD HH:mm axisFormat %H:%M section Problem A A :2021-06-17 22:33, 14m section Problem B B :2021-06-17 22:47, 10m B :2021-06-17 23:28, 32m section Problem C C :2021-06-17 22:57, 10m section Pr...| Mystify
Recently I am motivated to solve some algorithmic problems. I will be picking five challenges from LeetCode everyday, including three medium and two hard challenges. I expect that I will be spending two hours per day on solving those challenges. There are some objectives that I want to achieve: To think algorithmically again To not rely on the test cases for debugging, nor the hints To write more self-explanatory code To learn (or re-learn) more algorithms To prove my approach is valid if it ...| Mystify
This is the summary for me on the second day I played DEF CON CTF. The commentary for day 1 is available here. In this blog post, only the solutions for qoo-or-ooo, back-to-qoo and pooow-buddy are written. Since there are a lot of new stuff, I may not be able to explain them well. Please bear with me... Challenge: qoo-or-ooo & back-to-qoo qoo-or-ooo (58 solves, 120 points) This is another QOO's challenge.| Mystify
I played DEF CON CTF Quals once again with @Shellphish and we ended up at the 10th place. This blog post describes what actually was going on from my side. If you are looking for an informative blog post, this is not a good-read for you. There would be a little useful information, since I am just hanging around most of the time. I will even shamelessly copy some memes online to make the blog post looked rich in content.| Mystify
PlaidCTF this year had very insane challenges. Although I have spent a lot of time working on those crypto challenges, I was only able to solve leaky block cipher. Challenge Summary This completely legitimate™ block cipher looks a bit like GCM, but my computer plumber keeps complaining about water residue. Can you help me spot the leak? The challenge has a hand-crafted AEAD scheme. We are required to go through 20 rounds of challenges, and this is how each round proceeds:| Mystify
I played ångstromCTF 2021 for @blackb6a to spend my Easter holiday. I solved most of the reverse and cryptography challenges alone. In particular, Cache Money is one of the harder crypto challenges that I spent more than one day dealing with. It is very rewarding, and eventually four teams ended up solving it. Challenge Summary This challenge reimplements the Advanced Encryption Standard (AES) on 128, 192 and 256-bit keys. The encryptor is equipped with caches and we are given a service to e...| Mystify
Preface Warning. This is actually an article that I begin writing on March 2019, and it never got published… It is the [insert an arbitrary number] time I have determined to learn binary exploitation since April 2017. However I have always lost intention as the problems are much more challenging than I am capable of. I could hardly remember anything on the next time when I have determined to study again.| Mystify
On August 2020, @blackb6a was invited to co-organize HKCERT CTF 2020 (which is held on November 2020) as one of the challenge authors. This is a CTF for secondary and tertiary students in Hong Kong. Although I had experience preparing CTFs earlier, this is actually the first CTF officially prepared by Black Bauhinia. I have written four challenges for this CTF - Sanity Check II (Web), LF2 (Reverse), Sign In Please (Crypto) and Calm Down (Crypto).| Mystify
This time I am playing alone for @blackb6a and had all the crypto challenges solved (and nothing else). I found the crypto challenges in many of the CTFs this year are worth-trying, and these are no exceptions. I ended up at the 9th place. By the way, @SuperGuesser is the first to solve for all of the crypto challenges. Can we nerf @RBTree_ and @rkm0959? Additionally, phoenix had seven solves and while horcrux and boggart had two.| Mystify
Challenge Summary A committee was formed last year to decide the highly-sensitive contents of the flag for this challenge. Our informant managed to leak some data, but he was arrested within weeks of the committee's operation. All we have are the logs of the committee's meetings. Note: file fixed, please redownload Author: Aurel300 We are given log.txt that contains the full commit history of the flag-containing repository. ... commit dca4ca5150b82e541e2f5c42d00493ba8d4aa84a Author: Christoph...| Mystify
I was playing Union CTF with @blackb6a last week. Since this CTF is prepared by cr0wn where Jack and hyperreality were in (they made CryptoHack), I am convinced that the CTF will be fun. Turns out I wasn't disappointed at all. I will be writing three or four posts on the challenges, and the first of the series covers on exah, the reversing challenge I spent most of my time (yet not solving it).| Mystify
On 13 February, 2021, kurenaif (@fwarashi) has released five challenges celebrating the 1000-subscription in the YouTube channel1. Being locked at home in Lunar New Year, I have nothing else to do. Therefore I decided to attempt those challenges, which is available on GitHub. Note. The writeup is actually compiled on the same day. It is published on 21 Feburary to not spoil the challenges. p_p_rsa Challenge Summary In the challenge, we are given a RSA public key and an ciphertext $c$ (of mess...| Mystify
DiceCTF 2021 had an assortment of challenges and most of them are tough. Although the five crypto challenges which looked unoriginal, I was only able to solve garbled during the contest and I liked the challenges very much. After the CTF, I have found writeups from various sources and learnt a lot. In this writeup, only plagiarism and benaloh will be covered. However, I haven't look at the remaining questions yet, and they are definitely on my to-do list.| Mystify
I was playing justCTF 2020 with the new CTFers in Yakitori (Firebird). Oracles is a fun cryptography challenge that I solved during the game, and I thought this is worth compiling the write-up. Challenge Summary We are given a chance to ask the agencies for oracles. The challenge author have prepared some questions for us: Is Goldbach's conjecture true? What is the answer to everything? On top of them, the challenge author tried to tell the agency the flag.| Mystify
There are a lot of moments which I telepathed and synced with the challenge author. If it doesn’t make sense to you, just bear with it. This is a beginning of a new series of blog posts that I review CTF challenges those are not publicly accessible. Generally I will spend some time to solve the challenge while discussing with the author, and give some feedback of the challenge.| Mystify
I have written four question for Firebird Internal CTF - Oofbleck (Crypto), Obvious Transfer (Crypto), RC4 (Misc) and Prooof-ooof-Wooork (Reverse, Misc). I will be including all of them in this blog post. Oofbleck (Crypto) One (out of six) team have solved this during the CTF period. Challenge Summary Some of the block cipher modes of operation are pretty vulnerable, which includes but not limited to padding oracle in CBC, key-recovery attacks with repeated nonces in GCM and Zerologon in CFB8.| Mystify
TetCTF is the first CTF I have played in 2021. I recalled from last year that they have cool challenges. This year, there are three crypto challenges. In particular, unevaluated is the hardest among them. Although I did not solve them, I dug into rabbit holes and had a lot of struggle, uh, fun. Challenge Summary There is a 128-bit prime $p$. Define $\cdot: \mathbb{Z}_{p^2}^2\times\mathbb{Z}_{p^2}^2\rightarrow\mathbb{Z}_{p^2}^2$ by \[(x_1, y_1)\cdot(x_2, y_2) := \left(\left(x_1x_2-y_1y_2\right...| Mystify
I was teamed up to play hxp CTF as @blackb6a last week. The hxp team had come up with a collection of hard challenges. In particular, there are two series of crypto challenges with a total of five parts. I will be writing on the hyper challenge and some follow-up and unanswered questions regarding to hyperelliptic curves. ⓘ 𝗢𝗳𝗳𝗶𝗰𝗶𝗮𝗹 𝘀𝗼𝘂𝗿𝗰𝗲𝘀 𝘀𝘁𝗮𝘁𝗲𝗱 𝘁𝗵𝗮𝘁 𝘁𝗵𝗶𝘀 𝗶𝘀 𝗺𝗶𝘀𝗹𝗲𝗮𝗱𝗶𝗻...| Mystify
Dragon CTF 2020 is definitely had my best CTF moments. There are big brain moments and I have been mind-blown for multiple times during the game. This time we have teamed up with @blackb6a. I have solved all the crypto challenges and two challenges with my teammates. There are three challenges writeup in this post: Bit Flip (parts 2 and 3) Frying in motion Bit Flip (Crypto, 155+324+343 points) Challenge Summary At the beginning, a 128-bit alice_secret (denoted as $a$) is generated.| Mystify
Rotten Secured Algorithm is the only challenge that I have written for Firebird Intro CTF. Two people (out of 166) ended up solving the challenge. There is a Python script attached in the challenge, as well as the output file. Let's see what's going on in the Python: # Challenge written on Aug 26, 2020 by Mystiz. from Crypto.PublicKey import RSA import random import time from datetime import datetime from secret import flag t = int(time.| Mystify
This week, we have teamed up as @blackb6a to play CONFidence 2020 CTF. We end up ranked 15, but we are more proud of ourselves able to solve a reversing challenge called Team Trees (395 points, 5 solves). In particular, we are the first-to-solve to the challenge. It took us around two hours to win the flag. This writeup is written by @harrier_lcc and @mystiz613. Challenge Summary We wanted to plant a lot of trees, but it's going kinda slow.| Mystify
I was teamed-up with @blackb6a on Google CTF this time. I have solved 7 challenges alone and 3 challenges with my teammates. In particular, Oracle is a crypto challenge with 13 solves. It has got me spending 12 hours. All in all, it was a great experience in terms of learning, but my liver hurts. This piece of writeup may be very computation intensive, just because I would like to make everything clear.| Mystify
Challenge Summary Tom Nook is testing a new encryption scheme for nookphones, but it seems to be a bit faulty... can you break it? nookcrypt is a netcat service that have no source code released. There are two functions exposed: Gets an encrypted copy of the flag (and the message hello world). Encrypts an arbitrary message. For example, this is what I had when trying out the options:| Mystify
I was teamed up with @shellphish this time for De1CTF. During the game, I have solved 5 (out of 7) cryptography challenges individually, and a reverse challenge and a misc challenge in cooperation with DuSu and fs0c. I said that I'll commit the solution scripts to my Github after I have managed to prettify them. It never happened. I will not make the same promise again. Homomorphic Challenge Summary This is a cryptography challenge with 465 points.| Mystify
This challenge is solved with R3x and @mahal0z as a part of @shellphish. Thanks @piazzt and @perribus for reviewing and giving me suggestions on this write-up. Challenge Summary A Plaid Puzzle is a RPG game written in PuzzleScript. In the game, you are able to control as the player and you could move around and mess with a string. The game is available online on PuzzleScript.net. Below is a screenshot of the game:| Mystify
It has been a very long time that I've compiled a writeup. This time I have played on my own as @blackb6a. Let me write on some particular interesting ideas that I have learnt in the challenges. Bear with me if you find this writeup too math-intensive. The solution scripts will be committed to my Github repository sooner or later, after I've managed to prettify them. Babylfsr (Crypto, 338 points) This is an easy challenge.| Mystify
CTF Challenge Name Solves (Difficulty) TetCTF 2022 shares 🔥 29/602 (⭐⭐⭐) TetCTF 2022 shares_v2 🔥 15/602 (⭐⭐⭐) TetCTF 2022 fault 🔥 14/602 (⭐⭐⭐) TetCTF 2022 algebra 🔥 14/602 (⭐⭐⭐) DiceCTF 2022 baby-rsa 162/1127 (⭐) DiceCTF 2022 rejected 44/1127 (⭐⭐) DiceCTF 2022 correlated 17/1127 (⭐⭐) DiceCTF 2022 commitment-issues 🔥 16/1127 (⭐⭐⭐) DiceCTF 2022 pow-pow 🔥 13/1127 (⭐⭐⭐) DiceCTF 2022 learning without errors 6/1127 (❓) DiceCTF 2022 s...| Mystify
CTF Challenge Name Solves (Difficulty) Midnight Sun Quals 2022 Pelle’s Rotor-Supported Arithmetic 🔥 35/346 (⭐⭐) Midnight Sun Quals 2022 BabyZK 🔥 19/346 (⭐⭐) Midnight Sun Quals 2022 kompot_512 🔥 15/346 (⭐⭐⭐) Midnight Sun Quals 2022 WeedSolomon 420 3/346 (❓) PlaidCTF 2022 pressure 18/431 (⭐⭐) PlaidCTF 2022 choreography 14/431 (⭐⭐) ångstromCTF 2022 log log log 104/1319 (⭐) ångstromCTF 2022 Strike-Slip Fault 50/1319 (⭐⭐) ångstromCTF 2022 Prophet 45/1319...| Mystify
CTF Challenge Name Solves (Difficulty) Pwn2Win CTF 2021 Oh, Anna Julia 49/720 (⭐) Pwn2Win CTF 2021 t00 rare 🔥 13/720 (⭐⭐) Pwn2Win CTF 2021 cladorhizidae 12/720 (⭐⭐) Pwn2Win CTF 2021 A2S 🔥 10/720 (⭐⭐⭐⭐) Pwn2Win CTF 2021 Kangurei 3/720 (⭐⭐⭐) Zh3r0 CTF 2021 alice_bob_dave 91/509 (⭐) Zh3r0 CTF 2021 chaos 50/509 (⭐⭐) Zh3r0 CTF 2021 Twist and Shout 29/509 (⭐) Zh3r0 CTF 2021 Real Mersenne 15/509 (⭐⭐) Zh3r0 CTF 2021 import numpy as MT 13/509 (⭐⭐) 0CTF 202...| Mystify
CTF Challenge Name Solves (Difficulty) Google CTF 2022 Cycling 🔥 50/382 (⭐⭐) Google CTF 2022 Electric Mayhem CLS 70/382 (⭐⭐) Google CTF 2022 Maybe Someday 35/382 (⭐⭐⭐) Google CTF 2022 Enigma 9/382 (⭐⭐⭐) Google CTF 2022 Custom Protocol 🔥 5/382 (⭐⭐⭐) Google CTF 2022 Electric Mayhem PQC 🔥 3/382 (⭐⭐⭐⭐) Crypto CTF 2022 Aniely 76/421 (⭐) Crypto CTF 2022 Watery soup 🔥 15/421 (⭐⭐⭐) Crypto CTF 2022 Oak land 35/421 (⭐⭐) Crypto CTF 2022 polyRSA 1...| Mystify
CTF Challenge Name Solves (Difficulty) TSG CTF 2021 Beginner's Crypto 2021 126/775 (⭐) TSG CTF 2021 Minimalist's Private 49/775 (⭐⭐) TSG CTF 2021 Baba is Flag 34/775 (⭐⭐) TSG CTF 2021 Flag is Win 10/775 (⭐⭐⭐) TSG CTF 2021 This is DSA 9/775 (⭐⭐) TastelessCTF 2021 crybaby 🔥 14/162 (⭐⭐⭐) pbctf 2021 Alkaloid Stream 132/210 (⭐⭐) pbctf 2021 Steroid Stream 38/210 (⭐⭐) pbctf 2021 GoodHash 🔥 30/210 (⭐⭐⭐) pbctf 2021 Seed Me 🔥 24/210 (⭐⭐⭐) pbctf 202...| Mystify
MHK2 is one of the challenges I coauthored for Google CTF 2023 and there were 18 teams solving this challenge during the contest time.| Mystify