/My-Public-CTF-Challenges

Repo for colecting all my public CTF challenges

Primary LanguagePython

My Public CTF Challenges

This repo is for collecting all my non-trivial public CTF challenges, since I find they scatter at different positions now. And the format is partially inspired by Law.

Remove the Flag Source column since I have no time for reading now.

Name Event Category Difficulty Comment
ctar 0CTF/TCTF 2023 Misc Medium Trigger exception with your tar file in python tarfile module
how2compile 0CTF/TCTF 2023 Reverse Medium Reversing Rust compilation intermidate process
backend 0CTF/TCTF 2022 Reverse Medium Reversing custom LLVM backend and produce one \x00 in .text section
babysnitch 0CTF/TCTF 2022 Pwn Medium Bypass the application firewall and send out the flag with RCE given
how2gen 0CTF/TCTF 2022 Finals Misc Easy A tutorial of writing generators with certain grammar, which (hopefullly) can be useful in language fuzzing
bali 0CTF/TCTF 2021 Finals Reverse Medium Hard Recovering java code with PrintIdeal IR logs
cloudpass 0CTF/TCTF 2021 Quals Crypto Medium Hard The pykeepass module will not update seed/IV with save, which can be used to leak content when comparing file changes
how2mutate 0CTF/TCTF 2021 Quals Pwn Medium Hard Misuse of util_Realloc in Honggfuzz can lead to double free. Discovered this issue when writing honggfuzz plugins
Electronic 0CTF/TCTF 2020 Finals KoH / Implementing S-box with boolean relations and try to minimize the circuit size
Oblivious 0CTF/TCTF 2020 Finals Crypto Medium Oblivious transfer implementation. The original idea is the MSB of randint(0,n) can be biased for most n in RSA, and can be used as a probabilistic version of RSA parity oracle. Sadly I choose to use Python random module which can be predictable...
sham 0CTF/TCTF 2020 Quals Crypto Hard Forge some kind of NN-based hash. Since there is only 3 layers in the network, it's possible to recover the required delta with methods similar to backpropagation (although direction is forward here). Notice the output is truncated to integers and you should deal with precision issues, but around 128 sigs are more than enough to filter them out
emmm 0CTF/TCTF 2020 Quals Crypto Medium Even-Mansour variant. The intended solution is meet-in-the-middle, while lattice reduction also works (since I attempt to reduce MITM time by limiting the range of ciphertext :(
babyring 0CTF/TCTF 2020 Quals Crypto Easy Ring signature with linear encryption and can be solved as linear equations
zer0ssh 0CTF/TCTF 2019 Finals Crypto Hard The combination of one-time signature and docker image. Forge signatures for xmss by collecting enough samples. The solution is not hard to understand but you should deal with all these details in ssh authentication process
babydb 0CTF/TCTF 2019 Finals Web Medium Easy Key-value database web service written with ocaml-cohttp. Misuse of state monad
babymath 0CTF/TCTF 2019 Finals Reverse Medium Easy Discrete logrithm for matrix and baby-step giant-step
notfeal *ctf 2019 Crypto Medium Differential cryptanalysis of modified FEAL. This challenge is not interesting enough but rather a good practice to get into cryptanalysis details
babyprng *ctf 2019 Crypto Easy Basic von Neumann extractor (notice that babyprng2 credits to zzj, not me)
zer0des 0CTF/TCTF 2019 Quals Crypto Hard Breaking 8-round DES with differential-linear cryptanalysis. You are supposed to find more differential paths yourself. Due to heavy traffic required in test, I did not use 9-round, which makes it easier to solve
zer0mi 0CTF/TCTF 2019 Quals Crypto Hard Breaking Matsomoto-Imai cryptosystem by algebraic attack and solving linear equations
babysponge 0CTF/TCTF 2019 Quals Crypto Medium Easy Finding hash collisions by meet-in-the-middle attack for the sha-3 sponge construction with a extremely small capacity
If on a winters night a traveler 0CTF/TCTF 2019 Quals Pwn Medium Pwning integer overflow in a customized encryption method for vim. I take the self-reference idea from Calvino
Proof of Work 0CTF/TCTF 2018 Finals Crypto Hard Implementing collision for MD5-like hash function with given prefix. As far as I know no one designed CTF challenges about MD5 collision internals before
ibe 0CTF/TCTF 2018 Finals Crypto Medium Using identity-based encryption (Cocks IBE scheme) but the key point is utilizing discriminator in quadratic residue. The task is not very natural but in general the idea is not bad
primitive *ctf 2018 Crypto Medium Hard Building any given permutations with add, rotate, xor only. Since the number of operation is limited you should also optimize your construction
ssss/ssss2 *ctf 2018 Crypto Medium Xor key reuse issue for AES_CTR. And the scripts imitate the process of WPA2 which have state inconsistency issue and are vulnerable to KRACK-style attack. In fact I think this challenge is not concise enough
yafu *ctf 2018 Misc Medium Logical bugs inside yafu and I just want to show how weak our daily crypto tools can be
stackoverflow *ctf 2018 Pwn Medium Trivial stack overflow without special chars like \x00
rsa *ctf 2017 Crypto Easy Factoring big integer using Pollard's rho algorithm
sql *ctf 2017 Reverse Easy Reversing SQLite3 bytecode and recover the sql query
compCipher *ctf 2017 Pwn/Crypto Easy This challenge is for beginners and has nothing special