Write-ups
Nnubes256
Reversing
- corMine: The Beginning / corMine 2: Revelations (write-up prize π). corCTF 2024. Rust. Game Hacking. Bevy. ECS
7Rocky
Crypto
- Clutch. HTB UniCTF 2024. Quantum Cryptography. Frame-based Quantum Key Distribution
- γ―γγΆγ (write-up prize π). SekaiCTF 2024. Falcon. Lattice attack on NTRU. BKZ. Key recovery attack
- γγΉγΏγΌγΉγγΌγ―. SekaiCTF 2024. Isogeny-based cryptography. CSIDH. Discrete logarithm. CRT
- Read between the lines (challenge author π). CrewCTF 2024. RSA. Integer linear relations. LLL lattice reduction
- 4ES (challenge author π). CrewCTF 2024. AES. Meet-in-the-middle
- two-wrongs (write-up prize π). corCTF 2024. Quantum Computing. Quantum Error Correction
- Paranormial Commitment Scheme. Plaid CTF 2024. BLS12-381. Elliptic curve pairings. Lagrange interpolation
- winter (write-up prize π). DiceCTF 2024 Quals. Winternitz One-Time Signature
- Zombie Rolled. HTB UniCTF 2023. Fractions. GCD. RSA signature. Coppersmith method on bivariate polynomial
- Kernel searcher. ECSC 2023. Third day. Isogeny. Finding curve parameters. Discrete logarithm
- Irish Flan. ECSC 2023. First day. Quaternions. Matrix equations. Kernel
- Share. HITCON CTF Quals 2023. Shamir Secret Sharing. Lagrange interpolation. Chinese Remainder Theorem.
multiprocessing - Noisy CRC. Sekai CTF 2023. CRC. Chinese Remainder Theorem. Brute force
- Blessed (challenge author π). Hack The Box. BLS12-381. BLS signatures. Rogue key attack. Zero-knowledge proof. EC-LCG. LLL lattice reduction
- Vitrium Stash. Hack The Box. DSA. Modular arithmetic. LLL lattice reduction
- TurboCipher (challenge author π). Hack The Box. Recurrence relation. Telescoping series. LCG
- Infinite Knapsack. Hack The Box. Knapsack. Brute force. Modular arithmetic. Shuffling. LLL lattice reduction
- Roulette. Hack The Box. PRNG. Custom Mersenne Twister. System of equations with binary variables
Pwn
- Dead or Alive. HTB UniCTF 2024. 64-bit binary. Heap exploitation. House of Spirit. Heap feng-shui. Overlapping chunks. Tcache poisoning. TLS-storage
dtor_list - speedpwn. SekaiCTF 2024. Uninitialized values. Oracle.
FILEstructure attack. GOT overwrite - Format muscle (challenge author π). CrewCTF 2024. Format String vulnerability. musl libc. Exit handlers
- Gloater. HTB CA 2024. 64-bit binary. Heap exploitation. House of Spirit. Overlapping chunks. Tcache poisoning. TLS-storage
dtor_list - Zombiedote. HTB UniCTF 2023. 64-bit binary. Heap exploitation. OOB read and write. Integer Overflow. Floating point numbers. TLS-storage
dtor_list - FileStorage (challenge author π). Hack The Box. 64-bit binary. Buffer Overflow. Format String vulnerability. FSOP. GOT overwrite
- CRSid. Hack The Box. 64-bit binary. Heap exploitation. Safe-linking. Out-of-bounds write. Tcache poisoning. Exit handlers
Reversing
- Go Sweep. m0leCon CTF 2025 Teaser. Go binary. PRNG. Time-based seed. Threads
- Sickle. SECCON CTF Quals 2023.
pickle. RSA. CBC mode - Alien Saboteaur. HTB CA 2023. Virtual machine. Custom opcode instructions.
sys_ptrace. XOR cipher
Web
- Percetron. HTB CA 2024. HA-Proxy. HTTP request smuggling. Server-Side Request Forgery. MongoDB Wire Protocol. Gopher Protocol. Cypher injection (neo4j). Command injection. RCE
- TrapTrack. HTB CA 2023. Insecure Deserialization in
pickle. SSRF in Redis - BatchCraft Potions. HTB UniCTF 2022. GraphQL batching attack. OTP and rate limit bypass. JWT. CSP. DOM Clobbering. XSS
Machines
- RegistryTwo. Hack The Box. Linux. Insane machine
- Scanned. Hack The Box. Linux. Insane machine
- Rope. Hack The Box. Linux. Insane machine
- OverGraph. Hack The Box. Linux. Hard machine
- Static. Hack The Box. Linux. Hard machine
- Acute. Hack The Box. Windows. Hard machine
- Retired. Hack The Box. Linux. Medium machine
- Backdoor. Hack The Box. Linux. Easy machine
- GoodGames. Hack The Box. Linux. Easy machine