Skip to content

Instantly share code, notes, and snippets.

🍊
Something

Aleksei hellman

🍊
Something
Block or report user

Report or block hellman

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@hellman
hellman / crazy_repetition_of_code.ipynb
Last active Oct 20, 2019
SECCON 2019 CTF Quals - Crazy Repetition of Codes (crypto)
View crazy_repetition_of_code.ipynb
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@hellman
hellman / randomly_select_cat.ipynb
Created Oct 15, 2019
HITCON CTF 2019 Quals - Randomly Select a Cat
View randomly_select_cat.ipynb
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@hellman
hellman / very_simple_haskell.ipynb
Created Oct 14, 2019
HITCON CTF 2019 Quals - Very Simple Haskell (crypto)
View very_simple_haskell.ipynb
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@hellman
hellman / not_so_hard_rsa.ipynb
Last active Oct 14, 2019
HITCON CTF 2019 Quals - Not So Hard RSA (crypto)
View not_so_hard_rsa.ipynb
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@hellman
hellman / lost_key_again.ipynb
Last active Oct 14, 2019
HITCON CTF 2019 Quals - Lost Key Again (crypto)
View lost_key_again.ipynb
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@hellman
hellman / lost_modulus_again.ipynb
Last active Oct 14, 2019
Hitcon CTF 2019 Quals - Lost Modulus Again
View lost_modulus_again.ipynb
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@hellman
hellman / 0_challenge_sol.md
Last active Oct 11, 2019
Balsn CTF 2019 - pyshv1,2,3 (misc)
View 0_challenge_sol.md

pyshv1 (572)

The challenge contains two modules:

# File: securePickle.py

import pickle, io

whitelist = []
@hellman
hellman / 0_challenge_sol.md
Last active Oct 7, 2019
Balsn CTF 2019 - listcomp ppm (programming)
View 0_challenge_sol.md

listcomp ppm (371)

Solve 3 super easy list-comp challenges!!! Short! Shorter!! Shortest!!!

nc easiest.balsnctf.com 9487

UPDATE: the challenge runs by python3.6 UPDATE: the original code should already be list comprehension

Question 1

@hellman
hellman / 0_writeup.md
Last active Oct 18, 2019
Balsn CTF 2019 - Collision (crypto)
View 0_writeup.md

In this challenge we see a password-verification program. The password is quite long:

assert 16 < len(passwd) < 70

The first few checks verify md5, sha1 and sha3_224 digests. Due to long password, it is unlikely to use them to recover the password. Then, three transformations applied aiming to "destroy" the password: exponentiation modulo a prime, iterated encryption with DES and AES. Though, it is easy to see that they are trivially invertible. For the final "destroyed" value, the omnihash tool is used, which checks the password using 72 different hash functions, including many CRC variants. We are given the digests of these functions in the hash.json file.

CRC functions are totally not cryptographically secure: they are affine functions. Therefore, we can efficiently use them to deduce information about the hashed value. One may try to use the definition of CRC functions as modular reductions in the ring of polynomials over GF(2) and use the Chinese Remainder Theorem to reconstruct the va

@hellman
hellman / solve_with_angr.py
Last active Oct 4, 2019
PwnThyBytes 2019 CTF - Primitive Obsession
View solve_with_angr.py
#!/usr/bin/env python3
'''
time python3 solve.py
35 minutes
'''
import angr
import claripy
import hashlib
# checking functions
You can’t perform that action at this time.