Overview 2021

An overview of all CTF challenges I checked out this year. Some even contain a write-up I wrote, although they can be quite sparse. Feel free to contact me about any of the challenges below. ^w^

Check out write-ups by my teammates on K3RN3L4RMY.com

backdoorctf 2021

non abelian - Crypto x (x) › Matrix DDH, integer size reveals origin
non abelian revenge - Crypto x (x) › Matrix DDH, determinant reveals origin
MDLP - Crypto x (x) › DLP with matrices,
I’m the Mountain - Crypto x (x) › Kyber, weak implementation
lfsr - Crypto 500 (1) › Simple Power Analysis (SPA) with hidden taps
Beyond the Mountain - Crypto 500 (0) › Kyber, x

ASIS CTF Finals 2021

Stairs - Crypto 191 (43) › RSA-like cryptosystem reduced to quadratic equation
nDLP - Crypto 218 (37) › DLP, modulus factors into insecure small primes
RAS - Crypto 224 (36) › RSA, low-entropy prime generation
mDLP - Crypto 262 (30) › DLP over matrix group, solve DLP over eigenvalues

hxp CTF 2021

gipfel - Crypto 85 (109) › Diffie-Hellman, trivial subgroup attack
kipferl - Crypto 227 (35) › x
infinity - Crypto 500 (11) › CSIDH, x
caBalS puking - Misc/Crypto 667 (6) › x
zipfel - Crypto 714 (5) › x
f_cktoring - Crypto 833 (3) › Quadratic field homomorphism into ECM factoring

SECCON CTF 2021

pppp - Crypto 117 (70) › x
oOoOoO - Crypto 182 (26) › x
CCC - Crypto 221 (17) › x
cerberus - Crypto 227 (16) › x
XXX - Crypto 240 (14) › x
Sign Wars - Crypto 305 (8) › x
case-insensitive - Misc 305 (8) › x

idekCTF 2021

EccRoll - Crypto x (x) › ECC-based DDH beaten by trivial on curve check
DestroyedRSA - Crypto x (x) › Backdoor RSA prime construction (paper crypto)
Seedoflife - Crypto x (x) › Brute-force PRNG seed
Hashbrown - Crypto x (x) › Brute-force home-rolled hash collision

X-MAS CTF 2021

Having a BLAST - Bioinformatics 50 (133) 2nd blood › x
A putative sequence - Bioinformatics 428 (40) 2nd blood › x
SantaVax reverse engineering - Bioinformatics 711 (14) 1st blood › Dissecting custom mRNA vaccin
One Time Present - Crypto/Rev 494 (12) › x
Santa’s Secret Encoding Machine - Crypto 496 (10) › x
Santa’s Bilingual Encryption System - Crypto 498 (6) › x
Santa’s Secure Database - Crypto 498 (6) › x
Worst two reindeer - Crypto 500 (3) 3rd blood › Near-linear block cipher key recovery
Still Two Bad Reindeer - Crypto 500 (3) › x

VULNCON CTF 2021

x - Crypto x (x) › x

HITCON CTF 2021

so easy rsa - Crypto 210 (56) › x
a little easy rsa - Crypto 240 (37) › x
magic rsa - Crypto 262 (27) › x
magic dlog - Crypto 262 (27) › x
so easy but not rsa - Crypto 305 (15) › x
still not rsa - Crypto 321 (12) › x

N1CTF 2021

checkin - Crypto ? (7) › x
n1ogin - Crypto ? (7) › x
n1token1 - Crypto ? (3) › x
n1token2 - Crypto ? (3) › x

K3RN3LCTF 2021

The challenges I wrote:

Twizzty Buzzinezz - Crypto 100 (116) › XOR with predictable key stream
1-800-758-6237 - Crypto 437 (28) › XOR cribbing
Non-Square Freedom 1 - Crypto 465 (21) › Multi-prime RSA with small message
Non-Square Freedom 2 - Crypto 490 (11) › Weak multi-prime RSA
Poly-Proof - Crypto 490 (11) › Bad polynomial commitment scheme
Poly Expo go BRRRRR - Crypto 494 (9) › Polynomial-based RSA is easily factored
Tick Tock - Crypto 496 (6) › Clock group DLP solved in quadratic homomorphism
3Dangerous Commute - Misc 497 (5) › Reverse mine sweeper into Dijkstra min-cost path
lightningrod - Rev 499 (3) › Brute-force base64 input through XOR field
Cozzmic Dizzcovery - Crypto 499 (3) › XOR field state recovery
HADIOR - Crypto 499 (3) › Hamming distance oracle into signature forgery
Objection! - Crypto 500 (2) › Double signature spoofing through domain injection
Beecryption - Crypto 500 (2) › Affine cryptosystem solved with known plaintext-ciphertext
Game of Secrets - Crypto 500 (2) › ‘Game of Life’ inspired cryptosystem leaks round keys
Ain’t no Mountain High Enough - Crypto 500 (1) › Multi-key Hill Cipher solved with basic linear algebra
Shrine of the Sweating Buddha - Crypto 500 (0) › Paillier with predictable blind pattern and recursive Paillier
Mowhock - Crypto 500 (0) › Chaotic orbits based on logistic maps, weak IV injection
Total Encryption - Crypto 500 (0) › Multi-layered RSA beaten by Franklin-Reiter and Coppersmith attacks

BuckeyeCTF 2021

Key exchange - Crypto 40 (141) › x
Key exchange 2 - Crypto 90 (34) › x
Defective RSA - Crypto 441 (33) › RSA with non co-prime public exponent, multiple solutions possible
Elliptigo - Crypto 465 (21) › Invalid curve attack on Curve25519 by choosing low-order base point

ASIS CTF Quals 2021

Madras - Crypto 59 (88) › RSA with math hint
Spiritual - Crypto 79 (60) › ECC, order of field extensions
Pinhole - Crypto 134 (31) › Matrix-substitution cipher
Lagleg - Crypto 201 (18) › Small key space brute-force
Damas - Crypto 477 (1) › Matrix DLP red-herring, Wiener attack

pbctf 2021

Alkaloid Stream - Crypto 134 (132) › Simple reverse of encryption function
Steroid Stream - Crypto 198 (38) › Finding additions to a linear independent set to retrieve key (unintended solution)
GoodHash - Crypto 218 (30) › Forge GCM IV collision
Seed Me - Crypto 242 (23) › Java.utils.random LCG seed forgery
Yet Another PRNG - Crypto 292 (14) › x
Yet Another RSA - Crypto 309 (12) › x

TastelessCTF 2021

crybaby - Crypto 492 (14) › AES-GCM with re-used IV leads to a simple tag forgery

TSGCTF 2021

Beginner’s Crypto 2021 - Crypto 100 (126) › x
Minimalist’s Private - Crypto 137 (49) › RSA with substantially small Carmichael function
Baba is Flag - Crypto 162 (34) › x
Flag is Win - Crypto 278 (10) › x
This is DSA - Crypto 290 (9) › x

DownUnderCTF 2021

Substitution Cipher I - Crypto 100 (362) › x
Break Me! - Crypto 100 (162) › x
Substitution Cipher II - Crypto 100 (155) › x
treasure - Crypto 100 (102) › x
JWT - Web 457 (34) › x
Secuchat - Crypto 462 (32) › Heap of public RSA keys leaks shared prime which allows us to decrypt some users’ messages
encrypted note - Pwn 483 (22) › x
power sign - Crypto 494 (14) › x
yadlp - Crypto 494 (14) › x
OTWhat 1 - Crypto 496 (12) › x
OTWhat 2 - Crypto 500 (5) › x
1337crypt v2 - Crypto 500 (3) › x
Substitution Cipher III - Crypto 500 (1) › x

H@cktivityCon 2021 CTF

Triforce - Crypto 444 (73) › Simple AES-CBC IV recovery from encryption/decryption oracle
Sausage Links - Crypto 468 (55) › Wiener attack on multi-prime RSA

CSAW CTF Qualification Round 2021

RSA Pop Quiz - Crypto 390 (137) › RSA, small private exponent, close primes, LSB oracle, partial key exposure
Forgery - Crypto 405 (127) › Simple DSA forgery due to faulty mask and message check
Save the Tristate - Misc 474 (68) › Trivial QKD-esque challenge
ECC Pop Quiz - Crypto 478 (63) › ECC, anomalous curve, simple curve, singular curve
Bits - Crypto 497 (24) › Discrete logarithm bit leak reveals the multiplicative order to be smooth

WORMCON 0x01 2021

Exclusive - Crypto 100 (25) › Home-rolled XOR cipher with key space of 256, easily brute-forced
Fake Encryption - Crypto 379 (12) › DES-ECB encryption recovered using known plaintext-ciphertext pair
Invisible Cipher - Crypto 419 (10) › Substitution cipher broken with quick frequency analysis and quipqiup
Rem, Shinobu, Asuna - Crypto 475 (6) › RSA math hint
Sir Oracle - Crypto 484 (5) › DHE with user input XOR leak

FwordCTF 2021

Leaky-Blinders - Crypto 100 (121) › Non-key bytes leaked iteratively
Boombastic - Crypto 738 (55) › Math to recover server secret into signature forgery
Invincible - Crypto 930 (29) › ECC invalid-curve-attack
Login - Crypto 991 (11) › Length-extension-attack into RSA modulus recovery
Transfer - Crypto 998 (6) › ECDSA fault-attack due to a HMAC bug
Procyon - Crypto 1000 (4) › DHE HNP, see Raccoon Attack

corCTF 2021

4096 - Crypto 360 (219) › RSA modulus consisting of many small primes
dividing_secrets - Crypto 434 (121) › Dividing the secret allows us to recover LSB with legendre symbols
supercomputer - Crypto 457 (85) › Ridiculous powers (no modulus) computed with LTE
babyrsa - Crypto 476 (50) › Partially recovered RSA parameters recovered using univariate roots
babypad - Crypto 484 (35) › AES-CTR padding oracle attack
babyrand - Crypto 487 (29) › bad PRNG recovered using multivariate roots
bank - Crypto 489 (25) › Simple qubit manipulation to recover their state
LCG_k - Crypto 489 (25) › ECDSA with related nonces recovered using symbolic math
mystery_stream - Crypto 496 (10) ›
fried_rice - Crypto 497 (6) › ‘dp’ leak into bad PRNG (polynomial LCG) seed recovery
leave_it_to_chance - Crypto 498 (5) › DSA recovery using modular-roots into forgery

SSTF 2021

RC Four - Crypto [EASY] › RC4 is a stream cipher and therefore malleable.
RSA 101 - Crypto [EASY] › RSA, using homomorphic properties to deceive the server
meLorean - Crypto [EASY] › Linear regression to recover slope, which decodes to ASCII
MenInBlackHats - Crypto [MEDIUM] › Data-analysis of 3D coordinates, rotation reveals QR-code
DecryptTLS - Crypto [HARD] › TLS 1.3 PCAP with bad client-side secret key in ECDHE
License - Crypto [HARD] › ECDSA-signature-based DRM forgery
Xero Trust - Crypto [HARD] › Web encryption with AES-CBC

RACTF 2021

Military-Grade - Crypto-Web 300 (48) › Time seeded PRNG with bad masking, written in Go

BSidesNoidaCTF 2021

MACAW - Crypto 445 (50) › AES-CBC with MAC authentication
MACAW Revenge - Crypto 473 (27) › AES-CBC with MAC auth, but limited attempts
baby_crypto - Crypto 479 (22) ›
KOTF Returns - Crypto 486 (15) › DSA forgery (no hash leak)
low power crypto - Crypto 494 (7) › ECC invalid-curve-attack
prng - Crypto 499 (1) ›
damn boi - Crypto 500 (0) ›

RaRCTF 2021

PsychECC - Crypto 400 (39) › ECC invalid-curve-attack
rotoRSA - Crypto 300 (29) › RSA, polynomial GCD
Randompad - Crypto 700 (24) › Mersenne Twister PRNG padding recoverd with Coppersmith
Snore - Crypto 600 (17) › Hidden number problem in Schnorr signatures solved with LLL
A3S - Crypto 800 (4) › AES with trits and trytes, affine S-box

UIUCTF 2021

Constructive Criticism - Misc 408 (14) › Audio, signal processing
Q-Rious Transmissions - Misc 322 (23) › Quantum entanglement (with Python-Qiskit)
Capture the :flag: - Forensics 311 (24) › LSB steganography
SUPER - Forensics 371 (18) › Encrypted VHD containing a DOS EXE

CryptoCTF 2021

Robert - Crypto 194 (19) › (inverse) Carmichael function
Frozen - Crypto 142 (29) › Math reverse, signature forgery
Hamul - Crypto 83 (56) › String conactation of primes
Improved - Crypto 117 (37) › Hash collision
Keybase - Crypto 48 (118) › AES CBC, IV recovery
Triplet - Crypto 91 (50) › RSA, custom keygen
Wolf - Crypto 128 (33) › AES GCM(CTR), short IV, time.time()
Salt and Pepper - Crypto 71 (69) › Length extension attack on MD5 and SHA1

ImaginaryCTF 2021

Password Checker - Web 450 (15) › Deobfuscated JavaScript, brute-force
ZKPoD - Crypto 400 (19) › Parity leak into LSB oracle
Mazed - Misc 225 (38) › Maze, brute-force
Off To The Races! - Misc 275 (39) › Regex, multi-threading vuln leads to check bypass
Short Story - Forensics 150 (39) › Hex encoded into word lengths
Primetime - Crypto 300 (41) › Hex-encoding using primes
New Technology - Crypto 300 (50) › Number theory
Roll it back - Crypto 300 (58) › Reversing
Prisoner’s Dilemma - Misc 200 (63) › Vim jail
Cookie Stream - Web 150 (86) › AES CTR, bit flipping on cookies
Lines - Crypto 150 (128) › Diffie-Hellman
Rock Solid Algorithm - Crypto 100 (149) › RSA, small e, modular roots
Flip Flops - Crypto 100 (160) › AES CBC, block flipping

San Diego CTF 2021

A Primed Hash Candidate - Crypto 292 (21) › Custom hash, math reverse
Encrypted Communications - Crypto 699 (6) › AES-CBC, padding vuln, .strip() vuln
Desmos Pro - Reversing 799 (5) › Math reverse

DEFCON CTF Quals 2021

nooombers - Crypto 127 (44) ›
qoo-or-ooo - Crypto 120 (58) ›
back-to-qoo - Crypto 128 (43) ›
smart-cryptooo - Crypto 5 (343) ›

S4Lab CTF 2021

Baby-Xor - Crypto ? (?) ›
Baby-IQ - Crypto ? (?) ›
Baby-RSA - Crypto ? (?) ›
Merles - Crypto ? (?) ›
khayyam - Crypto ? (?) ›
genie - Crypto ? (?) ›
malady - Crypto ? (?) ›
phillip - Crypto ? (?) ›
PTS - Misc ? (?) ›
Determinant - Misc ? (?) ›
Tom - Misc ? (?) ›

Cyber Apocalypse 2021

PhaseStream 3 - Crypto 300 (531) › AES-CTR, re-used key-iv, known plain text
PhaseStream 4 - Crypto 300 (334) › AES-CTR, re-used key-iv, deduced plain text
SoulCrabber 2 - Crypto 300 (229) › Rust, time seeded PRNG
Forge of Empires - Crypto 325 (95) › Forge ElGamel signatures, no-hashing vulnerability
Super Metroid - Crypto 325 (77) › Weak ECC
Tetris - Crypto 325 (75) › Transposition cipher analysis
SpongeBob SquarePants: Battle for Bikini Bottom - Rehydrated - Crypto 325 (61) › Custom hash function collisions
Wii Phit - Crypto 350 (38) ›
RuneScape - Crypto 400 (20) › Custom multivariate polynomial encryption
Hyper Metroid - Crypto 425 (18) › Hyperelliptic curve cryptography, Jacobian order
Tetris 3D - Crypto 425 (18) › Transposition cipher analysis
Alienspeak - Misc 375 (30) ›

PlaidCTF 2021

xorsa - Crypto 100 (180) › RSA with XOR hint
leaky block cipher - Crypto 400 (22) › Weak AES-GCM-like cipher manipulation
Fake Medallion - Crypto 420 (4) › Qubit encryption, …
Proxima Concursus: The Game - Crypto 200 (5) › Rust,
Proxima Concursus: Particle Collider - Crypto 200 (5) › Rust,

UMDCTF 2021

Subway - Crypto 225 (88) › Substitution cipher
Office Secrets - Crypto 250 (87) › RSA, same message with different public exponents
Cards Galore - Crypto 707 (25) › Solitaire cipher
Whose Base Is It Anyway - Crypto 741 (19) › Matryoshka doll-like base encoding(s)

RITSEC CTF 2021

Lorem Ipsum - Crypto 150 (135) › Trithemius Ave Maria cipher
RITSEC Hash - Crypto 250 (56) › Custom hash collision
Streams & Rivers - Crypto 399 (2) › (Manual) Mersenne Twister prediction
Feedback - Crypto 500 (0) › LFSR, creative custom encryption

Midnightsun CTF 2021

ocat_024 - Crypto 220 (19) ›
dbcsig_64434 - Crypto 228 (18) ›
Backup: Alice - Crypto 91 (82) › RSA,
Backup: Bob - Crypto 91 (81) › RSA,
Backup: Craig - Crypto 345 (8) ›
Backup: Dan - Crypto 345 (8) ›
Backup: Eve - Crypto 113 (55) › Substitution cipher, guessing
Backup: Frank - Crypto 121 (49) › Partially masked private RSA-SSH key recovery

BSides Canberra CTF 2021

Make RSA Great Again - Crypto 50* (?) › RSA
Dispicable Key - Crypto 200* (?) › AES-ECB
Bomb Disposal - Crypto 200* (?) › PRNG state recovery, LCG with Blum-Blum-Shub
Empty Fault - Crypto 200* (?) › Merkle tree hash collision
Vanity AES - Crypto 500* (?) › AES-??? mode IV+key re-use through simultaneous connection
Super Cool Facts! - Crypto 500* (?) › ECC, invalid point attack

b01lers CTF 2021

RSASSS - Crypto 493 (13) › RSA, Shamir’s secret sharing
Baby Double XOR - Crypto 497 (8) › Double XOR cipher cryptanalysis, all unknowns
Unlucky Strike - Crypto 498 (7) › AES-CBC padding oracle attack to forge encryption
Cold War Gets Hotter - Crypto 499 (4) ›
Reasonable Security Ahead - Crypto 500 (2) ›
Double XOR - Crypto 500 (1) ›

ångstromCTF 2021

Home Rolled Crypto - Crypto 70 (173) › Bit-wise encryption, input-output reverse
Follow the Currents - Crypto 70 (270) › Simple XOR cipher brute-force
Circle of Trust - Crypto 100 (85) › Custom secret sharing scheme, math reverse
I’m so Random - Crypto 100 (237) › Custom PRNG, weak PRNG
Oracle of Blair - Crypto 160 (136) › AES-CBC decryption oracle exploit (not a padding oracle attack)

Foobar CTF 2021

Profezzor revenge - Crypto 100 (66) › XOR entire PDF with key derived from hex signature
Lost-N - Crypto 100 (47) › RSA, unknown modulus recovery from cipher- plaintext pairs
Hill-Kill - Crypto 436 (15) › Hill cipher, linear algebra, pwn automatic decryption
Back to the future - Crypto 453 (13) › RSA, modular square roots, time seeded random
Pascal’s Chemistry Lab - Crypto 453 (13) › Fermat factorisation, Paillier cryptosystem
Intern - Crypto 461 (12) › RSA, LCG prediction, Franklin-Reiter related message attack, (Coppersmith’s short-pad attack)
From Japan with Love - Stego 383 (20) › QR, red herring, LSB hidden ascii

picoCTF 2021

Easy Peasy - Crypto 40 (424) › XOR cipher disguised as an OTP, len(key) != len(msg)
New Caesar - Crypto 60 (586) › Caesar cipher-like, simple reverse and brute-force, small key
Mini RSA - Crypto 70 (374) › RSA, small public exponent e, brute-force e-th root of k*N
Dachshund Attacks - Crypto 80 (587) › RSA, small private exponent d, brute-force d
No Padding, No Problem - Crypto 90 (326) › RSA, chosen chiphertext attack (no padding)
Pixelated - Crypto 100 (586) › Image XOR
Play Nice - Crypto 110 (414) › Playfair cipher
Double DES - Crypto 120 (214) › 2DES-ECB, meet in the middle attack
Compress and Attack - Crypto 130 (163) › Compression before encryption leak
Scrambled: RSA - Crypto 140 (99) ›
It’s Not My Fault 1 - Crypto 300 (82) ›
New Vignere - Crypto 300 (255) › Vigenère cipher-like, reverse and brute-force, small character space
Clouds - Crypto 500 (16) ›

UMassCTF 2021

malware - Crypto 434 (78) › AES-CTR with re-used iv/counter and known plaintext
Factoring is Fun - Crypto 500 (7) › Iterative Lattice Factorisation with ‘random’ known bits of p
Weird RSA - Crypto 500 (10) › LUC-RSA cryptosystem (2nd order Lucas sequence), Fermat factorisation
warandpieces - Stego 499 (13) › 16-bit encoding (hex)

Securinets CTF Quals 2021

MiTM - Crypto 559 (36) › Diffie-Hellman exchange man in the middle attack (w/ ghost-check)
MiTM Revenge - Crypto 757 (27) › Diffie-Hellman delayed man in the middle attack, XOR vuln (w/ ghost-check)
Special - Crypto 908 (17) › RSA LSB attack with small root finding
Shilaformi - Crypto 940 (14) ›
Sign it! - Crypto 949 (13) ›
Exfiltration - Stego 793 (25) ›

LINE CTF 2021

babycrypto1 - Crypto 50 (106) ›
babycrypto2 - Crypto 50 (98) ›
babycrypto3 - Crypto 50 (58) ›
babycrypto4 - Crypto 50 (35) ›

BlueHens CTF 2021

hot_diggity_dog - Crypto 75 (48) › RSA, large public exponent e, brute-force small private exponent d
PHEnomenal - Crypto 212 (29) › Paillier Homomorphic Encryption
OTP1 - Crypto 284 (26) ›
OTP2 - Crypto 422 (17) ›
OPT3 - Crypto 482 (9) ›
aHead Of The curve (Probably) - Crypto 493 (6) ›
hot_diggity_dog_2 - Crypto 500 (1) ›
conFidential searcH and dEstroy - Crypto 500 (1) ›

Codefest CTF 2020

RSA 1.0 - Crypto ? (?) › RSA, multi-prime factorisation, insufficient padding
RSA 2.0 - Crypto ? (?) › RSA, even public exponent e, Tonelli-Shanks decryption
Anime is Love - Stego ? (?) ›
Telephone - Stego ? (?) ›
b1n4rY - Stego ? (?) › QR code
Sanity Check 2 - OSINT ? (?) › Simple ciphers and encoding
E-mail - OSINT ? (?) › Google
C is hard - Pwn ? (?) › Buffer overflow exploit

NahamCon CTF 2021

Dice Roll [Medium] - Crypto 406 (201) › Mersenne-twister based RNG prediction
Elliptical [Hard] - Crypto 500 (19) › ECDSA re-used nonce exploit
Treasure [Easy] - Crypto 448 (154) › Book cipher
Eaxy [Easy] - Crypto 433 (172) › Iterative XOR encryption
DDR [Medium] - Scripting 497 (51) › Pixel values, PIL Python script

DaVinciCTF 2021

Bootless RSA - Crypto 25 (127) › RSA, small public exponent e
The more, the less - Crypto 41 (62) › RSA, multi-prime factorisation
Substitution - Crypto 25 (266) › Substitution cipher
Kanagawa - Pwn 59 (92) › Buffer overflow exploit
Format me - Pwn 90 (47) › String format exploit

NetOn CTF 2021

Just win - Pwn 250 (4) ›
Limited - Pwn 499 (4) › Simple password brute-force
Darkness - Pwn 500 (1) ›
Side Login - Pwn 500 (2) ›
Welcome to FilterLand - Web 208 (24) › PHP strcmp exploit
Picnicnic - Web 222 (20) › Cookie trail
Let me in! - Web 245 (9) › Captcha with PHPSESSID cookie
Grades - Web 486 (10) › JavaScript encryption de-obfuscation and brute-force
Jungle Meeting - Stego 50 (33) › Strings and grep
Seeing blurry - Stego 50 (16) › - Autostereogram
Winter - Stego 218 (21) › Whitespace ssteganography (snow, stegsnow)
Step by step - Stego 250 (4) › Pixel value masking and steghide
Invisibility - Stego 500 (3) › Unicode zero-width steganography
Caesar’s Secret - OSINT 163 (34) › Waybackmachine, Twitter
Capture The Flag - OSINT 436 (20) › Google, Google Maps
PawN PawN - Crypto 188 (29) › Morse-code, chess board set-up code and visual encoding
Weak xor - Crypto 239 (13) › Small XOR key and partly known plaintext
BritishScientific - Crypto 242 (11) › Playfair cipher
Facts Br0! - Crypto 244 (10) › RSA, PEM file, simple factorisation
Not Morse - Crypto 249 (5) › Baconian cipher
RSA… no primEs, no problEm - Crypto 500 (2) › Unkown e with known phi(n), brute-force values for e
Run Run Run - Coding 215 (22) › Python automated HTML requests
Step by step - Coding 239 (13) › Trial and error with substrings
SecretMessage - Coding 247 (8) › Reverse encryption function
Infiltration - Forensics 183 (30) › PCAP investigation
Picasso01 - Forensics 225 (19) › Binwalk, strings and grep
Lost in Lab - Forensics 479 (12) › Disk image
File Bomb - Reversing 475 (13) › ELF disassembly
Inception - Misc 183 (30) › QR codes
Photogra.fy - Misc 227 (18) › Simple flag search
Kasiski the magician - Misc 235 (15) › Magic numbers fix (hex signature fix)
MathTomata - Misc 245 (9) › Deterministic finite automaton
Gotta catch em flag - Misc 248 (6) › GBA Emulator, Pokémon FireRed