{"id":13845990,"url":"https://github.com/pcw109550/write-up","last_synced_at":"2026-02-24T08:10:26.174Z","repository":{"id":37371469,"uuid":"186902436","full_name":"pcw109550/write-up","owner":"pcw109550","description":":smirk_cat: CTF write-ups","archived":false,"fork":false,"pushed_at":"2025-02-12T01:56:18.000Z","size":53131,"stargazers_count":201,"open_issues_count":2,"forks_count":26,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-02-26T04:42:25.092Z","etag":null,"topics":["cryptography","ctf","ctf-writeups"],"latest_commit_sha":null,"homepage":"","language":"Sage","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pcw109550.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2019-05-15T21:03:53.000Z","updated_at":"2025-02-23T09:23:24.000Z","dependencies_parsed_at":"2023-02-19T10:16:24.181Z","dependency_job_id":"4a3c14a1-5530-4684-b09a-4772429ab5b2","html_url":"https://github.com/pcw109550/write-up","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/pcw109550/write-up","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pcw109550%2Fwrite-up","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pcw109550%2Fwrite-up/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pcw109550%2Fwrite-up/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pcw109550%2Fwrite-up/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pcw109550","download_url":"https://codeload.github.com/pcw109550/write-up/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pcw109550%2Fwrite-up/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29776054,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-24T04:54:30.205Z","status":"ssl_error","status_checked_at":"2026-02-24T04:53:58.628Z","response_time":75,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cryptography","ctf","ctf-writeups"],"created_at":"2024-08-04T17:04:16.281Z","updated_at":"2026-02-24T08:10:26.156Z","avatar_url":"https://github.com/pcw109550.png","language":"Sage","funding_links":[],"categories":["Sage"],"sub_categories":[],"readme":"# CTF write-ups\n\nCTF write-ups written by me. Mostly crypto and blockchain!\n\n## 2023\n\n- **TSG CTF 2023**\n\t- Crypto 341 - Delta Force - [Writeup](https://github.com/pcw109550/write-up/tree/master/2023/TSG/Delta-Force)\n\t\t- DLP over singular curve over composite ring: Reduction to additive Group / Pohlig Hellman\n- **CCE 2023**\n\t- Crypto 451 - NZK-SIARK - [Writeup](https://github.com/pcw109550/write-up/tree/master/2023/CCE/NZK-SIARK)\n\t\t- AES intermdiate state forgery\n\t- Crypto 451 - De-Identification - [Writeup](https://github.com/pcw109550/write-up/tree/master/2023/CCE/De-Identification)\n\t\t- Format Preserving encryption\n- **DiceCTF 2023**\n\t- Crypto 199 - BBBB - [Writeup](https://github.com/pcw109550/write-up/tree/master/2023/Dice/BBBB)\n\t\t- LCG parameter selection to make RNG cyclic + Coppersmith Attack\n\n## 2022\n\n- **CODEGATE 2022 Final**\n\t- Blockchain 500 - Look It Up - [Writeup-EN](https://github.com/pcw109550/write-up/tree/master/2022/CODEGATE/Final/Look_It_Up/README.md), [Writeup-KR](https://github.com/pcw109550/write-up/tree/master/2022/CODEGATE/Final/Look_It_Up/README_KR.md)\n\t\t- Plonkup + frozen heart vulnerability + Solidity Optimizer Keccak Caching Bug\n- **RCTF 2022**\n\t- Crypto 769 - S2DH - [Writeup](https://github.com/pcw109550/write-up/tree/master/2022/RCTF/S2DH)\n\t\t- Cracking SIDH using Castryck-Decru Attack\n\t- Crypto 645 - IS_THIS_LCG? - [Writeup](https://github.com/pcw109550/write-up/tree/master/2022/RCTF/IS_THIS_LCG)\n\t\t- Truncated LCG + EC-LCG with only 7 x-coordinate + Matrix LCG\n- **LakeCTF 2022** \n\t- Crypto 416 - NeutronMail - [Writeup](https://github.com/pcw109550/write-up/tree/master/2022/Lake/NeutronMail)\n\t\t- Decrypting PGP message with not so random public PGP keys, factoring with gcd.\n\t- Blockchain 372 - Immutable - [Writeup](https://github.com/pcw109550/write-up/tree/master/2022/Lake/Immutable)\n\t\t- Update code of a deployed contract using `CREATE`, `CREATE2`, and `SELFDESTRUCT`\n\t- Blockchain 388 - QuinEVM - [Writeup](https://github.com/pcw109550/write-up/tree/master/2022/Lake/QuinEVM)\n\t\t- Shortest EVM quine \n- **angstromCTF 2022** \n\t- Crypto 110 - logloglog - [Writeup](https://github.com/pcw109550/write-up/tree/master/2022/angstromCTF/logloglog)\n\t\t- Pohlig Hellman Algorithm for groups of prime-power order.\n- **Plaid CTF 2022**\n\t- Crypto 400 - choreography - [Writeup](https://github.com/pcw109550/write-up/tree/master/2022/PlaidCTF/choreography)\n\t\t- Complementation Slide + Twisted Slide Attack on generalized Feistel Structure.\n- **LINE CTF 2022**\n\t- Crypto 138 - Baby crypto revisited - [Writeup](https://github.com/pcw109550/write-up/tree/master/2022/LINE/Baby_crypto_revisited)\n\t\t- Reduction to ECDSA biased nonce atack.\n- **zer0pts CTF 2022**\n\t- Crypto 304 - Karen - [Writeup](https://github.com/pcw109550/write-up/tree/master/2022/zer0pts/Karen)\n\t\t- Solving Hidden Subset Sum Problem with Nguyen-Stern algorithm.\n\n## 2021\n\n- **POC Cutting Edge CTF 2021**\n\t- Crypto 994 - vpoly - [Writeup](https://github.com/pcw109550/write-up/tree/master/2021/POC_Cutting_Edge_CTF/vpoly)\n\t\t- Solving discrete logarithm problem over finite field.\n- **InCTF 2021**\n\t- Crypto 925 - Trouble With Pairs - [Writeup](https://github.com/pcw109550/write-up/tree/master/2021/InCTF/Trouble_With_Pairs)\n\t\t- BLS Signature Forgery.\n\t- Reversing 100 - find_plut0 - [Writeup](https://github.com/pcw109550/write-up/tree/master/2021/InCTF/find_plut0)\n\t\t- Simple reversing using z3.\n\n## 2020\n\n- **KAPO 2020**\n\t- Crypto 100 - fixed point revenge - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/KAPO/fixed_point_revenge)\n\t\t- Affine structure of crc.\n\t- Crypto 100 - Baby Bubmi - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/KAPO/Baby_Bubmi)\n\t\t- Extension of knapsack cipher.\n\t- Crypto 100 - Child Beubmi - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/KAPO/Child_Beubmi)\n\t\t- Coppersmith attack on multiprime RSA.\n- **Crypto CTF 2020**\n\t- Crypto 316 - Fatima - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/CryptoCTF/Fatima)\n\t\t- Solve tiny ECDLP and write inverse functions.\n\t- Crypto 285 - Complex to Hell - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/CryptoCTF/Complex_to_Hell)\n\t\t- Brute key matrix using flag oracle.\n\t- Crypto 142 - One Line Crypto - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/CryptoCTF/One_Line_Crypto)\n\t\t- Weak prime generation logic for textbook RSA.\n\t- Crypto 95 - Gambler - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/CryptoCTF/Gambler)\n\t\t- Solve cubic equation over polynomial ring.\n\t- Crypto 90 - Three Ravens - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/CryptoCTF/Three_Ravens)\n\t\t- Small message with single factor leak.\n\t- Crypto 55 - Amsterdam - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/CryptoCTF/Amsterdam)\n\t\t- Binomial coefficient based encoding.\n\t- Crypto 29 - Trailing Bits - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/CryptoCTF/Trailing_Bits)\n\t\t- Trucated plaintext.\n- **Defenit CTF 2020**\n\t- Crypto 201 - Double Message - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/Defenit/Double_Message)\n\t\t- Coppersmith's short pad attack + Franklin-Reiter related message attack.\n\t- Misc 906 - Dodge - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/Defenit/Dodge)\n\t\t- Automated [dodge](https://editown.tistory.com/101) solver.\n\t- Misc 298 - Minesweeper - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/Defenit/Minesweeper)\n\t\t- Automated minesweeper solver.\n\t- Misc 181 - QR Generator - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/Defenit/QR_Generator)\n\t\t- QRCode repl.\n- **Pwn2Win CTF 2020**\n\t- Crypto 246 - Omni Crypto - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/Pwn2Win/Omni_Crypto)\n\t\t- Coppersmith's attack on partial `p` exposure on RSA.\n\t- Crypto 115 - Androids Encryption - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/Pwn2Win/Androids_Encryption)\n\t\t- Leak AES key on PCBC.\n- **DEF CON CTF Qualifier 2020**\n\t- Crypto 130 - coooppersmith - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/DEFCON/coooppersmith)\n\t\t- Factor `n` using bivariate coppersmith with leaked info.\n\t- Reversing 120 - ooobash - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/DEFCON/ooobash)\n\t\t- Bash shell reversing.\n- **PlaidCTF 2020**\n\t- Crypto 350 - MPKC - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/PlaidCTF/MPKC)\n\t\t- Destroy multivariate quadratic polynomial based encyption scheme by linear algebra.\n\t- Crypto 250 - dyrpto - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/PlaidCTF/dyrpto)\n\t\t- Coppersmith's short pad attack + Franklin-Reiter related message attack.\n- **TAMUctf 2020**\n\t- Crypto 338 - ETERNAL_GAME - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/TAMUctf/ETERNAL_GAME)\n\t\t- Hash length extension attack.\n\t- Web 262 - MENTALMATH - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/TAMUctf/MENTALMATH)\n\t\t- Ajax code injection.\n\t- Web 122 - FILESTORAGE - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/TAMUctf/FILESTORAGE)\n\t\t- LFI + php session poisoning.\n\t- Web 50 - PASSWORD_EXTRACTION - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/TAMUctf/PASSWORD_EXTRACTION)\n\t\t- Blind SQL injection.\n\t- Misc 50 - INSTAGRAM - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/TAMUctf/INSTAGRAM)\n\t\t- JPEG marker recovery.\n\t- Misc 50 - BLIND - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/TAMUctf/BLIND)\n\t\t- Reverse shell.\n- **zer0pts CTF 2020**\n\t- Crypto 636 - dirty laundry - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/zer0pts/dirty_laundry)\n\t\t- Paillier cryptosystem with Shamir's secret sharing.\n\t- Crypto 394 - diysig - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/zer0pts/diysig)\n\t\t- RSA with LSB oracle.\n\t- Crypto 260 - ROR - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/zer0pts/ROR)\n\t\t- Concat LSB for gaining ciphertext\n\t- Forensics 100 - Locked KitKat - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/zer0pts/Locked_KitKat)\n\t\t- Bruteforce android pattern lock\n- **Pragyan CTF 2020**\n    - Crypto 150 - AskTheOracle - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/Pragyan/AskTheOracle)\n        - Oracle Padding Attack.\n- **nullcon HackIM 2020**\n    - Crypto 419 - SecureLinearFunctionEvaluation - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/HackIM/SecureLinearFunctionEvaluation)\n        - Break Bellare-Micali OT by simple math.\n- **WhiteHat Grand Pix 06 Quals**\n    - Crypto 200 - Cryptography 01 - [Writeup](https://github.com/pcw109550/write-up/tree/master/2020/WhiteHat_GrandPrix/Cryptography_01)\n        - Simple substitution cipher.\n\n## 2019\n\n- **Christmas CTF 2019**\n\t- Crypto 1000 - hide and seek - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/X-MAS/hide_and_seek)\n\t\t- Solving hidden number problem + Coppersmith's attack on partial `p` exposure on RSA.\n\t- Crypto 995 - christmas pockets - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/X-MAS/christmas_pockets)\n\t\t- Classical knapsack cryptosystem is vulnerable to low density attack.\n- **HITCON CTF 2019 Quals**\n\t- Crypto 200 - Lost Modulus Again - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/HITCON/Lost_Modulus_Again)\n\t\t- Recover `n` to decrypt the flag since `d` is given.\n\t- Crypto 200 - Very Simple Haskell - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/HITCON/Very_Simple_Haskell)\n\t\t- Decrypt Naccache-Stern Knapsack problem by directly knowing the private key.\n- **KAPO 2019**\n\t- Crypto 1 - Lenstra-Lenstra-Lovasz - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/KAPO/Lenstra-Lenstra-Lovasz)\n\t\t- Recover `dp` by using Coppersmith's attack, and recover `p`.\n\t- Crypto 1 - Weak-Strong - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/KAPO/Weak-Strong)\n\t\t- ROCA attack.\n- **CSAW CTF Qualification Round 2019**\n\t- Crypto 400 - Fault Box - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/CSAW/Fault_Box)\n\t\t- Fault attack on RSA CRT with a slight twist.\n\t- Crypto 300 - SuperCurve - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/CSAW/SuperCurve)\n\t\t- Solving ECDLP when order is small.\n\t- Crypto 100 - count on me - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/CSAW/count_on_me)\n\t\t- Misdesigned block cipher leads to information leakage.\n- **Affinity CTF 2019 Quals**\n\t- Crypto 500 - Epic Poem - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/Affinity/Epic_Poem)\n\t\t- XOR encryption, guessing based on flag format.\n\t- Crypto 350 - GolanG Heights - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/Affinity/GolanG_Heights)\n\t\t- Solve quartic equation to factor `n` on RSA.\n- **HackCon 2019**\n\t- Crypto 467 - AgainAndAgainAndAgain - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/HackCon/AgainAndAgainAndAgain)\n\t\t- Multiple encryption with Rabin cryptosystem.\n- **Crypto CTF 2019**\n\t- Crypto 314 - NSA basement - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/CryptoCTF/NSA_basement)\n\t\t- Factoring `n` using gcd, decryption with OAEP on multiprime condition.\n\t- Crypto 166 - Alone in the dark - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/CryptoCTF/Alone_in_the_dark)\n\t\t- Solving pellian equation.\n- **ISITDTU CTF 2019 Quals**\n\t- Crypto 304 - Chaos - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/ISITDTU/Chaos)\n\t\t- Simple substitution cipher.\n\t- Crypto 100 - Easy RSA 1 - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/ISITDTU/Easy_RSA_1)\n\t\t- `n` and `e` have similar size, so apply Boneh-Durfee attack.\n\t- Crypto 919 - Easy RSA 2 - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/ISITDTU/Easy_RSA_2)\n\t\t- Crack multiprime RSA with Fermat factorization.\n\t- Crypto 238 - Old Story - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/ISITDTU/Old_story)\n\t\t- Base64 encoding with guessing.\n\t- Crypto 395 - decrypt to me - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/ISITDTU/decrypt_to_me)\n\t\t- Weak prng.\n- **Facebook CTF 2019**\n\t- Crypto 974 - netscream - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/Facebook/netscream)\n\t\t- Dual_EC_DRBG with some reversing.\n\t- Crypto 919 - storagespace - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/Facebook/storagespace)\n\t\t- Order of curve is small, use sage's `discrete_log()` function.\n- **DEF CON CTF Qualifier 2019**\n\t- Crypto 182 - tania - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/DEFCON/tania)\n\t\t- DSA with LCG nonces are broken using LLL, or apply biased nonce attack.\n- **Harekaze CTF 2019**\n\t- Crypto 200 - Now We Can Play!! - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/Harekaze/Now_We_Can_Play)\n\t\t- Simple bruteforcing problem.\n\t- Crypto 100 - ONCE UPON A  TIME - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/Harekaze/ONCE_UPON_A_TIME)\n\t\t- Hill cipher with randomness and padding.\n\t- Crypto 200 - Show me your private key - [Writeup](https://github.com/pcw109550/write-up/tree/master/2019/Harekaze/show_me_your_private_key)\n\t\t- Order of elliptic curve defined over `Zmod(n)`, where `n` is composite.\n\n## 2018\n\n- **KAPO 2018**\n\t- Reversing 50 - hdbt - [Writeup](https://github.com/pcw109550/write-up/tree/master/2018/KAPO/hdbt)\n\t\t- Calculating inverse over finite field.\n\t- Reversing 50 - ezbt - [Writeup](https://github.com/pcw109550/write-up/tree/master/2018/KAPO/ezbt)\n\t\t- Consecutive XOR for inversion.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpcw109550%2Fwrite-up","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpcw109550%2Fwrite-up","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpcw109550%2Fwrite-up/lists"}