Crypto e2W@rmup Sovled by: tl2cents 详细 wp 更新至博客 https://tl2cents.github.io/ 这种形式的 nonce 生成方式来自于 Bitcoin 中一种窃取私钥的后门 ECDSA 签名。详情可以参考这篇论文：the curious case of the half-half bitcoin ecdsa nonces。

This is our writeup to the challenge: Safeblogs Formula1 PDF attachment for Writeup

PDF attachment for Writeup

PDF attachment for Writeup

PDF attachment for Writeup

Crypto Frosty We could control the public key of verification, so we just let z=c, and make public key equal to the generator. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 from winpwn import * import json import subprocess io = remote('frosty.nc.jctf.pro', 4445) io.recvuntil('hashcash -mb26 ') check = io.recv(8) p = subprocess.Popen('E:\hashcash-0.32-win32-exe\hashcash-0.32-win32-exe\hashcash.exe -mb26 ' + check, shell=True, stdout=subprocess.PIPE) out, err = p.

Flag Checker https://blog.cirn09.xyz/2022/03/23/flag-checker/ Zer0TP Every time we register a new username, a secret is generated, and we need to guess out the secret by some side channel attack. Notice that we can rename , so the username is one side channel attacking parameter. Basically, we are presented with a following challenge: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 import os import base64 import zlib import hashlib def func(fld_id, username, secret): assert 4 <= len(username) < 50 token = zlib.