For this years hack.lu CTF I felt like creating a challenge. Since I work a lot with TLS it was only natural for me to create a TLS challenge. I was informed that TLS challenges are quite uncommon but nevertheless I thought it would be nice to spice the competition up with something "unusual". The challenge mostly requires you to know a lot of details on how the TLS record layer and the key derivation works. The challenge was only solved by one team (0ops from China) during the CTF. Good job!
Wednesday, October 30, 2019
Subscribe to:
Posts (Atom)
Beliebte Posts
-
When evaluating the security of XML based services, one should always consider DTD based attack vectors, such as XML External Entities (XXE)...
-
Inspired by James Kettle 's great OWASP AppSec Europe talk on CORS misconfigurations, we decided to fiddle around with CORS security i... -
Printers belong arguably to the most common devices we use. They are available in every household, office, company, governmental, medic... -
In this post, we provide a security analysis of Microsoft Rights Management Services (RMS) and present two working attacks: We complete... -
One year ago, we received a contract as a PDF file. It was digitally signed. We looked at the document - ignoring the "certificate is n...