All my certificates in 2025 🤍
عام جديد سعيد لكم و ب اذن الله من تطور لي تطور لنا جميعا 🤍
عام جديد سعيد لكم و ب اذن الله من تطور لي تطور لنا جميعا 🤍
❤4
بعد ما راجعت و اتاكد اتعلمت حاجه جديده اني مش استعجل علي الحاجه
صحيح شكلها يبان انها فعلا xss بس الحقيقه لا و هربط مقوله دي بكل شئ
طلما مفيش impact مفيش Vulnerability
العيب مش فل غلط العيب اني اصحح الغلط و المره الجايه هتاكد ميت مره و شكرا لكل واحد قالي كلمه كويسه و شكرا بردو الي قلي كلمه وحشه
ف لاتنين انا اتعلمت و استفدت
و انت اكيد يلي بتقراء استفدت من الموقف دا و اشوفكم على خير 🤍✌🏻
صحيح شكلها يبان انها فعلا xss بس الحقيقه لا و هربط مقوله دي بكل شئ
طلما مفيش impact مفيش Vulnerability
العيب مش فل غلط العيب اني اصحح الغلط و المره الجايه هتاكد ميت مره و شكرا لكل واحد قالي كلمه كويسه و شكرا بردو الي قلي كلمه وحشه
ف لاتنين انا اتعلمت و استفدت
و انت اكيد يلي بتقراء استفدت من الموقف دا و اشوفكم على خير 🤍✌🏻
❤3
🚩 New CTF Writeup – Breizh CTF
I’ve just published a technical writeup for the Authentification challenge from Breizh CTF, focusing on a flawed implementation of AES-GCM at the counter management level.
This is not just about “nonce reuse is bad”.
The writeup walks through how :
Misusing the J₀ counter
Breaks both confidentiality and integrity
Allows recovery of the GHASH key (H)
And enables full forgery of a valid admin token
The goal was to explain why this class of bugs is terminal in AEAD schemes, not just how to exploit it.
🔗 Full writeup on Medium :
https://spider1sec.medium.com/breizh-ctf-authentification-9707750140bc
#BreizhCTF #CTF #Cryptography #AESGCM #CyberSecurity #InfoSec #Writeup #Medium
I’ve just published a technical writeup for the Authentification challenge from Breizh CTF, focusing on a flawed implementation of AES-GCM at the counter management level.
This is not just about “nonce reuse is bad”.
The writeup walks through how :
Misusing the J₀ counter
Breaks both confidentiality and integrity
Allows recovery of the GHASH key (H)
And enables full forgery of a valid admin token
The goal was to explain why this class of bugs is terminal in AEAD schemes, not just how to exploit it.
🔗 Full writeup on Medium :
https://spider1sec.medium.com/breizh-ctf-authentification-9707750140bc
#BreizhCTF #CTF #Cryptography #AESGCM #CyberSecurity #InfoSec #Writeup #Medium
❤1
Quo vadis? — ECSC 2024 (Italy)
I recently solved “Quo vadis?”, a cryptography challenge from ECSC 2024 (Italy), published on CryptoHack.
The challenge was solved by only 8 participants, and I also wrote a full technical write-up explaining the solution in depth.
What made this challenge special wasn’t implementation difficulty, but the core idea :
Working with Galois Rings rather than common finite fields
Exploiting isomorphisms between different ring constructions
Reducing the problem to linear algebra over ℤ / 2ᵏℤ
Using Newton lifting to move solutions across ring levels
This was a reminder that advanced crypto CTFs are often less about tools, and more about mathematical understanding and clean reasoning.
I shared a detailed write-up covering:
The mathematical insight behind the challenge
The full solving strategy
Implementation details in Sage
🔗 Write-up :
https://spider1sec.medium.com/quo-vadis-ecsc-2024-italy-cryptohack-70cd091be2b8
#Cryptography #AppliedCryptography #Mathematics
I recently solved “Quo vadis?”, a cryptography challenge from ECSC 2024 (Italy), published on CryptoHack.
The challenge was solved by only 8 participants, and I also wrote a full technical write-up explaining the solution in depth.
What made this challenge special wasn’t implementation difficulty, but the core idea :
Working with Galois Rings rather than common finite fields
Exploiting isomorphisms between different ring constructions
Reducing the problem to linear algebra over ℤ / 2ᵏℤ
Using Newton lifting to move solutions across ring levels
This was a reminder that advanced crypto CTFs are often less about tools, and more about mathematical understanding and clean reasoning.
I shared a detailed write-up covering:
The mathematical insight behind the challenge
The full solving strategy
Implementation details in Sage
🔗 Write-up :
https://spider1sec.medium.com/quo-vadis-ecsc-2024-italy-cryptohack-70cd091be2b8
#Cryptography #AppliedCryptography #Mathematics
❤5