بعد ما راجعت و اتاكد اتعلمت حاجه جديده اني مش استعجل علي الحاجه
صحيح شكلها يبان انها فعلا xss بس الحقيقه لا و هربط مقوله دي بكل شئ
طلما مفيش impact مفيش Vulnerability
العيب مش فل غلط العيب اني اصحح الغلط و المره الجايه هتاكد ميت مره و شكرا لكل واحد قالي كلمه كويسه و شكرا بردو الي قلي كلمه وحشه
ف لاتنين انا اتعلمت و استفدت
و انت اكيد يلي بتقراء استفدت من الموقف دا و اشوفكم على خير 🤍✌🏻
صحيح شكلها يبان انها فعلا xss بس الحقيقه لا و هربط مقوله دي بكل شئ
طلما مفيش impact مفيش Vulnerability
العيب مش فل غلط العيب اني اصحح الغلط و المره الجايه هتاكد ميت مره و شكرا لكل واحد قالي كلمه كويسه و شكرا بردو الي قلي كلمه وحشه
ف لاتنين انا اتعلمت و استفدت
و انت اكيد يلي بتقراء استفدت من الموقف دا و اشوفكم على خير 🤍✌🏻
❤3
🚩 New CTF Writeup – Breizh CTF
I’ve just published a technical writeup for the Authentification challenge from Breizh CTF, focusing on a flawed implementation of AES-GCM at the counter management level.
This is not just about “nonce reuse is bad”.
The writeup walks through how :
Misusing the J₀ counter
Breaks both confidentiality and integrity
Allows recovery of the GHASH key (H)
And enables full forgery of a valid admin token
The goal was to explain why this class of bugs is terminal in AEAD schemes, not just how to exploit it.
🔗 Full writeup on Medium :
https://spider1sec.medium.com/breizh-ctf-authentification-9707750140bc
#BreizhCTF #CTF #Cryptography #AESGCM #CyberSecurity #InfoSec #Writeup #Medium
I’ve just published a technical writeup for the Authentification challenge from Breizh CTF, focusing on a flawed implementation of AES-GCM at the counter management level.
This is not just about “nonce reuse is bad”.
The writeup walks through how :
Misusing the J₀ counter
Breaks both confidentiality and integrity
Allows recovery of the GHASH key (H)
And enables full forgery of a valid admin token
The goal was to explain why this class of bugs is terminal in AEAD schemes, not just how to exploit it.
🔗 Full writeup on Medium :
https://spider1sec.medium.com/breizh-ctf-authentification-9707750140bc
#BreizhCTF #CTF #Cryptography #AESGCM #CyberSecurity #InfoSec #Writeup #Medium
❤1
Quo vadis? — ECSC 2024 (Italy)
I recently solved “Quo vadis?”, a cryptography challenge from ECSC 2024 (Italy), published on CryptoHack.
The challenge was solved by only 8 participants, and I also wrote a full technical write-up explaining the solution in depth.
What made this challenge special wasn’t implementation difficulty, but the core idea :
Working with Galois Rings rather than common finite fields
Exploiting isomorphisms between different ring constructions
Reducing the problem to linear algebra over ℤ / 2ᵏℤ
Using Newton lifting to move solutions across ring levels
This was a reminder that advanced crypto CTFs are often less about tools, and more about mathematical understanding and clean reasoning.
I shared a detailed write-up covering:
The mathematical insight behind the challenge
The full solving strategy
Implementation details in Sage
🔗 Write-up :
https://spider1sec.medium.com/quo-vadis-ecsc-2024-italy-cryptohack-70cd091be2b8
#Cryptography #AppliedCryptography #Mathematics
I recently solved “Quo vadis?”, a cryptography challenge from ECSC 2024 (Italy), published on CryptoHack.
The challenge was solved by only 8 participants, and I also wrote a full technical write-up explaining the solution in depth.
What made this challenge special wasn’t implementation difficulty, but the core idea :
Working with Galois Rings rather than common finite fields
Exploiting isomorphisms between different ring constructions
Reducing the problem to linear algebra over ℤ / 2ᵏℤ
Using Newton lifting to move solutions across ring levels
This was a reminder that advanced crypto CTFs are often less about tools, and more about mathematical understanding and clean reasoning.
I shared a detailed write-up covering:
The mathematical insight behind the challenge
The full solving strategy
Implementation details in Sage
🔗 Write-up :
https://spider1sec.medium.com/quo-vadis-ecsc-2024-italy-cryptohack-70cd091be2b8
#Cryptography #AppliedCryptography #Mathematics
❤5
البث يوم الجمعه الجايه 🤍
The broadcast will be at the end of the week 🤍
The broadcast will be at the end of the week 🤍
❤1
Solved Wonky AES cryptography challenge on Hack The Box 🔐
The challenge involved an AES implementation with an intentional fault injection during encryption.
By analyzing the source code and
applying Differential Fault Analysis (DFA)
I was able to :
Recover the AES round-10 key
Reverse the AES key schedule
Decrypt the encrypted flag successfully
This challenge was a great reminder that cryptography breaks often come from implementation flaws, not the algorithm itself.
Full write-up 👇
https://spider1sec.medium.com/hackthebox-wonky-aes-1c94e0f94666
#CTF #Cryptography #HackTheBox #CyberSecurity #AES
The challenge involved an AES implementation with an intentional fault injection during encryption.
By analyzing the source code and
applying Differential Fault Analysis (DFA)
I was able to :
Recover the AES round-10 key
Reverse the AES key schedule
Decrypt the encrypted flag successfully
This challenge was a great reminder that cryptography breaks often come from implementation flaws, not the algorithm itself.
Full write-up 👇
https://spider1sec.medium.com/hackthebox-wonky-aes-1c94e0f94666
#CTF #Cryptography #HackTheBox #CyberSecurity #AES
❤2
اللهم صلّ وسلم على نبينا محمد
من قرأ سورةَ ( الكهفِ ) في يومِ الجمعةِ أضاء له من النورِ ما بين الجمُعَتَين
خلاصة حكم المحدث : صحيح
الراوي : أبو سعيد الخدري | المحدث : الألباني | المصدر : صحيح الترغيب | الصفحة أو الرقم : 736
| التخريج : أخرجه البيهقي (6209) واللفظ له، وأخرجه الحاكم (3392) باختلاف يسير
من قرأ سورةَ ( الكهفِ ) في يومِ الجمعةِ أضاء له من النورِ ما بين الجمُعَتَين
خلاصة حكم المحدث : صحيح
الراوي : أبو سعيد الخدري | المحدث : الألباني | المصدر : صحيح الترغيب | الصفحة أو الرقم : 736
| التخريج : أخرجه البيهقي (6209) واللفظ له، وأخرجه الحاكم (3392) باختلاف يسير
❤4
تقيم البث المباشر 🤍
Anonymous Poll
50%
ممتاز
30%
جيد جدا
10%
جيد
10%
متوسط
0%
سئ
0%
سئ جدا
0%
مش تعمل بث مباشر تاني 🙂
❤1
الحمدالله 🤍
انا و تيم MindCrafters مركز 28 في 0xL4ugh CTF v5 و من نجاح لي نجاح ان شاء الله
Alhamdulillah 🤍
Proud to share that my team MindCrafters achieved 28th place in 0xL4ugh CTF v5.
Grateful for the teamwork, late nights, and collective mindset that turned challenges into learning wins.
Onward to sharper skills, tougher battles, and higher ranks 🚀🔐
انا و تيم MindCrafters مركز 28 في 0xL4ugh CTF v5 و من نجاح لي نجاح ان شاء الله
Alhamdulillah 🤍
Proud to share that my team MindCrafters achieved 28th place in 0xL4ugh CTF v5.
Grateful for the teamwork, late nights, and collective mindset that turned challenges into learning wins.
Onward to sharper skills, tougher battles, and higher ranks 🚀🔐
❤3
لاسبوع الجاي هنفتح بث نحل في ctfs من pico 🤍
تاريخ البث : يوم الجمعه الساعه 6 بتوقيت مصر
تاريخ البث : يوم الجمعه الساعه 6 بتوقيت مصر
❤6