CTF@AC 2025 Finals We (Paolo) partecipated this CTF in Timișoara from Fri, 07 Nov. 2025, 16:00 CET until Sun, 09 Nov. 2025, 10:00 CET arriving 2nd overall 🥳. Even though it was our first experience as a CTF in an international contest we managed to have real fun while solving these challenges. Team components that partecipated: Marco Balducci (@Cryingfreeman74) Alan Davide Bovo (@Hecker404) Enea Maroncelli (@Zazaman) ...
CTF@AC 2025 Quals Web 🌐 money Analysis The challenge exposes a minimal dashboard that supports third‑party plugins. When we upload a plugin, the platform also lets us download any existing ones (including the official flag.plugin). Exploit After downloading flag.plugin, we notice it’s encrypted. The server.py file contains both the key and the function to decrypt it, so we can locally decrypt it using decrypt_file. KEY = b"SECRET_KEY!123456XXXXXXXXXXXXXXX" def decrypt_file(input_path, output_path, key): with open(input_path, "rb") as f: data = f.read() iv = data[:16] ciphertext = data[16:] cipher = AES.new(key, AES.MODE_CBC, iv) plaintext = unpad(cipher.decrypt(ciphertext), AES.block_size) with open(output_path, "wb") as f: f.write(plaintext) The decrypted flag.plugin init.py contains the following code: ...