Connect to the Challenge Server
Connect to the challenge server using the host and port below to access the CTF challenge.
Problem Description
Welcome to the Quantum Authentication System! This advanced system uses quantum-inspired cryptography with AES-CBC encryption to secure user sessions. Your mission is to exploit quantum decoherence in the token validation system to forge an admin token.
The system implements a custom quantum encryption format but suffers from a critical padding oracle vulnerability. Different error messages reveal information about padding validity, allowing attackers to manipulate encrypted tokens.
🔍 Vulnerability: Padding Oracle Attack in AES-CBC
🔍 Hint: Modify ciphertext block N-1 to affect plaintext block N
Your Task:
1. Analyze the padding oracle through error messages
2. Use CBC bit-flipping to change user role to admin
3. Retrieve the quantum flag
Login to submit a solution.
Frequently Asked Questions
This is a expert level problem worth 250 points.
This is a ctf challenge problem in the Web category.
0 users have successfully solved this problem.
Related Problems
Try these similar problems to improve your skills