In this blog post, I discuss my recent experience with CTF challenges and specifically focus on a challenge from 247CTF.com. I explore the use of ECB mode in block ciphers like AES or Twofish and explain why it isn’t a good idea for encryption. I provide the source code for the challenge and analyze it to understand how it works. I then demonstrate an attack on the implementation of the encryption scheme that leverages the weaknesses of ECB mode. By replacing encrypted segments and bypassing restrictions, I was able to obtain the flag. I highlight the importance of using cipher modes that provide diffusion and authentication to prevent such attacks.
https://znano.eu.org/blog/posts/hacking-a-ctf-do-not-use-ecb-mode-for-encryption