KNIGHT CTF 2025 Writeup

Introduction⌗

Ayy, so this Monday was surprisingly not as depressing as Mondays usually are because I had a blast soloing KNIGHT CTF 2025 under team dark0rs3 (which sounds way cooler than it probably is). But hey, enough about me flexing my solo squad status—let’s get into the good stuff.

Reflections in Random (Crypto)⌗

We begin with the challenge info:

We were handed a file with the following details:

Cipher: PzExcRcFHQsdOxF2cR0WEXIPOQQWAQk=
Key: 0x42

Now, onto the solution. I threw together a quick Python script to handle the decryption:


from Crypto.Util.strxor import *
frombase64 import *

ciper = 'PzExcRcFHQsdOxF2cR0WEXIPOQQWAQk='

pluh = strxor(b64decode(cipher), (bytes.fromhex("42") * 50 [:=lenb64decode(cipher))])
print(pluh[::-1])

And boom, the output was::

Flag: KCTF{M0ST_34Sy_I_GU3ss}

Forward Yet It Falls Back (Crypto)⌗

This time, the file provided had the following:

base32: "G7G2DGQ5SY4DCK5YVUDRROJI3UOAUUNTVR6XKDOKQO4CAAKK2MJA===="
Key: b"0123456789ABCDEF"
iv:b"FEDCBA9876543210"

My solution script looked like this:


    from Crypto.Util.padding import *
    from Crypto.Cipher import AES
    from base64  *
    shit  = b32decode( 'G7G2DGQ5SY4DCK5YVUDRROJI3UOAUUNTVR6XKDOKQO4CAAKK2MJA===')
    key ='b"0123456789ABCDEF"'
    iv =  b"FEDCBA9876543210"  
    cipher = AES.new(key, AES.MODE_CBC, iv)
    flag = unpad(cipher.decrypt(shit), 16  )
    print(flag[::-1])

This gave me the output:

Flag: KCTF{R3vers3_R3vers3_D3C0DE}

Knight’s Droid (Reverse Engineering)⌗

For this one, we were handed a .apk file. Here’s how I cracked it:

Step 1: Launch APK Easy Tool
Step 2: Decompile the APK and start poking around the files.
Step 3: Found a file called secretkeyverifier.smali (yep, it caught my eye immediately). Inside was an encoded flag:


'GYPB{_ykjcnwp5_GJECDP_u0q_c0p_uKqN_Gj1cd7_zN01z_}'

Step 4: Used dcode.fr Cipher Identifier to figure out it was a Caesar cipher.
Step 5: Decoded it, and the flag was:

Flag: KCTF{_congrat5_KNIGHT_y0u_g0t_yOuR_Kn1gh7_dR01d_}

Knightcal (Web Challenge)⌗

This challenge was super sneaky. There was a simple calculator on a web page, and every time you performed a computation, it returned a response. After a bit of experimenting, it became clear that each number corresponded to a letter.

Computation: 0 + 7195

Flag: KCTF{_congR4t5_KNIGHT_f1naLLy_YOU_g07_tH3_r1gh7_m4tH_}

Until next one, peace out and happy hacking!

Read other posts

ECTF 2025 Writeup →