Post

N1CTF 2025

Two obfuscation-heavy reversing challenges that were excellent study material—and somehow attracted more solvers than I expected.

N1CTF 2025

N1CTF 2025 featured several obfuscation-heavy reversing challenges, so after the CTF I decided to write up the two that I found particularly interesting.

The obfuscation techniques in both challenges were genuinely fascinating. Once the underlying structure was understood, however, recovering the flag itself was relatively straightforward. I was therefore a little surprised to see more solvers than I had expected. Maybe the players were simply that good—or maybe LLMs have become frighteningly capable at this sort of thing.

Either way, both challenges gave me plenty to study, and I learned quite a bit while turning my notes into full write-ups. I hope you enjoy reading them.

Write-ups

n1vm

A decompiler-hostile binary that conceals conditional branches by hiding the state of EFLAGS. This write-up covers control-flow recovery, decompilation repair, and the remaining flag-checking logic.

True Operation Master

A layered reversing challenge involving packing, layout obfuscation, runtime hooking, pattern-based data-flow recovery, and a custom VM. The individual pieces are approachable, but together they make for a particularly rich analysis target.

This post is licensed under CC BY 4.0 by the author.