**Full write-up:** [https://www.sebven.com/ctf/2021/08/23/corCTF2021-babypad.html](https://www.sebven.com/ctf/2021/08/23/corCTF2021-babypad.html)

Cryptography – 484 pts (35 solves) – Chall author: willwam845

A clean AES-CTR Padding Oracle Attack challenge, no hurdles, no bs. We can send cipher texts to the server and it will tell us whether or not it succeeded to unpad the decrypted cipher text. This allows us to straight up use the server as a padding oracle to decrypt the encrypted flag.

Original writeup (https://www.sebven.com/ctf/2021/08/23/corCTF2021-babypad.html).