BtSCTF 2026 FCP writeup — CTF challenge breakdown

BtSCTF 2026 FCP: Recover In-Memory RSA Key, Decrypt Resumed TLS

Platform BreakTheSyntax CTF 2026 Difficulty Hard OS Linux Tags TLS, RSA, Go memory forensics, EMS PRF, session resumption FCP was a multi-step reverse-engineering and network-forensics challenge. You get a Go MCP (“Model Context Protocol”) server binary plus a PCAP of someone using it earlier. Buried in the capture is a get_flag call — but the live server’s get_flag endpoint has been rewritten to just return "no", so re-running it is useless. The challenge is to decrypt the historical traffic. Two specific design choices make this both possible and nontrivial. ...

May 16, 2026 · 8 min · 1498 words · CyberSecurity Elite Team
Educational content for authorized testing only. · Disclaimer · Editorial Policy · Sitemap