THM - Flip

3 min readMar 22, 2025

A writeup for the room Flip on TryHackMe

Hey, do a flip!

Flip

Hey, do a flip!

tryhackme.com

Footprinting

The source code of the application is provided and you can see that it is written in Python.

The application is a socket server listening on port 1337 that can be interacted with using tools like netcat.

The only thing that can be noticed is that the application is built around the AES implementation using CBC mode with block size 16.

Whenever we try to log in with fake credentials, we get a valid ciphertext that can be used to reconstruct the relative plaintext.

Next, we are asked to enter a new ciphertext to be used for authentication.

Since we have a known plaintext with AES CBC, the application is vulnerable to bit flipping.

Flag

Bit flipping attack

In the CBC mode of operation, decryption is done by xoring the previous ciphertext block with the current decrypted one.

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Continue in app

Or, continue in mobile web

Already have an account? Sign in

Written by Francesco Pastore

207 followers

65 following

CS & Engineering student

No responses yet

Write a response

What are your thoughts?

Recommended from Medium

TryHackMe | OWASP Top 10 2025: Application Design Flaws | WriteUp

Learn about A02, A03, A06, and A10 and how they related to design flaws in the application

Nov 16, 2025

OWASP Top 10 2025: IAAA Failures Walkthrough Notes | TryHackMe

Hands-on IAAA security walkthrough covering access, auth, and logging.

Nov 15, 2025

🕵️ PS Eclipse | TryHackMe Walkthrough

Hey everyone 👋 In today’s blog, we’re diving into the PS Eclipse room on TryHackMe. This challenge is all about using Splunk to…

Sep 7, 2025

THM - Invite Only

A writeup for “Invite Only” on TryHackMe

Sep 20, 2025

Operation Slither Writeup| TryHackMe

his walkthrough details Operation Slither room on TryHackMe, focusing on OSINT techniques to track operators across social platforms and…

Feb 2

Linux Threat Detection 1: TryHackMe Walkthrough for SOC Analysts & Forensics Learners

Discover how to identify SSH attacks and analyze Linux logs using the grep command.

Sep 25, 2025

See more recommendations

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech

THM - Flip

Flip

Hey, do a flip!

Footprinting

Flag

Bit flipping attack

Create an account to read the full story.

Written by Francesco Pastore

No responses yet

More from Francesco Pastore

THM - When Hearts Collide

A writeup for “When Hearts Collide” on TryHackMe.

THM - TryHeartMe

A writeup for “TryHeartMe” on TryHackMe.

THM - Invite Only

A writeup for “Invite Only” on TryHackMe

THM - Injectics

A writeup for the room Injectics on TryHackMe

Recommended from Medium

TryHackMe | OWASP Top 10 2025: Application Design Flaws | WriteUp

Learn about A02, A03, A06, and A10 and how they related to design flaws in the application

OWASP Top 10 2025: IAAA Failures Walkthrough Notes | TryHackMe

Hands-on IAAA security walkthrough covering access, auth, and logging.

🕵️ PS Eclipse | TryHackMe Walkthrough

Hey everyone 👋 In today’s blog, we’re diving into the PS Eclipse room on TryHackMe. This challenge is all about using Splunk to…

THM - Invite Only

A writeup for “Invite Only” on TryHackMe

Operation Slither Writeup| TryHackMe

his walkthrough details Operation Slither room on TryHackMe, focusing on OSINT techniques to track operators across social platforms and…

Linux Threat Detection 1: TryHackMe Walkthrough for SOC Analysts & Forensics Learners

Discover how to identify SSH attacks and analyze Linux logs using the grep command.

THM - Flip

Flip

Hey, do a flip!

Footprinting

Flag

Bit flipping attack​

Create an account to read the full story.

Written by Francesco Pastore

No responses yet

More from Francesco Pastore

THM - When Hearts Collide

A writeup for “When Hearts Collide” on TryHackMe.

THM - TryHeartMe

A writeup for “TryHeartMe” on TryHackMe.

THM - Invite Only

A writeup for “Invite Only” on TryHackMe

THM - Injectics

A writeup for the room Injectics on TryHackMe

Recommended from Medium

TryHackMe | OWASP Top 10 2025: Application Design Flaws | WriteUp

Learn about A02, A03, A06, and A10 and how they related to design flaws in the application

OWASP Top 10 2025: IAAA Failures Walkthrough Notes | TryHackMe

Hands-on IAAA security walkthrough covering access, auth, and logging.

🕵️ PS Eclipse | TryHackMe Walkthrough

Hey everyone 👋 In today’s blog, we’re diving into the PS Eclipse room on TryHackMe. This challenge is all about using Splunk to…

THM - Invite Only

A writeup for “Invite Only” on TryHackMe

Operation Slither Writeup| TryHackMe

his walkthrough details Operation Slither room on TryHackMe, focusing on OSINT techniques to track operators across social platforms and…

Linux Threat Detection 1: TryHackMe Walkthrough for SOC Analysts & Forensics Learners

Discover how to identify SSH attacks and analyze Linux logs using the grep command.

Bit flipping attack