Finally I managed to solve the ROBOT CTF!

In my case, as my objective was understanding everything behind ROBOT, I prepared the code to perform the attack all by myself. The only library I used was gmplib, in order to perform big number arithmetics without having to implement it myself. Regarding tools, I used openssl and wireshark to analyze TLS traffic, comparing the captures from openssl connections with the TLS RFC in order to prepare my code to perform forged handshakes against the web server. As for the vulnerable web server to test all my code before starting with the CTF, I used a YAWS server. During the CTF, apart from the tools I had already developed, I used openssl as well to perform AES decryption and signature verification.

In fact, at the start solving the CTF was not one of my priorities, as I didn't think I would be able to solve it. But I started implementing more and more parts of the attack code in order to understand how it worked in the real world, and at the end I realized I had everything I needed to at least try to solve the first level of the CTF...

I'm preparing a document describing all the process, from the first time I read about ROBOT to the solving of the CTF (mostly a tale of too many frustrations and a few great successes :D), because I'm thinking about publishing it in my company's blog (https://www.s21sec.com/en/blog/ if you want to take a look ;) ), where I have already written some posts on DROWN and ROBOT (this last one has some errors I only realized after taking the CTF but I guess people only learn by doing... ;) ). Of course, never before February 1st. I can send you that document when it's ready if you want to take a look at it (although I guess you already have lots of stories about people solving the CTF, so maybe it's of little use for you...). Anything that appears on this mail or in that document is fully shareable (as, most likely, it will end up in my company's blog anyway if you don't have any objection)

I had a great time with the CTF and want to thank you for preparing it, helping me to better understand Bleichenbacher's oracle attacks and testing them against real-world servers. Keep up the good work!