CTF Meetup: gnuradio Lab Challenge and More

ctf, gnuradio

Back on track after RuCTF, and we'll start with an overview of the AVR architecture, which is relevant for the current lab exercise of Advanced Internet Security. We'll also show how the gnuradio challenge can be solved without actually using gnuradio and afterwards we're gonna pick one CTF challenge and work on it. Where: @FH4, TU Wien (Wiedner Hauptstraße 8-10, 1040 Wien, Yellow Area) When: Thursday, 15.11.2018, 18:30 (CET) What: AVR Architecture Overview Working on the signal.dump without gnuradio Reviewing/Working on...

Read More
CTF Meetup: Lab Challenge Review and RuCTF

RuCTF, botnet-takedown

Today we'll be giving a walkthrough of the first lab challenge of Advanced Internet Security, botnet-takedown, and we're gonna talk about the (Russian) elephant in the room: RuCTF. The CTF will happen on Saturday and we'll meet up at 10:00 CET, let us know if you want to join in. Where: @FH4, TU Wien (Wiedner Hauptstraße 8-10, 1040 Wien, Yellow Area) When: Thursday, 08.11.2018, 18:30 (CET) What: botnet-takedown Walkthrough RuCTF: Gameplay and Infrastructure...

Read More
SECCON 2018 Quals - Special instructions

reversing

General problem description We were given a moxie ELF-Binary which was implementing the xorshift32 PRNG algorithm. The flag and some additional random values were hard-coded into the elf. Solution Similar to the Special device file challenge the binary took the flag xored with a random value hard-coded into to binary and xored again with a value taken from the xorshift32 algorithm. The catch was again, that we didn't know the correct configuration of the algorithm only the seed and...

Read More
SECCON 2018 Quals - Runme

reversing

General problem description Given was a Windows binary, which was apparently waiting to be started with the correct cmd arguments. Solution The binary checked character by character the cmd arguments with a hard-coded value which was: "C:\\Temp\\SECCON2018Online.exe" SECCON{Runn1n6_P47h} The flag was: SECCON{Runn1n6_P47h}...

Read More
SECCON 2018 Quals - Special device file

reversing

General problem description We were given a arm64 ELF-Binary which was accessing a special device named xorshift64. The flag and some additional random values were hard-coded into the elf. Solution The ELF does more-or-less the same as this pseudocode: # init device #with open('/dev/xorshift64', 'r') as d: d.write(0x139408fcbbf7a44) # decode flag with open('/dev/xorshift64', 'r') as d: for i Read More


SECCON 2018 Quals - Needle in a haystack

Media

General problem description We got a 9 hours long video captured with a webcam on the top of a tall building in Tokyo(?). Find the flag. Solution First our guess was, that there will be a single frame which shows the flag, but fast-forwarding the video did not reveal anything like that. The next idea was to export every frame and use fuzzy hashing to find very different frames. While the script was doing the exporting we were fast-forwarding the...

Read More
HITCON 2018 - EV3 Scanner

MISC

General problem description Similar to the previous challenge we got two images (see below) and a pcap. Solution Like before we use the found wireshark dissector to see what happens. However this time we find way more relevant packages than before. After some filtering we identified, that the base station sends only four different commands: OUTPUT_TIME_SPEED: go in a direction with a constant speed for given time OUTPUT_STEP_SYNC: turn given "ticks" long OUTPUT_STEP_SPEED: go in...

Read More
HITCON 2018 - EV3 Basic

MISC

General problem description For this challenge we got a picture of a Lego Mindstorm EV3, which displays the flag partly (see below). And we also got a pcap (OK, it was in the apple PackageLogger format) with captured Bluetooth transmission. Solution The pcap shows Bluetooth traffic, and wireshark finds furthermore identifies RFCOMM protocol. Some of them includes additional data parts. If you dig around long enough on the internet you can find a wireshark dissector written...

Read More
Intro Meetup: Tool Overview

tools

Because we decided on the meetup date on relatively short notice, we'll give an overview of the tools we regularly use. If requested, we can go into detail into certain topics. Where: @FH4, TU Wien (Wiedner Hauptstraße 8-10, 1040 Wien, Yellow Area) When: Thursday, 18.10.2018, 18:30 (CEST) What: Tooling overview...

Read More
Navigation