Friday, May 21, 2010

CITCTF write-ups, Defcon

As previously mentioned, last week-end was CIT CTF. It was great, thank you! Again, I played with Nibbles and wow.. we managed arrive in 1st place! Nibbles plans to release a document with our write-ups (instead of multiple blog posts), but meanwhile you can find some of my notes in my citctf directory:
  • Matryoshka: hundreds of nested passworded archives just like Russian nesting dolls. Questions were answered with google and automated extraction with some shell.
  • What is her name: interesting steganography, with embedded files into a picture, and finally the password revealed by diff'ing two pictures. And no, her name was not Darya ;)
  • Damned traffic: a weird tcpdump output with pictures, ICMP's, fragmented IP with UDP. I had fun playing with Python and my favourite network packet manipulation tool Scapy but did not find anything, nor any other team, and sadly staff did not release any hint.. I'm wondering if they plan to release the solution or if we will never find out what it was.
  • Time bomb: a real time bomb in BASIC code along with the schematics, we had to find the exact time & location of explosion. We thought we had it, but sadly we failed :( I'm looking forward other write-ups to understand what it really was.
Update: very good writeups by @citizen_stig.

And as you probably know this week-end there is another competition: Defcon CTF Quals. First time for me, again playing with Nibbles, we will try to have fun and do our best! Good luck if you are a player too.

No comments:

Post a Comment