Posts

CISSP Groupies @ Plaid CTF

I was invited by Montréal computer security team CISSP Groupies to participate in the Plaid CTF hosted by Plaid Parliament of Pwning (PPP).

While not a security guru or 31337 h4x0r like most of my teammates, I’m very interested in computer security and was really excited about this competition.

We finished 31st which is lower than what the team is used to, but we did represent Canada by being well ahead of our country’s second team (yay! first in Canada! :P).

Props to the Groupies, the PPP team, Foulab and everyone who participated in this CTF! I had a blast, learned a lot and can’t wait for the next event! 😀

Challenges

View the challenges

Download the challenge files

Photo Gallery

Time Lapse

Plaid CTF “Torrents” write-up

Note

This post is about a challenge from the Plaid CTF computer security competition. Check out this blog post for more information about the competition in general.

Challenge (200)

It turns out that robots, like humans, are cheap and do not like paying for their movies and music. We were able to intercept some torrent downloads but are unsure what the file being downloaded was. Can you figure it out?

The file is a wireshark capture containing a torrent transfer between 2 peers. We had to extract the data inside the pieces and sort them in the right order.

Solution

My solution is not as pretty as Squall’s or Michael’s but I’m pretty sure I’m the only one crazy enough that did it with Powershell instead of Python.

[powershell]# Ask tshark
$raw= & ‘tshark.exe’ -r torrent.pcap -R ‘bittorrent.piece.data’ -T fields -e bittorrent.piece.index -e bittorrent.piece.data -E separator=/s

# Split into pieces
$data = @{}
$raw -split ‘[nn]’ | ForEach-Object {
$packet = $_ -split ‘ ‘
if ($data.ContainsKey($packet[0])) { # There are 2 packets for each piece so we concat them here
$data.set_Item($packet[0], (‘{0}:{1}’ -f $data.get_Item($packet[0]), $packet[1]))
} else {
$data.Add($packet[0], $packet[1])
}
}

# Sort and concat
$HexString = [String] ”
$data.GetEnumerator() | Sort-Object Name | Select-Object Value | ForEach-Object {
$HexString += (‘{0}:’) -f $_.Value
}

# Convert hex to byte
$count = $hexString.Length
$byteCount = $count/3
$bytes = New-Object byte[] $byteCount
$byte = $null

$x = 0
for ( $i = 0; $i -le $count-1; $i+=3 )
{
$bytes[$x] = [Byte]::Parse($hexString.Substring($i,2), [System.Globalization.NumberStyles]::HexNumber)
$x += 1
}

# Write in a file
set-content -encoding byte ‘output’ -value $bytes[/powershell]

It was a bzipped file with a mp3 and a key containing the answer: t0renz0_v0n_m4tt3rh0rn.
Fun was had.