Medium difficulty challenges.

BT logo

Your task is to investigate a suspicious webserver which we think is being used to pass messages by our suspect employee - see Qualifier One.  You will need to answer questions about what you find.  The server is provided to you as a VMX file.

There are 9 flags to find and 16 additional questions to answer.
 

This challenge tests your ability to investigate a small server and then to write at least two bespoke TCP/IP clients.  You will need to be able to reverse engineer simple protocols and solve some logic problems.

You can spend as long as you like on initial investigations, and developing and testing your client programs.


However the quiz itself has a time limit of 4 hours.

This game was used as a qualifier for the BT 2016 face to face event.

Alex Chaced is still at large.  It is imperative that we find a secure way to communicate with Alex.  Can you help ?

This is a light hearted game intended to test a variety of cyber security skills. The game is set up as a virtual machine that can be downloaded and run on either VMware or VirtualBox software.

  1. To participate please download and extract the file.
  2. Within this file you will find a VM.
  3. Run the OVF (Puppylizer.OVF) file with your favourite virtualisation software.
  4. Please don’t change any settings or the virtual machine may not function correctly.
  5. Once boot-up has completed the IP address of the VM will be displayed.

 

During the game you will need to collect 10 flags. The flags are in the form:

            The word “flag” followed by a colon then an md5 hash, you do not need to find the cleartext.

            “flag:72ca5c93acd491a7a757ed28483ffce8”

 

To answer the questions please paste the md5 ONLY. Each questions contains the first two characters of the flag that should be entered into the box i.e

            If the question were: “Please enter flag starting 72…”

            The answer would need to be an md5 starting 72

            e.g 72ca5c93acd491a7a757ed28483ffce8

               

The game broadly follows consecutive steps, once you have answered question 10 you have reached the end of the game – if you have missed any flags you may wish to go back and look over some parts again. After the questions there is a comment box, although this is not scored please provide an outline of the steps you took to complete the challenge – this will be used in the event of a tie breaker.

Best of luck! 

A Flagday Associates cyber training server has been intercepted at a hosting company and a VMX copy taken.

Your task is to investigate the server and then answer questions about what you find.

This challenge tests your ability to code fairly simple TCP/IP clients, and to think tangentially about when and how to bruteforce XOR encryption.

You can spend as long as you like on initial investigations, and developing and testing your client programs.
However the quiz itself has a time limit of 4 hours.