Forensic – Black Technology Royal

Solution: We can take a look in the first HTTP packet: The value of parameter x are start with 424d , It is header of bmp file. But there’re a lot of http packet. So my idea is to write a script to extract all the value out. Solution Script

from scapy.all import *
import scapy_http.http as http
import requests
import json
import dpkt


output = ""

pkts = rdpcap('C:\\Users\\Admin\\Desktop\\cap.pcap')
for p in pkts:
	if p.haslayer('HTTPRequest'):
		rawData = p.getlayer(Raw).load
		if "&amp;x=" in rawData:
			output = output + rawData[rawData.find("x="):].replace("x=","")
	
with open("flag.bmp","wb") as f:
	f.write(output.decode('hex'))
	f.close()

from scapy.all import *

import scapy_http.http as http

import requests

import json

import dpkt

output = ""

pkts = rdpcap('C:\\Users\\Admin\\Desktop\\cap.pcap')

for p in pkts:

if p.haslayer('HTTPRequest'):

rawData = p.getlayer(Raw).load

if "&x=" in rawData:

output = output + rawData[rawData.find("x="):].replace("x=","")

with open("flag.bmp","wb") as f:

f.write(output.decode('hex'))

f.close()

Output

Jordan & Tunisia National CTF by CyberTalents Offline

2018-06-28 20:50pm ~ 2018-06-30 20:50pm (GMT+08:00)
[ Duration: 2 Days 0 Hours ]

Register Status: Open
★ Descriptions ★
This is the Qualification phase for Tunisia & Jordan National Cyber Security CTF. Players should be living either in any of the two countries to participate in the final round. Students and professionals are allowed to play.
Click here to access CTFTime for this event

Read less

Carthage Cyber Arena Finals by Carthage Cyber Arena Offline

2018-06-28 23:30pm ~ 2018-06-29 23:30pm (GMT+08:00)
[ Duration: 1 Days 0 Hours ]

Register Status: Open
★ Descriptions ★
Carthage Cyber Arena Conference And CTF Finals will include 7 first teams from CCA Quals ( local teams ) and 7 invited foreign teams

CTF will include
*Web Security
*Reverse Engineering
*Pwning
*Digital Forensics
*IOT
*Hardware

Click here to access CTFTime for this event

Read less

Nuit du Hack CTF Finals 2018 by nuitduhack Offline

2018-07-01 04:00am ~ 2018-07-01 13:00pm (GMT+08:00)
[ Duration: 0 Days 9 Hours ]

Register Status: Open
★ Descriptions ★
As a long-time partner of the Nuit du Hack event, Sysdream has been hosting the Capture The Flag challenge for years. This time, we will welcome the top 10 teams, that passed the online qualification of last March, for a night of competition. The challenge will follow the attack- defense format: every team has an identical network and uses its skills to find, exploit and patch vulnerabilities under constant enemy fire. On site, the public dashboard will display most of the information.
Click here to access CTFTime for this event

Read less

Tag: Forensic

[CSAW2017] – Missed Registration

[Bugs Bunny] For80 – 80pt