Forensic – Black Technology Royal

Solution: We can take a look in the first HTTP packet: The value of parameter x are start with 424d , It is header of bmp file. But there’re a lot of http packet. So my idea is to write a script to extract all the value out. Solution Script

from scapy.all import *
import scapy_http.http as http
import requests
import json
import dpkt


output = ""

pkts = rdpcap('C:\\Users\\Admin\\Desktop\\cap.pcap')
for p in pkts:
	if p.haslayer('HTTPRequest'):
		rawData = p.getlayer(Raw).load
		if "&amp;x=" in rawData:
			output = output + rawData[rawData.find("x="):].replace("x=","")
	
with open("flag.bmp","wb") as f:
	f.write(output.decode('hex'))
	f.close()

from scapy.all import *

import scapy_http.http as http

import requests

import json

import dpkt

output = ""

pkts = rdpcap('C:\\Users\\Admin\\Desktop\\cap.pcap')

for p in pkts:

if p.haslayer('HTTPRequest'):

rawData = p.getlayer(Raw).load

if "&x=" in rawData:

output = output + rawData[rawData.find("x="):].replace("x=","")

with open("flag.bmp","wb") as f:

f.write(output.decode('hex'))

f.close()

Output

Meepwn CTF Final 2018 by MeePwn Offline

2018-08-25 10:00am ~ 2018-08-26 17:00pm (GMT+08:00)
[ Duration: 1 Days 7 Hours ]

Register Status: Open
★ Descriptions ★
>>>>> [1st] 1200 USD
>>>>> [2nd] 600 USD
>>>>> [3rd] 300 USD

Click here to access CTFTime for this event

Read less

NightHawk CTF 2018 by Lattice Offline

2018-08-25 16:00pm ~ 2018-08-27 07:00am (GMT+08:00)
[ Duration: 1 Days 15 Hours ]

Register Status: Open
★ Descriptions ★
We are CTF players in Taiwan. This is our first attempt to hold challenge in CTFTime. Your participation will enable us to make this event a major encouragement. Thanks for your time.

We hope to see you in the near future.
Click here to access CTFTime for this event

Read less

IceCTF 2018 by cRUcible Online

2018-09-01 00:00am ~ 2018-09-08 00:00am (GMT+08:00)
[ Duration: 7 Days 0 Hours ]

Register Status: Open
★ Descriptions ★
IceCTF is a computer security contest targeted at anyone with an interest in computer science. The game consists of a series of challenges where participants must reverse engineer, break, hack, decrypt, or do whatever it takes to solve the challenge. The challenges are all set up with the intent of being hacked, making it a great way to get some hands-on experience.

Challenge yourself and learn new concepts. You never really know how good you are at security and computer science until you really try it out. You might just win.

Don't know anything about computer science or cyber-security? Fear not. IceCTF is designed to accommodate both novice and advanced players alike. Many challenges will guide you to the right resources. As long as you're willing to learn and do a little research, most challenges should be within reach.
Click here to access CTFTime for this event

Read less

Tag: Forensic

[CSAW2017] – Missed Registration

[Bugs Bunny] For80 – 80pt