CTF Flag From S4x18: Drink the Kool-Aid

We get a lot of questions about what S4 Capture The Flags are like. And people are looking for ways to prep and train for the S4x19 CTF. Here is an example of an offline flag related to OSIsoft PI from last year. This required pcap analysis rather than interaction with something on the CTF network.

This was a medium to high value flag, 200 points. I’ll post the answer in a link added to this post next week.

Don’t drink the Kool-Aid (200)

The robot IT team screwed up and some Killer Robot secrets were transmitted while security was misconfigured. The communications were captured in koolaid.pcap. Find the timestamp when the Robots’ recipe was switched to their deadly ingredient.

PCAP file for the flag

Big HINT For S4x19 CTF: Two of the more difficult PI challenges in the S4x19 CTF will involve custom plugins for the PI AF Server, also known as AF Data References.  Any competitor familiar with the implementation of custom plugins in PI AF will have a distinct advantage.  The PI Square post Design Choices for your Custom Data Reference will provide competitors with valuable insight for the reverse engineering components of those challenges.