OSIsoft is back as a Capture The Flag sponsor for the third straight year. In addition to their financial support for S4 and the CTF, they create a lot of interesting flags for the CTF. And they have learned a lot about what types of flags are best for a CTF.
- At S4x15 they overestimated the skill and experience in hacking Pi, and the flags were too difficult for most of the players.
- At S4x16 they had a great mix of flags at all skill levels, but in many cases they required you to solve for flags in sequential order. This stopped a lot of the teams from attempting a portion of their flags.
Now in year 3 at S4x18 they are refining the flags further. They have 17 flags designed for the S4x18 CTF, so your team should do your homework on TCP/5450. Here are two examples of PI flag clues.
Maintenance bots can run uninterrupted for many years, which has led to neglect by administrative bots. Consequently, they still communicate with the PI Data Archive using an outdated protocol, which employs an archaic cipher. Gnireegne.pcap is a capture, obtained by a resistance operative, with a connection using the outdated PI authentication protocol, Explicit Login. They need you to analyze the capture and determine the credentials in the message.
Challenge: Robot Kryptonite
An inside operative for the resistance managed to exfiltrate a secret PDF from the OT network, using the PI System data as cover for action. That PDF file contains a report revealing the Killer Robots’ only weakness. Locate and reconstruct the document to recover the secret.
Send an email to firstname.lastname@example.org to signup your team for the S4xCTF, and stay tuned for more hints.