write-ups-challenges-2019-2020/RubberDuckInc
2022-11-24 22:43:03 +01:00
..
readme.md initial commit 2022-11-24 22:43:03 +01:00
rubberduckinc-networklog.pcapng initial commit 2022-11-24 22:43:03 +01:00

Title: RubberDuckInc

Description: Welcome to Rubber Duck, Inc., the best rubber duck selling company in the World -- scratch that, Europe -- wait, Belgium... -- I meant Brussels... We sell all kinds of rubber ducks. Recently, some nasty hackers got really interested in our Point-of-Sales system. To alert us of any intrusions, we have installed a home-made cybersecurity alert system on our network. A couple of hours ago, this system had detected some kidn of malicious activity on our internal network. From what we can tell, one of our internal systems has been compromised to take part in some kind of hacker event. Luckily, just moments before we lost access to the entire network, our system sent us a complete log of all network traffic that occured immediately after the malicious activity got detected, and before we lost access to the system. Can you investigate what's going on and find the location of the flag?

Flag:

  • IG{Its_A-Good_Idea(To.Stretch[Your}Legs]Every0Once@In|A/While}

Hints:

  • First hint: Get out of your chair(s)!
  • Second hint: Geocaching is a thing people enjoy!

Files given:

rubberduckinc-networklog.pcapng

How the challenge works:

The pcap file contains some data about the location of the flag:

  • Latitude and Longitude
  • WiFi SSID and Password
  • Server IP and open ports

There is some noise in the data such as an open ssh connection, some pings, and the lyrics of Rick Astley's "Never Gonna Give You Up", however all important data can be found as http traffic on port 80.

There will be a WiFi network installed on-campus, on the given location, and with the given credentials. The flag can be retrieved by connecting to this network, opening a browser, and reading a flag.

A smartphone is sufficient to find the flag once on-site! No special devices are required.

How to deploy:

Physical deployment is handled by Robin Vanderstraeten!