This post contains a write-up of the Bluetooth Low Energy Capture the Flag (BLE CTF) as developed by hackgnar. The CTF teaches various core concepts of Bluetooth LE. A more advanced version is now available too, the BLE_CTF_INFINITY. Prerequisites After building and flashing the CTF to the target device (see the documentation for the required steps), ensure the bluetooth service is running using systemctl start bluetooth. Next verify the target device is discoverable: sudo hcitool lescan should return an entry like this: 30:AE:A4:26:2B:E6 BLECTF.
Right before the end of 2020 I completed the Holiday Hack Challenge 2020. Though it’s obviously not the first type this conference took place, it was the first time I participated. Below is my write-up of the primary objectives along with a selection of side-challenges. Objectives: Uncover Santa’s Gift List Investigate S3 Bucket Point-of-Sale Password Recovery Operate the Santavator Open HID Lock Splunk Challenge Solve the Sleigh’s CAN-D-BUS Broken Tag Generator ARP Shenanigans Defeat Fingerprint Sensor Naughty/Nice List with Blockchain Investigation (part 1, part 2) Challenges:
This year I participated in the Brixel CTF winter edition along with another player from the Darknet Diaries Discord community. Despite some stability issues on the server side this CTF had some fun puzzles although some more challenging puzzles would be appreciated for a future installment. Below is my write up of a few of them – I ended up solving a few more but I didn’t keep any notes on them.