csaw21

Writeups for CSAW 2021 CTF

View on GitHub

The Magic Modbus

Writeup by: XAngryChairX

Team: OnlyFeet

Writeup URL: GitHub

Climb on the Magic Modbus and see if you can find some of the messages being passed around!

Initial Research

This challenge presents the security researcher with a pcap file download as the entry point to the challenge.

PCAP Download

Download the pcap file and open it in Wireshark or a related pcap analysis application.

PCAP Contents

Follow the stream

Note that a few packets have a dark background. These stand out, and provide an opportune entry point. Click the first packet with a dark background and follow the TCP stream.

TCP Stream

Upon inspection of the TCP stream, you can see some key characters of interest. Specifically, { and }. Also, the characters f, l, a, and g.

tcp stream

Solution

Following the pattern above, you can decipher the flag.

Submit the flag and claim the points:

flag{Ms_Fr1ZZL3_W0ULD_b3_s0_Pr0UD}