csaw21

Writeups for CSAW 2021 CTF

View on GitHub

Tripping Breakers

Writeup by: USERNAME

Team: OnlyFeet

Writeup URL: GitHub

Attached is a forensics capture of an HMI (human machine interface) containing scheduled tasks, registry hives, and user profile of an operator account. There is a scheduled task that executed in April 2021 that tripped various breakers by sending DNP3 messages. We would like your help clarifying some information. What was the IP address of the substation_c, and how many total breakers were tripped by this scheduled task? Flag format: flag{IP-Address:# of breakers}. For example if substation_c's IP address was 192.168.1.2 and there were 45 total breakers tripped, the flag would be flag{192.168.1.2:45}.

Author: CISA

Initial Research

Word.

$ echo 'thingz'
thingz

Version Mismatches

Wordsz.

some output

Ancient History or Stegosarus Time

Moar Words

$ cat commands.txt
commands1
$ nmap 1.2.3.4
...

Victory

Submit the flag and claim the points:

flag{flag-goes-here}