Aug 27, 2009

BruCON wifi puzzle winner & the solution

Of all the submissions, we received 5 correct answers. Out of those, Tyler H. is the winner.

Other persons to submit a correct answer were:
  • Jo B.
  • Pascal R.
  • Phil A.
  • Patrick H. (from Redteam Pentesting who was also the winner of the first challenge)
Here is the solution of the wifi puzzle provided by Didier Stevens. A big thanks to him for all his hard work and dedication! All participants expressed they had loads of fun with this challenge. For more puzzles, join the Hex Challenge at BruCON.

Solution:

Here's one way to solve the Brucon WiFi Puzzle: open the capture file with Wireshark.

The capture file contains one beacon frame for the brucon09wifi network. If you're a bit familiar with beacon frames, one tag will stand out: the vendor specific tag which Wireshark can't interpret because it's from a vendor it doesn't know.

bruconwifipuzzle-1

The hidden data is inside the vendor specific tag. Select it and export the selected bytes:

bruconwifipuzzle-2b

How do you decode this data? You can try all types of encoding and encryption schemes, but to prevent you from wasting time trying countless possibilities, I've given you a hint in the name of the vendor: XortecOy. The data is XOR-encrypted. And the key is tecOy. ;-)

Open the saved bytes with Cryptool:

bruconwifipuzzle-3

And apply XOR-decryption with key tecOy:

bruconwifipuzzle-4

Et voilĂ !

No comments:

Post a Comment