This repository contains all information related to a challenge in the CSCBE 18 qualifiers. The challenge was based on data exfiltration using blockchain and consisted of three subchallenges
- BlocksharkNado vs Blocksharcopus
For the challenge a network capture file was provided data_exfil.pcap.
A writeup of the challenge was published on the NVISO blog.
The following files are provided:
datai_exfil.pcap: network capture used for the challenges
bt_encrypt.go: encrypts the message contained in secret.txt. Expects to have the 3123xy.json files in a data subfolder. Two files are provided, downloaded the other address blocks from blockchain.info.
webserver.go: the webserver that participants could use to check the working of the protocol. Also expects to have the 3123xy.json files in a data subfolder (see above). The address_response_footer file contains the footer for address responses.
anal_blockfile.pl and anal_reqs.pl: perl scripts used during the analysis that is described in the writeup.
The webserver is not intended to be run directly accessible from a hostile environment (read The Internet). Although care was taken to only accept very specific URL's and perform basic santity checking, this was my first decent-sized Go program I've written. During the CSCBE18 challenge it was set up behind an NGINX reverse proxy, which implemented basic filtering and rate limiting.
Kris Boulez - kris [dot] boulez [at] gmail [dot] com