CSCBE18 blockchain data exfiltration challenge related info
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
312309.json
312322.json
LICENSE
README.md
address_response_footer
anal_blockfile.pl
anal_reqs.pl
btc_encrypt.go
data_exfil.pcap
data_requests
webserver.go

README.md

CSCBE18-dataexfill

This repository contains all information related to a challenge in the CSCBE 18 qualifiers. The challenge was based on data exfiltration using blockchain and consisted of three subchallenges

  • Blockshark
  • BlocksharkNado
  • BlocksharkNado vs Blocksharcopus

For the challenge a network capture file was provided data_exfil.pcap.

A writeup of the challenge was published on the NVISO blog.

The following files are provided:

datai_exfil.pcap: network capture used for the challenges

bt_encrypt.go: encrypts the message contained in secret.txt. Expects to have the 3123xy.json files in a data subfolder. Two files are provided, downloaded the other address blocks from blockchain.info.

webserver.go: the webserver that participants could use to check the working of the protocol. Also expects to have the 3123xy.json files in a data subfolder (see above). The address_response_footer file contains the footer for address responses.

anal_blockfile.pl and anal_reqs.pl: perl scripts used during the analysis that is described in the writeup.

Important !!!

The webserver is not intended to be run directly accessible from a hostile environment (read The Internet). Although care was taken to only accept very specific URL's and perform basic santity checking, this was my first decent-sized Go program I've written. During the CSCBE18 challenge it was set up behind an NGINX reverse proxy, which implemented basic filtering and rate limiting.

Kris Boulez - kris [dot] boulez [at] gmail [dot] com