{"id":957,"date":"2009-08-27T10:58:00","date_gmt":"2009-08-27T10:58:00","guid":{"rendered":"https:\/\/www-new.brucon.org\/2018\/2009\/08\/27\/brucon-wifi-puzzle-winner-the-solution\/"},"modified":"2009-08-27T10:58:00","modified_gmt":"2009-08-27T10:58:00","slug":"brucon-wifi-puzzle-winner-the-solution","status":"publish","type":"post","link":"https:\/\/archive.brucon.org\/2023\/2009\/08\/27\/brucon-wifi-puzzle-winner-the-solution\/","title":{"rendered":"BruCON wifi puzzle winner &amp; the solution"},"content":{"rendered":"<p>Of all the submissions, we received 5 correct answers. Out of those, Tyler H. is the winner.<\/p>\n<p>Other persons to submit a correct answer were:<\/p>\n<ul>\n<li>Jo B.<\/li>\n<li>Pascal R.<\/li>\n<li>Phil A.<\/li>\n<li>Patrick H. (from Redteam Pentesting who was also the winner of the first challenge)<\/li>\n<\/ul>\n<p>Here is the solution of the wifi puzzle provided by <a href=\"http:\/\/blog.didierstevens.com\/\">Didier Stevens<\/a>. A big thanks to him for all his hard work and dedication! All participants expressed they had loads of fun with this challenge. For more puzzles, join the Hex Challenge at BruCON.<\/p>\n<p><span style=\"font-weight: bold\">Solution<\/span>:<\/p>\n<p>Here&#8217;s one way to solve the <a href=\"http:\/\/blog.brucon.org\/2009\/08\/hex-challenge-2-win-10-discount-on.html\" target=\"_blank\" class=\"broken_link\" rel=\"nofollow\">Brucon WiFi Puzzle<\/a>: open the capture file with <a href=\"http:\/\/www.wireshark.org\/\" target=\"_blank\">Wireshark<\/a>.<\/p>\n<p>The capture file contains one beacon frame for the brucon09wifi network. If you&#8217;re a bit familiar with beacon frames, one tag will stand out: the vendor specific tag which Wireshark can&#8217;t interpret because it&#8217;s from a vendor it doesn&#8217;t know.<\/p>\n<p><img class=\"alignnone size-full wp-image-1730\" title=\"bruconwifipuzzle-1\" src=\"http:\/\/didierstevens.wordpress.com\/files\/2009\/08\/bruconwifipuzzle-1.png\" alt=\"bruconwifipuzzle-1\" height=\"464\" width=\"643\" \/><\/p>\n<p>The hidden data is inside the vendor specific tag. Select it and export the selected bytes:<\/p>\n<p><img class=\"alignnone size-full wp-image-1733\" title=\"bruconwifipuzzle-2b\" src=\"http:\/\/didierstevens.wordpress.com\/files\/2009\/08\/bruconwifipuzzle-2b.png\" alt=\"bruconwifipuzzle-2b\" height=\"575\" width=\"640\" \/><\/p>\n<p>How do you decode this data? You can try all types of encoding and encryption schemes, but to prevent you from wasting time trying countless possibilities, I&#8217;ve given you a hint in the name of the vendor: XortecOy. The data is <a href=\"http:\/\/en.wikipedia.org\/wiki\/XOR_cipher\" target=\"_blank\">XOR-encrypted<\/a>. And the key is tecOy. \ud83d\ude09<\/p>\n<p>Open the saved bytes with <a href=\"http:\/\/www.cryptool.org\/\" target=\"_blank\">Cryptool<\/a>:<\/p>\n<p><img class=\"alignnone size-full wp-image-1732\" title=\"bruconwifipuzzle-3\" src=\"http:\/\/didierstevens.wordpress.com\/files\/2009\/08\/bruconwifipuzzle-3.png\" alt=\"bruconwifipuzzle-3\" height=\"380\" width=\"631\" \/><\/p>\n<p>And apply XOR-decryption with key tecOy:<\/p>\n<p><img class=\"alignnone size-full wp-image-1734\" title=\"bruconwifipuzzle-4\" src=\"http:\/\/didierstevens.wordpress.com\/files\/2009\/08\/bruconwifipuzzle-4.png\" alt=\"bruconwifipuzzle-4\" height=\"380\" width=\"631\" \/><\/p>\n<p>Et voil\u00e0!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Of all the submissions, we received 5 correct answers. Out of those, Tyler H. is the winner. Other persons to submit a correct answer were: Jo B. Pascal R. Phil A. Patrick H. (from Redteam Pentesting who was also the winner of the first challenge) Here is the solution of the wifi puzzle provided by Didier Stevens. A big thanks to him for all his hard work and dedication! All participants expressed they had loads&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25,26,28],"tags":[],"class_list":{"0":"post-957","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-hacking-challenge","7":"category-prizes","8":"category-tickets"},"menu_order":0,"_links":{"self":[{"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/posts\/957","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/comments?post=957"}],"version-history":[{"count":0,"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/posts\/957\/revisions"}],"wp:attachment":[{"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/media?parent=957"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/categories?post=957"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/tags?post=957"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}