Description
The TV Hacks television channel SOC noticed some strange NTP packets going through their firewall in the wake of legitimate ones. These messages are headed to the equipment in charge of the generation of streams for the terrestrial TV.
An analysis conducted on the server didn’t find anything suspicious except a Linux kernel module which seems to help optimizing the IP streams sent to our broadcaster.
This module and an extract of a network capture are provided for a first analysis.
The equipment cannot be stopped under no circumstances: that would mean a black screen for all the viewers! If you could understand what the attacker does, we may avoid a national tragedy.
Files
-
ipopt.ko
29.89 KiB – fcfa4f3b16001e8c79076ad5cfdb3ebe5201587e9c406235218c5aa41b62e210 -
capture.pcap
696 B – 1ca1232dc8d422b42691bd07095b6850f4ace00f4e46f3617684e4f7b5f8bd4f
Author
Flag
Submit your solution
You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.
You need to be logged in to submit a writeup.
Writeups
There are no public solutions for this challenge yet, but you can submit yours after getting the flag.