Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- NSA CODEBREAKER CHALLENGE
- https://codebreaker.ltsnet.net/
- So I'm working on a challenge for the NSA because I had an email that let me get into the contest. It seem that we have to extract an APK for a terrorist messaging app then break the encryption behind it. There is going to be 7 steps of things that you need to do in order to solve each part. I'm going to see how far I can get and will post the required files and other things so you guys can give it a shot.
- Task 1 - It Begins! - [Getting Started - Part 1] - (Network Traffic Analysis)
- There are many challenges that we will need to overcome in order to exploit TerrorTime. The first is that we do not yet have a copy of it. We have learned few details through intelligence sources, but the terrorists have managed to keep the app hidden. It is not publicly available on any App Store. Fortunately, as part of a recent military operation, specialized collection gear was forward deployed near the terrorist's area of operations. This resulted in a trove of collected traffic and we need your help to analyze it. Your first task is to find and extract a copy of the TerrorTime Android Package (APK) file from the packet capture. Submit the APK's SHA256 hash. This will help us search other intelligence sources for connections to users. To test out the app, we also need the registration information their leadership uses to register each client. Analyze the packet capture for this data and submit the registration information for 2 clients (in any order).
- Downloads: terrortime.pcapng
- https://mega.nz/#!V9MjXCLQ!Kg_cJTYTxkSr8zbtRjT8X3i36YhTCIQvwNE62oZAGWs
- Task 1
- Terrortime.apk SHA256 Hash
- 4d2dda433de4c0caba55f56b1fab3555eb05c2fa0a3ae1f369371f395ae385e0
- Creds:secrets
- rayyan--vhost-566@terrortime.app:7q4Pq7ZWPij6HG
- allison--vhost-566@terrortime.app:vcik2AUnTIo6sP
- Task 2
- App permissions from Androind Manifest
- INTERNET
- ACCESS_NETWORK_STATE
- SHA256 of Signing Cert
- ???
- Cert Signer Name
- Cert does not seem to be in the META-INF
- TASK 3
- Located in DB
- Missing?????
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement