Gian Klug

swiss hacking challenge 2024 - what-is-a-pin

Posted on May 1, 2024
Tags: SHC24 Writeup

Difficulty: easy

Category: forensics

Author: NoRelect

The security departement recently introduced smartcards for everybody. Sadly, not everybody remembers their pin all the time. Because of the many pin reset requests, Bob from the helpdesk has started to sniff USB traffic to help with forgotten pins faster. Just don’t tell the security departement about it!

Flag format: shc2024{pin}

Hint: OpenPGP smartcard application specification

Files

We get a apdu.pcapng file, which we can open up in wireshark.

Exploitation

To properly view the ISO 7816 commands, we can set the following decoding settings:

Wireshark decoding settings

Afterwards we notice the following packet:

Verify packet

According to the OpenPGP spec, the body of this packet contains the PIN that the user entered.

When decoding this from hex, we get the flag:

Flag

shc2024{&>vL{T}

Conclusion

I spent hours on this because I didn’t think the flag would be in such a weird format.

Great job at trolling @NoRelect ^^