dc2021q - pza999
This was a jeopardy challenge, part of dc2021q.
This challenge was represented as 💫
OOO Corp is proud to unveil the PZA999, a new top-of-the-line ethernet device. Before these devices are available for purchase, we've provided our developer environment to download. Inside you'll find everything you need to get started, a PZA999 emulator and the source code for our PZA999 driver. Make a TCP connection to the IP and port below to receive instructions on how to connect to a remote PZA999. Flag is in
This challenge presented players with a vulnerable network driver, a made-up emulated networking device (the PZA999, implemented in QEMU), and a small TFTP server. Source for the network driver was provided during the game, while QEMU and the TFTP server were given as non-stripped binaries. The goal was to compromise the remote kernel and achieve enough code execution to read /root/flag. Players could interact with the remote instance through a TFTP server listening on port 5556, this TFTP server was running as root, so compromising this service effectively would allow the player to read the flag.
The files released during the game are available at https://github.com/o-o-overflow/dc2021q-pza999-public/raw/main/service/pza999.tgz
This challenge had special hosting during the competition, and we don't currently support spawning VMs for it :(
See the source repository for more info.
None yet :(
If you wish, you can contribute some.