Protocol Reverse Engineering

Date: 2025-01-29

Difficulty: Beginner

Delivered By: Percy Baker

Overview

Late last month, security researchers discovered vulnerabilities in power infrastructure throughout Central Europe. When power demand goes up or down, central transmitters will send control messages to receivers on power stations, instructing them to adjust their power output. The researchers discovered that by sending carefully crafted messages to the receivers, they could pretend to be a transmitter and adjust power stations' power output. Around 60 gigawatts worth of power generation capacity is vulnerable - enough to power all of Germany!

But how did they figure all this out without direct access to the transmitters or receivers? That's where protocol reverse engineering comes in.

By just looking at the messages being sent between two systems, we can figure out how they're communicating, and potentially trick them into doing something they shouldn't. In this session, we'll cover:

• The basics of client-server communication
• Finding and exploiting vulnerabilities in a server
• SecureChat™, a new and exciting chatroom application full of vulnerabilities for you to find

Prerequisites

• CyberChef can convert between text and decimal.
• A hexeditor like HxD may also be useful.

Session Link

The challenges are available at https://protocol-reveng.sucss.org/. You can pick any room you like, all the same flags are available in each one. There are multiple to try and reduce crowding, so if the room you're in is busy and it's hard to find anything useful in the network view you can switch to another room.