This is a write-up for some of the PLC / Critical Infrastructure challenges of BruCON. PLC: The Secret Ingredient This is an OT challenge where we interact with a real PLC. We are asked to “get the PLC program and rescue the company secret located in datablock 23”. The IP address of the PLC is 35.232.66.239:102. I solved this one with a team mate, and he did the most difficult part.

Crypto: Dragon’s Crib Our team spent considerable time on this challenge, which only provided 50 points in the end. True, it was easier than I had expected, but still I think it deserved more points. We are provided with an encryption algorithm, implemented in Python, and 5 ciphertexts: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 import binascii import random import sys SEED = random.

Forensics: Rexer This is what the challenge says: 1 2 3 4 5 6 7 The pattern is the key. \w*(3).+(T).*([s]).+(g).*([NT]r).*(u).+(L)\w+(Sm).*(N).*}$ asonV3l113UYnrvTfeJpsaeR}ZkJRvA{ThKgr730gnwWhYgVnNTSuhbpJ_BPn7Q8Q7mLnTrc_S3_p3zpFV8Fmm0hrUbvt_24upiqAt7ugXuhbpJ_BPn7Q8Q7mLq8qsSml4Sl4xmw1ON} \2OREO\9{\8\6\4\4\7\1_\3\5\6\4\4\7\1} The first pattern selects parts within the string (second line). Then, the third line re-assembles the selected groups to form the flag. At first, I tried to use ChatGPT to help me out with the regexp. It didn’t work out well and I used Regex101. This website is very convenient.