CTF Circle - Hack-A-Sat 2021 Qualifier CTF "iq" Challenge Writeup Written by sen (@sarahemm) ############### ### Summary ### The 'iq' challenge listed a server and port number only, with no other files or resources. Upon connecting to the port, it gave a diagram, a list of bits, a format to enter data as, and a note that it's QPSK modulation. ############################ ### Tools/Infrastructure ### Our team has a couple servers we use as a launching point for CTF work, so my work was done on these. No other tooling was needed other than Ruby, which is the primary language I prefer for challenges like this. This equally could have been done by hand (if somewhat slower) or in any other language. ############### ### Preface ### Early in the CTF I pulled this one up, saw it was QPSK-related, wrote it off as too difficult to deal with, and moved on to other challenges. Near the end of the CTF time I went back and looked at the lowest-value ones left so as not to leave any points on the table, and went and solved those ones. This one turned out to be one of the more straightforward ones in the end! ########################### ### Phase 1 - Discovery ### To start off, I connected to the provided IP/port with netcat to see what the challenge was in the first place. It gave an X/Y diagram with Q on the Y axis and I on the X axis, showing +1 to the top and right, and the quadrants were labelled with two bits each (00, 01, 10, and 11). A message said to encode the data as QPSK, and to give the result as space-separated interleaved I/Q values. I did a quick lookup on Wikipedia for a refresher on QPSK, which is actually very simple in concept once you strip the RF part off, simply using each quadrant of the diagram provided earlier to represent two bits. ######################### ### Phase 2 - Solving ### At this point it seemed straightforward, simply look at every pair of bits given, look up where in the diagram those bits fall, and record the I and Q positions of that bit pair. I briefly considered doing it by hand, but decided that it would be quicker to just throw a "CTF quality" script together to do it for me. A few minutes of code later, I pasted the bits provided into it and got the output which resulted in a flag. ################################## ### Lessons Learned/Reinforced ### - I shouldn't have written off this challenge early on based on it looking too complicated at first glance, had I actually attempted it I would have had it solved earlier on. It was just luck that I had a small amount of time left at the end of the CTF and went back to collect any remaining quick points. There are definitely times that challenges don't make sense for me to attempt when they're far outside of my knowledge areas, but I should try to get a more complete understanding of each one I look at before writing any off. ############ ### Code ### The script used to solve this challenge is at https://github.com/sarahemm/ctf-tools/tree/master/2021-hackasat/iq.