lesion.io Blog
  • Roadmap
  • Docs
    • Templates
      • Data Inventory
      • Access Control
      • Cybersecurity Roles & Responsibilities
      • Asset Inventory
      • Acceptable Use Policy
      • Change Management
      • Vendor Risk Assessment Form
      • Password Protection Policy
  • About Us
    • Manifesto
    • Metrics
  • CTF Team
    • CISA ICS CTF 2024
      • Virbank
        • Mission: Inconceivable - 1
        • Mission: Inconceivable - 2
        • Extend Your Stay - 1
        • Extend Your Stay - 2
        • Extend Your Stay - 3
        • Extend Your Stay - 4
        • Follow The Charts - 1
        • Follow The Charts - 2
        • Read Askew Manuscripts - 1
        • Read Askew Manuscripts - 2
        • Read Askew Manuscripts - 3
        • Read Askew Manuscripts - 4
        • Read Askew Manuscripts - 5
      • Anville
        • Genisys of the Problems - 1
        • Genisys of the Problems - 2
        • Genisys of the Problems - 3
        • Modeling Trains - 1
        • Modeling Trains - 2
        • Modeling Trains - 3
      • Castelia
        • Page
      • Driftviel
        • Page 1
Powered by GitBook
On this page

Was this helpful?

  1. CTF Team
  2. CISA ICS CTF 2024
  3. Anville

Genisys of the Problems - 2

PreviousGenisys of the Problems - 1NextGenisys of the Problems - 3

Last updated 7 months ago

Was this helpful?

  1. This challenge wanted us to view the the true CRC packet from station 4. Due to station 4 sending a mismatch packet we are going to use ARKIME to filter the traffic down to find the mismatch.

  2. Using this filter we filter by the GENISYS protocol and view traffic only associated with Station 4.

protocols == genisys && zeek.genisys.server == 4

  1. Looking through all the packets we see the 2 fields. "CRC Transmitted & CRC Calculated". Digging through all the packets we just have to find the ones that are mismatched.

  1. Here we find the Mismatched CRC packet. Our flag is the true CRC.