→ PlaidCTF 2012 - Debit or Credit [200]

| No TrackBacks

From the name of the task and the description we guess that it is the data from a card reader similar to the "Square".

The technical details about encoding are desribed here: http://stripesnoop.sourceforge.net/devel/phrack37.txt

In short: Magnetic stripe + Aiken Biphase encoding + ANSI BCD encoding = key

First, visualize the wav with, say, audacity. Counting the peaks we get the raw data (0s ans 1s). Two opposite peaks stand for 1, and one wide peak stands for 0. Mind that the width of 1 and 0 is the same. The raw data
00000110101100110000110011100111100100001010111100111110100000000
This data of magnetic strip could be encoded in several formats (depending on the track). Let's try the 5-bit Binary Coded Decimal format (Track 2):
--Data	Bits--	Parity	
b1	b2	b3	b4	b5	Character	Function
0	0	0	0	1	0 (0H)		Data	
1	0	0	0	0	1 (1H)		"	
0	1	0	0	0	2 (2H)		"	
1	1	0	0	1	3 (3H)		"	
0	0	1	0	0	4 (4H)		"	
1	0	1	0	1	5 (5H)		"	
0	1	1	0	1	6 (6H)		"	
1	1	1	0	0	7 (7H)		"	
0	0	0	1	0	8 (8H)		"	
1	0	0	1	1	9 (9H)		"	
0	1	0	1	1	: (AH)		Control	
1	1	0	1	0	; (BH)		Start	Sentinel	
0	0	1	1	1	< (CH)		Control	
1	0	1	1	0	= (DH)		Field	Separator	
0	1	1	1	0	> (EH)		Control	
1	1	1	1	1	?(FH)		End	Sentinel
Let's try decoding. LSB goes first.
00000 11010 11001 10000 11001 11001 11100 10000 10101 11100 11111 01000 00000
Clock Start   3     1     3     3     7     1     5     7   End     
It seems that the credit card data is 31337157. It is the answer.

No TrackBacks

TrackBack URL: http://smokedchicken.org/m/mt-tb.cgi/77

About this Entry

This page contains a single entry by 盗賊 published on May 2, 2012 10:55 AM.

PlaidCTF 2012 - Game [100] was the previous entry in this blog.

PlaidCTF 2012 - Override [300] is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.