English [MITRE STEM 2015] [Cyberville 500] Write Up


“You operate in the darkness. Make the world safe… in the shadows.”


Using the network dump we were able to see a dialog between a client (packets in red) and a switch (packets in blue) in TELNET.
cybervilledumpAs we can see, the client entered “manager” as login, and the switch output “manager”.
For the password, the client provided “manager” but for each character the switch output an asterisk.

The remaining question was : “What can we do with this login/password ?”… nothing (yet).

We began to reverse the firmware with binwalk…
…until a nmap scan in the range revealed something very interesting : a “network switch” administration console 😀


I used the manager:manager credentials to login… and it was OK ! 🙂
Then I selected the firmware update to test, and clicked on the Update button.

Few seconds after, a nice popup shown :
Flag was : da39a3ee5e6b4b0d3255bfef95601890afd80709.

2 thoughts on “[MITRE STEM 2015] [Cyberville 500] Write Up”

    1. Hello!
      As it was useless, I didn’t kept any log for this.
      I’m quite sure having used binwalk with the options -e -M.
      Maybe the firmware mod kit too!

Leave a Reply

Your email address will not be published. Required fields are marked *