The fourth task was probably the most straightforward to complete.
Task 4 – Disarm Capability, Part 2
Perfect! Now that we have the key file we can work on a disarm capability. Several intelligence reports suggest that terrorists use a secure token (i.e., small hardware device) for generating unique one-time codes for authenticating to the IED when sending commands. We believe these codes change over time and are only valid for a certain time window and for specific device serial numbers. Based on previous signatures you provided, we have located the armed IED that is using the same version of software and key serial number from Task 3 and we need to disarm it ASAP. We do not have the secure token that corresponds to the device, but we still need to be able to authenticate to it with the correct code in order to disarm it. Your objective for this task is to figure out how to generate valid one-time codes and provide one that we can use to disarm the IED. The decrypted key file you provided earlier should help with this part.
The key file we decrypted from Task 3 is for generating time-based one-time passwords.
otpauth://totp/559018485?secret=Z5ELZYDJ2ZSTXMXCEIQLETFWS25AGZVWOGTEDUEOWB4JFALL5RAQ
Using the codes it generates allows the client (from Task 2) to communicate with the server (from Task 3). Without these codes, the client can’t do anything.
Two ways to generate these tokens. A simple way is to install oathtool in Linux.
sudo apt install oathtool
With that code you can now issue commands to the server.
These codes are only good for a certain time window. Another way to generate them is in code. Using the authenticator module in Node also makes this pretty simple.
var authenticator = require('authenticator'); var formattedKey = "Z5ELZYDJ2ZSTXMXCEIQLETFWS25AGZVWOGTEDUEOWB4JFALL5RAQ"; var formattedToken = authenticator.generateToken(formattedKey); console.log(formattedToken);
And with these proper OTP codes we can disarm the bombs.