← Back

DroneSpy: Multi-Stage Core Network CTF Framework

By Shay Mordechai | June 17, 2025

Project DroneSpy is a multi-stage CTF framework managed by a robust core server, consisting of over 7,000 lines of C++ and Python code[cite: 6]. Developed during active reserve duty under combat conditions, it scored a perfect 100[cite: 6].

Mission Phases

Phase 1: ICMP Covert Channel. Participants decode a struct format (`bbHHh!`) and must send 5 Ping packets with a specific ID (`0x1337`) and escalating payload sizes[cite: 6]. Bypassed WSL2 localhost routing issues using Scapy[cite: 6].

Phase 2: Certificate Authority MITM. Infiltrating a PKI infrastructure by intercepting a flawed CSR via Burp Suite, fixing the Subject, and performing filesystem forensics to recover a deleted `client.key`[cite: 6].

Phase 3: Steganography & Enigma. Analyzing the Hex of an image to find Enigma machine configurations[cite: 6]. Decrypting it prompts an HTTP `GET /audio` request, where the server streams a Base64 encoded MP3 over the TLS socket, containing a Morse code flag[cite: 6].