The Professor - OSINT
Points: 498/500 | Flag: BITSCTF{153_429-442_acisp_brisbane} | Solved by: Smothy @ 0xN1umb
what we got
pure OSINT challenge. no files, just a wall of text with clues:
- find a research paper about deep packet inspection improving smart grid security
- one of the co-authors has a last name matching a famous luxury footwear brand designer
- find how many times that scientist was cited in 2013 (x)
- find their first research paper that was presented at a popular cybersecurity conference in the same year it was published and compiled in a larger volume
- get the page range (y), conference name (c), and city (p)
- flag:
BITSCTF{x_y_c_p}all lowercase
the solve
step 1: finding the paper
googled "deep packet inspection smart grids" and found it pretty quick:
"Implementation of deep packet inspection in smart grids and industrial Internet of Things: Challenges and opportunities" (2019)
authors: Gonzalo De La Torre Parra, Paul Rad, and Kim-Kwang Raymond Choo
step 2: the luxury brand connection
Choo... Jimmy Choo?? yep, the luxury footwear designer lmao. our scientist is Kim-Kwang Raymond Choo.
step 3: citation count in 2013
this was lowkey the hardest part ngl. google scholar kept blocking automated queries and giving us wrong numbers.
tried:
scholarlypython library -> got 127 (wrong, rate limited)- web scraping google scholar -> got 131 (wrong, parsing error from concatenated text)
- both of these failed because google scholar HATES automation
the big brain move was using the Wayback Machine to grab a cached snapshot of his Google Scholar profile:
curl -sL "https://web.archive.org/web/20240615003015id_/https://scholar.google.com/citations?user=rRBNI6AAAAAJ&hl=en"from the cached page, extracted the citation histogram:
Years: 2010, 2011, 2012, 2013, 2014, 2015, ...
Counts: 73, 85, 98, 153, 277, 334, ...
x = 153 citations in 2013. wayback machine saves the day fr fr
step 4: finding his first paper
hit up DBLP API to get his full publication list:
curl -s "https://dblp.org/search/publ/api?q=author%3AKim-Kwang_Raymond_Choo%3A&h=1000&f=900&format=json"earliest papers (2004-2005):
| Year | Conference | Pages | City | Proceedings Published |
|---|---|---|---|---|
| 2004 | SCN | 351-366 | Amalfi, Italy | Feb 2005 |
| 2004 | FAST | 129-144 | Toulouse, France | 2005 |
| 2005 | ACISP | 429-442 | Brisbane, Australia | June 2005 |
| 2005 | ASIACRYPT | 585-604 | Chennai, India | Nov 2005 |
step 5: narrowing down "first paper"
the challenge says: "presented in a popular cybersecurity conference in the same year the paper was published and compiled in a larger volume"
key constraint: conference AND proceedings publication must be in the same year
- SCN 2004: conference Sept 2004, proceedings Feb 2005 -> different years, nope
- ACISP 2005: conference July 2005, proceedings June 2005 -> same year! and it's a cybersecurity conference!
verified page numbers from Springer LNCS metadata:
curl -sL "https://link.springer.com/chapter/10.1007/11506157_36"
# citation_firstpage: 429, citation_lastpage: 442
# LNCS volume 3574 (the "larger volume")ACISP 2005 = Australasian Conference on Information Security and Privacy, held in Brisbane, Australia
so:
- y = 429-442
- c = acisp
- p = brisbane
flag
BITSCTF{153_429-442_acisp_brisbane}
lessons learned
- google scholar actively blocks automated queries, don't trust random scraped numbers
- Wayback Machine is goated for getting cached versions of blocked pages
- DBLP API is clean for academic publication history
- always verify with primary sources (Springer metadata) instead of trusting parsed web results
- first attempt with wrong citation count (131) cost us a wrong submission, always double check your data sources
smothy out ✌️