Category: Hardware

Hack The Box – Debug

Posted on by haxez

Debug was the third hardware hacking challenge of the Hack The Box Cyber Apocalypse Capture The Flag Competition. Hello world, welcome to Haxez, this challenge was a lot of fun and wasn’t too difficult provided you had the right extensions installed. The description for debug was as follows.

Your team has recovered a satellite dish that was used for transmitting the location of the relic, but it seems to be malfunctioning. There seems to be some interference affecting its connection to the satellite system, but there are no indications of what it could be. Perhaps the debugging interface could provide some insight, but they are unable to decode the serial signal captured during the device’s booting sequence. Can you help to decode the signal and find the source of the interference?

Debug With Logic 2

As with the first challenge, we needed to open the files with Logic 2. However, the answer wasn’t right in front of us like last time. I had previously used Logic 2 before during the Try Hack Me Advent Of Cyber. However, that challenge told us what analyzer we needed to use and the exact settings needed. I thought it would be best to start with Async Serial but I had no idea what the baud rate would be. There are ways to calculate the baud rate manually but thankfully there is also an extension.

Debug With Logic 2

Configuring The Analyzer

Once the extension was installed, I shift clicked from one high point of the signal to the other. This then provided an estimation of the baud rate. I added a new Aysnc Serial analyzer for the RX channel and gave it the correct baud rate.

Configuring The Analyzer

Debug The Signal

Finally, the data window started producing text. I must admit that I thought this was cool. It reminded me of the film Aliens for some reason. Something to do with the ASCII art and the satellite dish I think. Anyway, a lot of text was spat out and I have to salute whoever made this because they didn’t need to put this level of detail into it. Hidden in this transmission was the flag and all you had to do was assemble it.

Debug The Signal
HTB{547311173_n37w02k_c0mp20m153d}

Debug Review

This was a really fun challenge but I have to be honest, I found it easier than the first challenge. With this challenge, I felt that I knew what I had to do immediately. The first challenge completely threw me off for a long time. I really appreciate the level of detail that went into the transmission. It made me smile. Anyway, that’s all for the hardware challenges. I couldn’t solve secret code and from the write-ups, I’ve read, it didn’t look easy.

Hack The Box – Critical Flight

Posted on by haxez

Critical Flight was the second hardware hacking challenge of the Hack The Box Cyber Apocalypse Capture The Flag competition. Hello world, welcome to Haxez, in this post I’m going to be discussing my experience solving the Critical Flight hardware hacking challenge. All challenges have a description and you can find Critical Flight’s below.

Your team has assigned you to a mission to investigate the production files of Printed Circuit Boards for irregularities. This is in response to the deployment of nonfunctional DIY drones that keep falling out of the sky. The team had used a slightly modified version of an open-source flight controller in order to save time, but it appears that someone had sabotaged the design before production. Can you help identify any suspicious alterations made to the boards?

Opening Critical Flight Files

I have no previous experience with GBR files. Honestly, it took me far too long to find something that would open them. In the end, I found an application called GerberLogix. The application allowed me to open all the files at once and was very simple to use. It does seem dated but it got the job done for the task at hand.

Opening Critical Flight Files

Critical Flight GerberLogix

As you can see from the image below, when opening the files they are combined. It’s like layers in photoshop or gimp and each layer was coloured differently. There wasn’t much else for me to do so I started selecting and unselecting different layers.

Critical Flight GerberLogix

Revealing The Flag

After playing with the layers for a bit I eventually found a flag. However, no matter how I structured it, the flag wasn’t accepted. I initially thought that someone had made a mistake and forgot to add the end squiggly bracket but I should have known better. These folks don’t make mistakes.

Revealing The Flag

Pulling Back The Layers

After tinkering with the layers a bit more, I finally noticed the second part of the flag. Of course, they didn’t forget to close the flag. These are hackers we’re talking about, syntax is incredibly important. As you can see below, there were two parts to the flag and we needed to combine them to solve the challenge.

Pulling Back The Layers
HTB{533_7h3_1nn32_w02k1n95_0f_313c720n1c5#$@}

Critical Flight Review

This challenge was great in my opinion, it didn’t require too much tinkering. Once I found an application to open the files it was simple. I did try opening the files with GIMP as I read somwhere that they were brush files. That didn’t work out too well. Anyway, not much more to say about it. Fun challenge.

Hack The Box – Timed Transmission

Posted on by haxez

Timed Transmission was the first hardware challenge of the Hack The Box Cyber Apocalypse 2023 CTF event. Hello world, welcome to Haxez. In this post, I’m going to describe my experience solving the Time Transmission hardware challenge. All the challenges in this CTF have a great description following the theme of the competition. The introduction to the challenge was as follows.

“As part of your initialization sequence, your team loaded various tools into your system, but you still need to learn how to use them effectively. They have tasked you with the challenge of finding the appropriate tool to open a file containing strange serial signals. Can you rise to the challenge and find the right tool?”

Timed Transmission Files

After reading the description, we can download the challenge files which are achieved in a zip file. Extracting the zip files revealed a file named ‘Captured_Signals.sal’. There was also a ‘_MACOSX’ file which I presume contained the Mac OS equivalent files.

Our first challenge was to identify how to open these files. Performing a google search for ‘.sol’ files solved that question pretty quickly. Unfortunately, that was only the beginning of the challenge. Admittedly, I spent far longer on this challenge than I should have. Furthermore, the answer was under my nose the whole time, I just couldn’t see it.

Saleae Logic 2

The provided files could be opened with a program called Logic 2 from Saleae. Logic 2 allows the user to capture and analyse signals. Upon opening the file, the answer is right in front of you. The different message fragments make up the flag. Unfortunately, and embarrassingly, I didn’t see it. I spent hours trying to analyse the different channels with various different analyzers.

So provided you didn’t immediately zoom and mess with the signal, this should have been easy to solve. Unfortunately, I did mess with the signal and even went as far as extracting the individual channels from the file and looking through those. I wasted a lot of time.

HTB{b391N_tH3_HArdWAr3_QU3St}

Timed Transmission Review

I didn’t enjoy this challenge for the wrong reasons. It should have been a fun introduction to hardware hacking but I went and overcomplicated it. However, the challenge itself is fun and I like how the creators were able to make the signals spell out the flag.