Skip to content

Instantly share code, notes, and snippets.

View szymex73's full-sized avatar
🙁
why

Szymon Borecki szymex73

🙁
why
251 followers · 154 following
View GitHub Profile
@szymex73
szymex73 / 00-writeup.md
Last active July 8, 2022 17:10
Google CTF 2022 - ILIKETRAINS

ILIKETRAINS

ILIKETRAINS was a hardware challenge on Google CTF 2022 that involved a logic circuit built with a rail network in OpenTTD which had to be solved with the input bits being the solution.

For the challenge, we were given just the savegame file for the game.

In this writeup, I'll take a similar approach to what LiveOverflow did in his minetest challenge writeup for Google CTF 2019 tracing the logic circuit from the output to the inputs while trying to explain most of the steps I took along the way. The two challenges are very similar to each other (after the CTF concluded the organizers said that they've even used the same tool to generate the map, with some adaptations for a different game) but I'm sure this writeup will be helpful for someone anyway.

Because this writeup is pretty long since I tried to keep it detailed, here are some shortcuts to skip to rele

@szymex73
szymex73 / 00-writeup.md
Last active July 5, 2022 20:05
Google CTF 2022 - Engraver

Engraver

Engraver was a hardware challenge on Google CTF 2022 that involved recovering movements of a robotic arm engraving the flag from a pcap dump of commands sent to the device.

For the challenge, we were given the mentioned pcap containing USB traffic and two images of the robot arm (one of the robot arm idle, one during the engraving process).

Taking a look at the PCAP

The provided PCAP file contains a dump of USB traffic from a specific USB device. We can see the typical USB configuration packets being sent at the beginning (host fetching the USB descriptors) and afterward we see a lot of URB interrupts from the host with HID data attached. USB traffic

Figuring out the hardware part

@szymex73
szymex73 / writeup.md
Last active July 5, 2022 09:34
Google CTF 2022 - Weather

Weather

Weather was a hardware challenge on Google CTF 2022 that was based around a weather station running on a microcontroller with attached sensors and a serial interface. The goal was to extract a flag from an internal ROM device.

For the, challenge we were given a datasheet containing details about the microcontroller, its attached devices and the interfaces available. We were also given the firmware source code written in c.

Reading the datasheet

Weather station circuit

From the datasheet we can determine the following information: