Home

Awesome

image

dc540-0x00003

DC540 hacking challenge 0x00003 [C CTF].

<br>

PROMOTIONAL VIDEO - WATCH NOW HERE ON YOUTUBE

<br>

Prior Challenge HERE

<br>

Next Challenge HERE

<br>

Join DC540 Discord HERE

<br>

FREE Reverse Engineering Self-Study Course HERE

<br>

Parts

Raspberry Pi Pico

Set of 2 x 20-pin Headers for Raspberry Pi Pico

830 Hole Breadboard

Jumper Wires Male to Male - Pack of 30

20 Pcs 6 mm 2 Pin Momentary Tactile Tact Push Button Switch Through Hole Breadboard

Micro USB Cable High Speed Data and Charging, Nylon Braided Charger Cord, 3-Pack, 3 Feet

<br>

Schematic

image

<br>

BRIEF

A month has transpired and the team was unsuccessful with cracking the MicroPython firmware. To date this is the only way into the Dark Eyes 1337 Gate to gain access to their secret facility located in a classified location in Siberia.

Pacing back and forth, Bets Fielding and the team continued to do digital forensics on Natalia's usb drive which she used in Dr. Rinn's private study to get the 1337 Gate firmware.

All of the sudden, Bets stumbled upon a hidden partition which contained two files named 1337бэкдор.uf2 and capture.png which she was able to retrieve.

Bets phoned Natalia and asked if she knew about this hidden partition and she said she did not. Natalia said that she simply grabbed the first usb she could find in Dr. Rinn's Study which was taped to the bottom of her desk drawer.

Knowing this is a raw .uf2 file, Bets knew she had to get it into a bin format to be able to reverse it properly in Ghidra. Bets wondered if the firmware would also be in MicroPython like the previous one or perhaps a pure C binary.

<br>

MISSION

You have been selected by the DC540 ANGELS OF DEATH to be the Reverse Engineer on this mission. Your task is to review the attached capture.png and convert the 1337бэкдор.uf2 to a .bin binary to begin reverse engineering. Your mission is to flash a Raspberry Pi Pico with the 1337бэкдор.uf2 firmware and see how it operates. Convert the file to a .bin file to bring into Ghidra and properly reverse engineer and then manually hex-edit the 1337бэкдор.uf2 with your changes and re-flash the Raspberry Pi Pico to get the entrance flag and report back to, "Master Assembler" with your results by sending a private Discord DM to @P4R4D0X in the DC540 Discord channel listed above.

HINT

"You will know you have the flag as it will end with, for processing..."

<br>

License

Apache License, Version 2.0