Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
YawgNetWiki
Search
Search
Appearance
Log in
Personal tools
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
AND!XOR DC28
(section)
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=Extra Points= * Setting Name ** aegis glows weeds bared revel mumps angle worse arise ** +10pt * Phone Extension x1337 ** "h7pH7P" ** Decoding gave me: riles forgo goats stove smelt lobed aught filmy oomph ** +10pt * Badge Tear Down ** "TY7AQQ" ** Decoding: hubby match nodal babel dandy gauss extra baked balmy ** +10pt * About Section ** "UC7xzZ" ** Decoding: aegis glows weeds spoof sites fishy softy jumpy doper ** +10pt * Twitter ** "3D4GBN" ** Decoding: riles forgo goats folks twigs xerox enemy wails biter ** +10pt ** "lyVVPF" ** Decoding: aegis glows weeds guava going filmy armed wryly acmes ** +10pt ** "AV52VZ" ** Decoding: aegis glows weeds loner sound kinky dates wools enrol ** +10pt * Slackbot Challenge <div class="toccolours mw-collapsible mw-collapsed">Details<div class="mw-collapsible-content"> * Slackbot spits out some weird stuff in chat sometimes <pre> 1:{14,2} 2:{12,3} 3:{14,1} 4:{4,1} 5:{17,2} 6:{20,3} </pre> Additionally a Tweet is linked : [https://twitter.com/kur3us/status/1279638633201324032 here] * The info from Slackbot appear to be coordinates for the tweet text giving us * "jpK99x" ** Decoding: ditto stoke waltz waits tapes drips fungi slice tzars ** +10pt </div> </div> * Scoreboard ** Deep in the scoreboard exists a flag ** "yyu44x" ** Decoding: aegis glows weeds hokey hyena quits blitz fixes dorky ** +10pt * UART <div class="toccolours mw-collapsible mw-collapsed">Details<div class="mw-collapsible-content"> * Perusing the teardown pics I found the UART ports on the badge. So using my [AND!XOR DC27] badge, I decided to jump on in: <gallery> XxC7IYr cr.jpg|It was pretty simple </gallery> * Using the DC27 badge I hopped on in and did a reboot of the badge with kernel reboot warm <pre> [00:00:00.814,000] <dbg> wh_adc_sense.__adc_sense_init: Initializing ADC sense d river [00:00:00.822,000] <dbg> wh_adc_sense.__adc_sense_init: Setting up Thermistor AD C channel [00:00:00.832,000] <dbg> wh_adc_sense.__adc_sense_init: Initialized thermistor A DC result = 0 [00:00:00.841,000] <dbg> wh_adc_sense.__adc_sense_init: Setting up voltage ADC c hannel [00:00:00.850,000] <dbg> wh_adc_sense.__adc_sense_init: Initialized vbatt ADC re sult = 0 [00:00:00.859,000] <inf> wh_post: Success 0x0008 [00:00:00.865,000] <inf> wh_post: Success 0x0004 [00:00:00.871,000] <dbg> disk.disk_access_register: disk interface(NAND) registr ed [00:00:00.879,000] <dbg> fs.fs_register: fs registered of type(0) [00:00:00.886,000] <inf> usb_msc: Sect Count 32768 [00:00:00.892,000] <inf> usb_msc: Memory Size 16777216 [00:00:00.898,000] <dbg> ssd1306_spi.__ssd1306_spi_init: Initializing SSD1306 [00:00:01.419,000] <dbg> cfb.cfb_framebuffer_init: number of fonts 1 [00:00:01.455,000] <dbg> wh_bender.__input_event_handler: Input event = 12 [00:00:01.463,000] <dbg> wh_bender.__bender_init: B.E.N.D.E.R. Initialized [00:00:01.471,000] <dbg> wh_fs.wh_fs_init: Initializing persistence [00:00:01.478,000] <dbg> wh_fs.wh_fs_init: Attempting to mount /NAND: [00:00:01.487,000] <dbg> fs.fs_mount: fs mounted at /NAND: [00:00:01.493,000] <inf> wh_post: Success 0x0001 [00:00:01.502,000] <dbg> wh_fs.wh_fs_init: Read 3 bytes from SPI flash VERSION f ile [00:00:01.511,000] <dbg> wh_fs.wh_fs_init: SPI flash version = 25 [00:00:01.518,000] <inf> wh_fs: SPI flash version is correct [00:00:01.525,000] <inf> wh_post: Success 0x0002 [00:00:01.530,000] <dbg> wh_fs.wh_fs_init: done init [00:00:01.537,000] <dbg> wh_util.Hash of device ID: 92 9b ac 35 a1 c9 e7 0d 93 83 7f cd fe b1 e4 81 |...5.... ........ 73 b9 05 67 c5 44 29 35 fe e0 94 17 3d f3 d8 dc |s..g.D)5 ....=... [00:00:01.558,000] <dbg> wh_settings.wh_settings_load: '/NAND:/CONFIG.DAT' Files ize = 288 bytes [00:00:01.569,000] <inf> wh_settings: Settings loaded. [00:00:01.703,000] <inf> wh_settings: Settings Saved [00:00:01.709,000] <inf> wh_post: ============ POST ============ [00:00:01.716,000] <inf> wh_post: Filesystem Mounted..........OK [00:00:01.723,000] <inf> wh_post: Filesystem Version..........OK [00:00:01.730,000] <inf> wh_post: Battery Sense...............OK [00:00:01.737,000] <inf> wh_post: Thermistor..................OK [00:00:01.744,000] <inf> wh_post: ============================== [00:00:01.808,000] <inf> main: USB Enabled [00:00:01.813,000] <inf> main: AND!XOR DC28 Started v27 [Aug 4 2020 19:39:06 PT ] [00:00:01.821,000] <inf> main: You found the maintence port, here's a CTF code: p057xX [00:00:02.988,000] <dbg> wh_bender.__bender_handler: BENDER handler running </pre> * Flag: "p057xX" ** Decoding: hubby match nodal dimer vegan belch hoard olive panda ** +10pt </div> </div> * BASFUK.BAS ** Yea, not going to lie, I kinda just [https://www.dcode.fr/brainfuck-language DCode'd] this one ** Replaced _ for + and ~ for - ** "kT8U2M" ** Decoding: ditto stoke waltz abuse datum fjord psalm thick lurks ** +10pt * DC28 MUD ** Apparently Hyr0n was a gerbil ** I didn't play it, but someone did a writeup and dropped the flag [https://github.com/blinkingthing/ctfs/blob/master/dc28-defcon-mud/writeup.md here] ** "2LwRLe" ** Decoding: riles forgo goats atoms buses balks trail bares judos ** +100pt * Github ** Found [https://github.com/ANDnXOR/ANDnXOR_DC24_Badge/commit/9e4317a84d22de638828fdba5844d32809956794 here] ** 'PY5BOL' ** Decoding: hubby match nodal tufty tries sifts speck aimed crumb ** +10pt * T-Shirt ** On one of the cables: 'sOXMxt' ** Decoding: riles forgo goats sport ogles zebus fumes slake amino ** +10pt * Badge Trailer ** Found a quick clip [https://youtu.be/dY_oJL28QOw?t=111 here] behind the badge and URL ** 'ESDnkO' ** Decoding: hubby match nodal adman swoon mutes omega whose execs ** +10pt ** as well as [https://www.youtube.com/watch?v=dY_oJL28QOw&feature=youtu.be&t=10 here] for about 3 frames in the lower right ** 'mOz8dl' ** Decoding: aegis glows weeds divas quipu amaze feats versa bodes ** +10pt
Summary:
Please note that all contributions to YawgNetWiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
YawgNetWiki:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Search
Search
Editing
AND!XOR DC28
(section)
Add topic
