DC29 Challenge
DC29 HHV Challenge
Hardware Hacking Island, home to the renowned Diodasaur Park, was just hit by a severe geomagnetic storm. Our internal network and systems have been knocked offline and the diodasaurs have escaped and begun wreaking havoc! In order to get back online and secure the island, we need your help! Be sure to take Saleae Logic 2 with you, if you dare venture into the Serial Swamp. Good luck, and if you run into any trouble, radio us on the DEF CON discord in the #HHV-Challenge-Text channel.
Prizes graciously donated by Pololu.
Write ups
Warning: These links contain spoilers
Full write up by Ross Schlaikjer
Challenges
Welcome Challenges
Backup Logs - 15 points per flag (30 points total)
We need to start cleaning up after that storm. First things first, let’s check on the status of things around the park. Luckily, we installed serial connections to the different labs and enclosures around. These communication lines are pretty cool, not only do they serve as heartbeat monitors for the different endpoints, they also allow us to exchange serial communications when necessary. Can you take a look and see if there’s any information we can gain from them?
Secret Board - 20 points
We obtained the fabrication files of a secret printed circuit board but we don’t know how to open them! Can you help us?
Serial Swamp Challenges
Debugging Interface - 50 points
Apparently the diodesaurs think our satellite dishes are frisbees, and because of that all networks are down. We managed to scrape a working controller board and tapped into it’s debugging interface, and got some logs that may help us to get information about the status of the park before the final relay went offline. We need to figure out what was the last network status so we can start our mission to take back our island!
Broken Display - 200 points
We managed to recover the authentication device for sub-station 2 that we need to bring the power systems back up, but the screen is completely broken. We used a device to capture the signals going to the display (it has ST7789V written on it’s back). Can you help us recover the image being sent to the display, so we can bring the power systems back up?
Lost Record - 200 points
We are trying to find out how this tragedy started, and we have managed to pinpoint which was the first guard post that got destroyed. Each guard post has a heavy-duty black box that stores very comprehensive information about the systems’ operation. The problem is that apparently it was not heavy-duty enough, and it got smashed. The only thing we managed to recover are the last few seconds of logs for the hardware monitoring system. We believe there is a hidden clue in it that will help us understand the cause!
Lab Control - 200 points
Help! We can’t access the Laboratory that contains the main control unit for the satellite communication system. The access control system doesn’t seem to be operational, but the access card reader seems to be active. The network must be broken. Luckily we have a hardware guy on the team and he came up with a plan. We pried into the card reader and hooked our logic analyzer to the microcontroller pins that the RFID IC MFRC522 is connected to and captured the read of our access card. If we manage to extract the data from it, then we can relay it manually with our SDR. Once we gain access and turn the systems back online we can coordinitae our efforts to get the rest of the sub stations back online!
Circuit Cave Challenges
This is the way - 50 points
We need to use some authentication devices to bring the network back up, but there’s a problem: All authentication devices went missing (and most probably got destroyed). We have access to the designs… but there’s a problem: Three teams were assigned with the task of building together the authentication devices for the security team. Sadly, they did not get to an agreement on how to implement the hardware, and each team designed the device the way they thought was right.
No, this is the way - 50 points
We need to use some authentication devices to bring the network back up, but there’s a problem: All authentication devices went missing (and most probably got destroyed). We have access to the designs… but there’s a problem: Three teams were assigned with the task of building together the authentication devices for the security team. Sadly, they did not get to an agreement on how to implement the hardware, and each team designed the device the way they thought was right.
The only true way - 50 points
We need to use some authentication devices to bring the network back up, but there’s a problem: All authentication devices went missing (and most probably got destroyed). We have access to the designs… but there’s a problem: Three teams were assigned with the task of building together the authentication devices for the security team. Sadly, they did not get to an agreement on how to implement the hardware, and each team designed the device the way they thought was right.
DEF CON 29 Stats
