Points: 600

Tags: reverse engineering electronics fpga 

Poll rating:

Category: Reverse Points: 600 Solves: 0 Description:

In order to protect their maximum security facilities, the Club employs an electronic security lock activated by a 256-bit key which changes every minute. When a Club member is authorized to enter some of these facilities, he receives this key in hexadecimal format, the same format which is used to enter the key in the electronic lock’s keyboard. The last year (in 2015), Project SKY intercepted a key valid for April 1st at 11:00 UTC: 01cd9de119e1231e29b0972a618da6c79fc1f3bd96cee86c93a8068bdc5e4c59, however we got access to this key only after it was already expired. It seems that these keys are the same for all facilities, independent from their geographical location, that is, they vary only with time. This year, our truck driver Alisson, undercover in the Club’s fleet, was able to intercept the shipment of one of these locks to a warehouse which is currently under construction. Quickly, he drafted a block diagram of the lock’s circuit and generated a dump of the flash memory (N25Q032A), both contained in the file which we are providing to you. A few minutes after sending this information through 3G using his Samsung Note Edge™ smartphone, Alisson suffered a tragic transit accident, which means the Club has probably discovered our plans, so that we have only 48h before they change all of their electronic lock scheme. Our teams are ready to deploy next to 3 facilities of critical importance to the Club. They only need that you send a key valid for the current minute to the address https://door.pwn2win.party/KEY.

Writeups

ActionRatingAuthor team
Read writeup
not rated
Epic Leet Team
You need to authenticate and join a team to post writeups