Reverse Engineering Challenge Starts Off Simple

img_20130326_102537

We love seeing hard-core firmware reverse engineering projects, but the number of hackers who can pull those off is relatively small. It’s possible to grow the ranks of the hacker elite though. A hackerspace is a great place to have a little challenge like this one. [Nicolas Oberli] put together a capture the flag game that requires the contestants to reverse engineer Teensy 3.0 firmware.

He developed this piece of hardware for the Insomni’hack 2013 event. It uses the Teensy 3.0 capacitive touch capabilities to form a nine-digit keypad with a character LCD screen for feedback. When the correct code is entered the screen will display instructions on how to retrieve the ‘flag’.

To the right you can see the disassembly of the .elf file generated by the Arduino IDE. This is what [Nicolas] gave to the contestants, which gets them past the barrier of figuring out how to dump the code from the chip itself. But it does get them thinking in assembly and eventually leads to figuring out what the secret code is for the device. This may be just enough of a shove in the right direction that one needs to get elbow deep into picking apart embedded hardware as a hobby.

13 thoughts on “Reverse Engineering Challenge Starts Off Simple

  1. …But, can’t they just find the flag as a string literal in the binary? It’s a shame the checkSerial routine is adequately obfuscated, yet the goal is right out there in the open. I hope to see more projects like this though.

    1. Did you ever find anything on this? I’m curious, too, as I’ve been keen to get involved with reverse-engineering embedded devices for some time now. There doesn’t seem to be many resources or books on the matter, though :/

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.