Microcorruption Embedded CTF

Microcorruption Debugger

The folks at Matasano Security and Square have teamed up to build an online capture the flag (CTF) competition. The Microcorruption CTF focuses on embedded security and challenges players to reverse engineer a fictional “Lockitall LockIT Pro” lock system.

Each level places you in a debugging environment with a disassembly listing, live memory view, register view, and debugging console. You can set breakpoints, step through code, and modify registers like in a real debugging environment. Your goal is to figure out how to bypass the lock to collect bearer bonds.

While the device and motive may be fictional, the assembly is actual MSP430 code. The debugger is similar to GDB connected to a remote target using OpenOCD. There’s even a manual (PDF) to help you get up to speed with writing MSP430 code for the device.

This CTF looks like a great introduction to embedded security, and doesn’t require buying real hardware. It even includes a full tutorial to get you started.

14 thoughts on “Microcorruption Embedded CTF

  1. Sounds a lot like a game I used to play around 2000 on a telnet server called drill.hackerslab.org (RIP) mostly about finding setuid scripts and TCP packet forging and things like that (to progress from the guest login level0. all the way up to userid level17). This does sound interesting, I’ll give it a spin.

  2. Been playing with this since last night, it’s awesome. Definitely makes all those security vulnerabilities like buffer overflows, stack smashing, and other spoilery stuff much more tangible. Working on Algiers right now, tearing my hair out and loving it!

  3. Been playing with this since last night, it’s awesome. I’m not one to yell at the computer when playing games, but there have been several loud shouts of “PWNED!” and a handful of victory dances while playing this one.

    Definitely makes all those security vulnerabilities more tangible — stuff like buffer overflows, stack smashing, and other spoilery stuff I won’t mention. Working on Algiers right now, tearing my hair out, and loving it!

        1. Yeah. That’s his best work, I think. Literally changed what we consider secure.

          Where did spritesmods come in relative to this post, though?

  4. Really great stuff. For person who finds this kind of stuff seriously interesting and enjoys reading about it, but has never done it this is a godsend. A structured environment to hack about in, but rooted in reality – targets an actual microcontroller, and I could compile C for this imaginary lock if I wanted to. A legitimate all-in-one intro to exploitation, assembly, working in hex and reverse engineering. As one of the ‘have never done its’ I look forward to getting past the first non-tutorial level…

    Matasano have put together a great recruitment drive here.

    1. I think (unfortunately) that this kind of programming is not a good way to get people into programming. I remember when I was in school and many many of the other kids complained about how stupid and useless it was to learn to write code in an “emulated environment, with no real-world use” (i cant remember the specific environment, it was some asm-variant, probably even one not found on any real cpu). this is however _great_ for improving your skills if you are already interrested. And if you do get kids started on using this then i am not going to fault you for proving my anecdote to be just that.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s