Hello Guys , Today we’re going to solve another hardware hacking challenge where we demonstrated an analysis of an archived file that was created by capturing data off the async serial interface of an embedded device. The objective was to decode the captured data and we used SALEAE logic analyzer to decode the data
CHALLENGE DESCRIPTION:-
We accessed the embedded device’s asynchronous serial debugging interface while it was operational and captured some messages that were being transmitted over it. Can you decode them?
As you uzip the file you will see another zip file :
As you can see, there are two additional files: meta.json and a binary file. So, I searched it in ChatGPT, and it gave me this
digital-0.bin:
- Name Structure:◇ “digital-0” suggests that this file might be related to digital data, and the “bin” extension typically indicates a binary file, meaning it contains machine-readable data rather than human-readable text.
- Possible Content:◇ This file could store digital information, which might include binary data, images, audio, or other types of digital content. The specific nature of the data would depend on the context in which this file is used.
meta.json:
- Name Structure:▪ “meta” typically indicates metadata, which is data that provides information about other data. The “.json” extension suggests that the file is in JSON (JavaScript Object Notation) format, a lightweight data interchange format.
- Possible Content:▪ This file likely contains metadata associated with some other files or a system. Metadata could include information like file creation date, author, file format details, or any other descriptive information. Being in JSON format, the data structure would likely consist of key-value pairs.
Now, I knew some information about these files. After that:
I used the ‘strings’ command to extract human-readable text strings from binary files (digital-0.bin), and I saw that the first line was ‘SALEAE.’
I Googled it:
It took me to this website that offers software to analyze captured data from embedded devices. So, I downloaded it.
I followed some instructions to install it on my machine.
We said, ‘Open Capture.’ Then, we selected the file, which was the original file.
So this is the data block as you can see here. It starts from here and ends from here, we could just maximize it by double click. It’s in my MS. So want to get this into microseconds? Yeah, as you can see, this is the signal that’s what we want. We want to take a look at the signal analyzer data.
At the very start of the blocks, the block began from here at 0.7 milliseconds. Here was the start of the block, and if you hovered over the block, as you could see, we could see the bit rate. So it was thirty-two point zero two microseconds. Okay, that corresponded to 30,1230 bit rates per second.
Finding the bit rate was very important. At that moment, we were extracting the signal, as you can see. We found the bit rate. So the next step was to go to the analyzers tool, click on a Async Serial because that was the signal,
This opened up the details menu here. You could select Channel 00 as is, and as you could see, the bit rate was already selected. But if you were doing The Challenge and you didn’t see that, if you just typed this number because it corresponded to the very start of the block, you would click save. Now, you had successfully decoded the data,
And you could successfully see the decoded data. This was the data that had been captured, and among the others was the flag that you wanted to copy.
https://www.hackthebox.com/achievement/challenge/1492984/207
