0xRoM / 12Sec_CTF_v1
Transfer to URL with SHA Find file
Newer
Older
12Sec_CTF_v1 / 08.md
root 12 days ago 1 KB minor fixes
Raw Blame History

Challenge 8: "Glitch Storm"

Building on the success of the Power Trip challenge, you are once again faced with the same challenge. The goal remains the same, trigger a voltage glitch to enter a hidden code path and retrieve the flag.

However, the catch this time is that the glitch trigger is no longer the obvious SDA pin. You must discover the new trigger pin and timing to successfully glitch the device.

Your mission is clear:

  1. Analyze the device to identify the new glitch trigger.
  2. Precisely time and inject the voltage glitch at the discovered trigger.
  3. Access the hidden code block and extract the flag over UART.

    Setup

Challenge Setup

Notes

This was basically the same as the previous one. After probing around to find what was giving a clock-esque signal (it was pretty obvious) I checked with the logic analyzer:

logic analyzing

Created a similar Glitch-o-Bolt config (not used in the demo below): 08_GoB_config.py

glitching solution