Sésame, ouvre-toi

Description

Your friend has stored a secret in his bootloader configuration. He assures you that it is impossible to extract it, as you need to know his password to stop the autoboot and access it.

You unplug the NVMe disk storing its operating system, and notice that the machine boots in a kind of shell. Can you find a way to access its secret?

Note: on this machine, the instruction pointer is initialized to 0x00000000 at startup.

You are provided with a dump of this bootloader, but configured with the password FAKEPASSWORD and without secrets.

A more complex variant of this challenge is available here: Sésame, ouvre-toi (harder).

Sponge bob meme, Patrick Open Sesame

Files

docker-compose.yml
bootloader.bin
556.34 KiB – 6193dab61771570df33b74a4d2b315874e15a0e76a95573964907eec9a1cfdc0

Author

erdnaxe

Challenge Instructions

First, download docker-compose.yml:
curl https://hackropole.fr/challenges/fcsc2024-hardware-sesame/docker-compose.public.yml -o docker-compose.yml
Launch the challenge by executing in the same folder:
docker compose up
Then, in another console, access the challenge with Netcat:
nc localhost 4000

⚠️ Important: You must solve the challenge by interacting with the Docker container through the exposed network port. Any other way is not considered valid.

In case you encounter problems, please consult the FAQ.

Flag

You don't have JavaScript actived. No problem! You can check your flag like this: echo -n 'PUT_THE_FLAG_HERE' | sha256sum # possible output: 2f37db4956bdf374b1159cf86b2d2f27f5475cb7229adc96b5920e4d58fa5f41

Writeups

I've been looking for a long time and I still can't find the flag!

You can vote for the solutions you prefer by using the on their respective pages.

Date	Author	Language	Tags	Vote
2024-04-15	leraton	🇬🇧
2024-04-26	loulous24	🇬🇧