Sésame, ouvre-toi (harder)

hardware boot security FCSC 2024 solved on

star star star

Description

Your friend was impressed that you were able to find his secret (challenge Sesame, ouvre-toi). In revenge, he updates his bootloader with a new, heavily hardened configuration.

Will you be able to access his new secret?

You are provided with a dump of this new bootloader, but configured with the password FAKEPASSWORD and without secrets.

A simpler variant of this challenge is available here: Sésame, ouvre-toi.

Note: the password configured on the remote is strong.

Files

Author

erdnaxe

Challenge Instructions

  1. First, download docker-compose.yml:
    curl https://hackropole.fr/challenges/fcsc2024-hardware-sesame-harder/docker-compose.public.yml -o docker-compose.yml
  2. Launch the challenge by executing in the same folder:
    docker compose up
  3. Then, in another console, access the challenge with Netcat:
    nc localhost 4000
⚠️ Important: You must solve the challenge by interacting with the Docker container through the exposed network port. Any other way is not considered valid.

In case you encounter problems, please consult the FAQ.

Flag

Share my success on Fediverse, Twitter, Linkedin, Facebook, or via email.

Submit your solution

You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.

You need to be logged in to submit a writeup.

Writeups

I've been looking for a long time and I still can't find the flag!

You can vote for the solutions you prefer by using the on their respective pages.

DateAuthor Language Tags Vote
2024-04-26
loulous24
🇬🇧