Browsing all articles from August, 2017

Hacker badges of Defcon 2017 (25)
Defcon every year has many many different electronic badges that you can play with / hack / blind your friends with.  I was lucky enough to get one of these really cool badges and I wanted to figure out the lock codes from the hardware/firmware rather than trying to use the interface.

TL;DR

I didn’t end up going into the firmware beyond strings since they released it on github eventually and there were no other unlocks, but the basics of doing it were as follows:

— Get an FTDI cable ( the hackerwarehouse badge is 3.3v and I have one similar to this: https://www.amazon.com/gp/product/B06ZYPLFNB/ref=oh_aui_detailpage_o01_s02?ie=UTF8&psc=1 )
— Connect the wires up correctly to TX and RX
— Make sure the device is found ( lsusb on linux and system_profiler SPUSBDataType on OSX )
— Get the lastest esptool from https://github.com/espressif/esptool
— Put the badge into firmware mode by booting and holding the down button
— python ./esptool.py –port /dev/tty.usbserial-A106AUUX -b 74880 -c esp8266 read_flash 0 0x400000 badge_flash.bin
— 
strings original_contents.bin | grep -B 15 -A 15 LRLR

 

...snip
region perm unlocked
region unlocked
konami!
UDDDUULR 
RLRLLRDU
UUDDLRLR
see if I don't!
with my blurglecruncheon,
...snip

Read more »