Embedded Security CTF

Scattered throughout the world in locked warehouses are briefcases filled with Cy Yombinator bearer bonds that could be worth billions comma billions of dollars. You will help steal the briefcases.

Cy Yombinator has cleverly protected the warehouses with Lockitall electronic lock devices. Lockitall locks are unlockable with an app. We've positioned operatives near each warehouse; each is waiting for you to successfully unlock the warehouse by tricking out the locks.

The Lockitall devices work by accepting Bluetooth connections from the Lockitall LockIT Pro app. We've done the hard work for you: we spent $15,000 on a development kit that includes remote controlled locks for you to practice on, and reverse engineered enough of it to build a primitive debugger.

Using the debugger, you'll be able to single step the lock code, set breakpoints, and examine memory on your own test instance of the lock. You'll use the debugger to find an input that unlocks the test lock, and then replay it to a real lock.

Should be a milk run. Good luck. We'll see you on a beach in St Tropez once you're done.

Username
Password sign up (or forgot your password )