Monday, November 19, 2012

PoliCTF 2012 - GrabBag 200 writeup

Task: "Mmhhh that's a strange way to display a number using a binary representation...
(Submit as upper case hex encoded numbers, with rightmost green led being the MSB. Without leading 0x)

The photos of breadboard with circuit prototype were inside encrypted archive.
challenge_1.jpg
challenge_2.jpg
Later one photo was given as a hint: gb200.jpg
After that, organizers gave one more hint with integrated circuit datasheet (in Russian!!!): chip.pdf
From this datasheet I've got that used IC is КМ155ИД1 (analogue of 74141) – BCD-to-Decimal decoder IC with high voltage transistor outputs.
Knowing the inputs and outputs pins, I've made truth tables (0=Low, 1=High).
Four inputs bits as binary are converted to one decimal output code.
Inputs pins are 3, 6, 7, 4 – A, B, C, D respectively.

IC1:
inputs:      output:
D C B A
4 7 6 3
0 0 0 0
=>  0

IC 2:
inputs:      output:
4 7 6 3
0 1 1 0  =>  6

IC 3:
inputs:      output:
4 7 6 3
1 0 0 1  =>  9

Output pins (0 on IC1, 6 on IC2, and 9 on IC3) are active with high level (1), and all other pins are off, i. e. with low level (0).
Here is the picture with traced inputs and outputs:

As said in the task, I've set the green leds as MSB and got binary representation:
11101100 11100000 00000001

By converting to hex without leading 0x we get a flag.
The flag: ECE001