Monday, November 19, 2012

PoliCTF 2012 - GrabBag 200 writeup

Task: "Mmhhh that's a strange way to display a number using a binary representation...
(Submit as upper case hex encoded numbers, with rightmost green led being the MSB. Without leading 0x)
Attachment:4e6ea2210658985.tbz2.gpg (password: d2c29c95d6d7c4918596197aefa870f20f1b299c)"

The photos of breadboard with circuit prototype were inside encrypted archive.
challenge_1.jpg
challenge_2.jpg
Later one photo was given as a hint: gb200.jpg
After that, organizers gave one more hint with integrated circuit datasheet (in Russian!!!): chip.pdf
This task was downgraded to 180 points after this hint.
From this datasheet I've got that used IC is КМ155ИД1 (analogue of 74141) – BCD-to-Decimal decoder IC with high voltage transistor outputs.
Knowing the inputs and outputs pins, I've made truth tables (0=Low, 1=High).
Four inputs bits as binary are converted to one decimal output code.
Inputs pins are 3, 6, 7, 4 – A, B, C, D respectively.

IC1:
inputs:      output:
D C B A
4 7 6 3
0 0 0 0
  =>  0

IC 2:
inputs:      output:
4 7 6 3
0 1 1 0  =>  6


IC 3:
inputs:      output:
4 7 6 3
1 0 0 1  =>  9


Output pins (0 on IC1, 6 on IC2, and 9 on IC3) are active with high level (1), and all other pins are off, i. e. with low level (0).
Here is the picture with traced inputs and outputs:

As said in the task, I've set the green leds as MSB and got binary representation:
11101100 11100000 00000001

By converting to hex without leading 0x we get a flag.
The flag: ECE001