2bitsin's Secret message from a traveller

Author:
2bitsin

Language:
Assembler

Upload:
2023-09-21 10:02

Download

Platform:
Multiplatform

Difficulty:
3.0

Quality:
4.5

Arch:
x86

Downloads:
28

Size:
1.41 MB

Writeups:
1

Comments:
16

Description

A mysterious visitor left this floppy disk and said it will only run a special machine. Can you figure out what secret it holds? What you will need: * Assembly and debugging skills * A virtual machine/PC emulator * Basic understanding cryptography/steganography

Comments (16)
Writeups (1)

You must be logged in to post a comment

cnathansmith on 2023-09-21 16:54: This is an incredible idea. I haven't thought about floppy drive boot code since the last time I could plug one in to see what happened

cnathansmith on 2023-09-23 17:59: Does this require a very specific BIOS ROM to run against? The verification requires the string '92F9674' to be present at f000:0000, which is normally R/O reserved BIOS memory and never reached by the XTEA decryption loop here anyway.

2bitsin on 2023-09-23 19:21: Hey don't give away the solution xD

cnathansmith on 2023-09-23 19:31: That's not the solution, though. I'm trying to understand if it's something as convoluted as it appears or if I'm just completely overlooking something lol

2bitsin on 2023-09-23 19:35: Well you're off to a good start, let's say that.

2bitsin on 2023-09-23 19:36: Could you please redact that specific number out so it does not get spolyed too easily.

cnathansmith on 2023-09-23 21:04: There's no way to edit comments so I apologize, but I also haven't figured out how that value is remotely related to the solving for the actual keys, which is why I came looking for some guidance.

2bitsin on 2023-09-25 18:06: well that number is supposed to give you a hint, if I say any more it'll just spoil the solution

2bitsin on 2023-09-25 18:10: You're literally one step away from solving this

cnathansmith on 2023-09-25 20:42: Thank you. I solved it and posted a write-up last night, but approvals always take a while.

2bitsin on 2023-09-25 21:29: Nice! Thanks for playing :-) I posted this on a ctf board at work and noone seemed to give enough of a try to actually go beyond trying "strings floppy.img" and hope they get lucky.

cnathansmith on 2023-09-26 10:59: Sounds about right. I guess I don't know enough about floppy emulation to find the simpler solution you had in mind. I just ended up removing the hardware locking. https://github.com/charlesnathansmith/crackmes/blob/main/floppy/README.md

cnathansmith on 2023-09-26 12:34: Actually I just figured out there's a --romfile option in qemu that probably does what I wanted, but I think what I ended up doing worked out better because it doesn't require the copyrighted ROM image

2bitsin on 2023-09-26 23:00: Very nice write up, loved it. You did one hell of a cracking session there :-).

cnathansmith on 2023-09-27 01:22: Thanks!

tttt on 2023-09-27 14:30: lol

You must be logged in to submit a writeup

Solution by cnathansmith on 2023-09-24 21:14:
Long writeup is loooooong. But there's a lot to cover and we look at all of it.

Download

crackmes.one

crackmes.one

2bitsin's Secret message from a traveller