Post

HackTheBox yoU ART Writeup

Posted
By x3ric
2 min read

Explore the basics of cybersecurity in the yoU ART Challenge on Hack The Box. This easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.

https://app.hackthebox.com/challenges/778

Description

We’ve discovered that the recent patch deleted critical files from the cybernetic enhancements. To restore functionality, we need to identify which files were removed. Diagnostics checks run during the device’s boot process and should reveal that information. We’ve connected our serial debugger to the device’s debugging interface, capturing the output from the transmitting pin. Can you analyze the data and help us pinpoint the missing files?

Exploitation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

from pwn import remote, sys

def get_process():
    try:
        host, port = sys.argv[1].split(':')
        return remote(host, int(port))
    except IndexError:
        print(f'Usage: python {sys.argv[0]} <ip:port>')
        exit(1)

class UARTReceiver:
    def __init__(self, connection, baud_rate=100, data_bits=8, parity=True):
        self.connection = connection
        self.baud_rate = baud_rate
        self.data_bits = data_bits
        self.parity = parity

    def receive_bit(self):
        bit = self.connection.recv(1).decode('utf-8')
        return int(bit)

    def calculate_parity(self, data_bits):
        return sum([int(bit) for bit in data_bits]) % 2 == 0

    def receive_byte(self):
        bit = self.receive_bit()
        while bit != 0:
            bit = self.receive_bit()
        data_bits = []
        for _ in range(self.data_bits):
            bit = self.receive_bit()
            data_bits.append(str(bit))
        binary_data = ''.join(data_bits[::-1])
        char = chr(int(binary_data, 2))
        if self.parity:
            parity_bit = self.receive_bit()
            expected_parity = 0 if self.calculate_parity(data_bits) else 1
            if parity_bit != expected_parity:
                print("Error: Parity bit mismatch")
        stop_bit = self.receive_bit()
        if stop_bit != 1:
            print("Error: Stop bit missing or incorrect")
        return char

def pwn(connection):
    receiver = UARTReceiver(connection, baud_rate=100, data_bits=8, parity=True)
    while True:
        print(receiver.receive_byte(), end='')

if __name__ == "__main__":
    connection = get_process()
    pwn(connection)

Summary

yoU ART on Hack The Box is an easy-level challenge focused on decoding data transmitted via a simulated UART (Universal Asynchronous Receiver-Transmitter) protocol. Participants interact with a remote service, implementing UART-specific features like start/stop bits, data bits, and parity checks to decode transmitted bytes. Using a Python-based solution, the challenge highlights key concepts in serial communication, error detection, and binary decoding, offering a practical introduction to hardware-level data transmission in cybersecurity.

challenge
htb challenge writeup linux hardware
This post is licensed under CC BY 4.0 by the author.