# Ekoparty pre-challenges 2k16 - roboto (80)


$ wget 'https://ctf.ekoparty.org/static/pre-ekoparty/roboto.elf'
$ sudo apt-get install binutils-avr
$ avr-objdump --disassemble-all roboto.elf | less

$ cat roboto.py
import re
import r2pipe

def get_instruction():
 i = r2.cmdj('pdj 1~:0')[0]
 return int(i['offset']), i['opcode'].split()

def get_value(wv, dv):
 if wv == 0x1 and dv == 0x96:
  return '-'
 elif wv == 0x1 and dv == 0xa:
  return '.'
 elif wv == 0x0 and dv == 0x28:
  return ' '
 else:
  return ''

def step(v = 1):
 r2.cmd('so ' + str(v))

BEGIN = '0x00000fba'
END = int('0x00001a46' , 16)

a = 0
code = ''

r2 = r2pipe.open(filename = 'roboto.elf', flags = ['-A'])

r2.cmd('s ' + BEGIN)

while a != END:
 a, o = get_instruction()
 #print a, o
 wv = int(o[2], 16)
 step(2)
 a, o = get_instruction()
 #print a, o
 dv = int(o[2], 16)
 step(5)
 a, o = get_instruction()
 #print a, o
 if 'ser' in o[0]:
  # add space
  dv *= 2
  step(5)
  a, o = get_instruction()
 # add value
 code += get_value(wv, dv)

print 'morse = ' + code

r2.quit()

$ python roboto.py 2> /dev/null
morse = . -.- --- -.--. --- .-.. -.. .-.-.- .. ... .-.-.- -. . .-- .-.-.- .- --. .- .. -. -.--.-

$ git clone https://github.com/morse-talk/morse-talk.git
$ cd morse_talk
$ sed -i -e '0,/-.--.-/ s/-.--.-/-.--./' morse_talk/encoding.py # Wrong left parenthesis

$ ipython
In [1]: import morse_talk

In [2]: morse_talk.decode('. -.- --- -.--. --- .-.. -.. .-.-.- .. ... .-.-.- -. . .-- .-.-.- .- --. .- .. -. -.--.-').replace('(', '{').replace(')', '}').replace('.', '_')
Out[2]: 'EKO{OLD_IS_NEW_AGAIN}'

No comments: