EH4XCTF
another ctf
Introduction
So it’s been a while since I last uploaded a blog post or CTF write-up but here we are! This was a last-minute CTF, and we managed to complete around five to six challenges. In this post, I’ll be covering the forensics challenges
Baby Serial
Looking at the file type and its description this is just a classic serial communication challenge. Given a sal file named ‘babyserial.sal’ then we can take a peak through logic 2 app
We used logic analyzer to analyze the captured UART signal. Initially, I started with the defualt settings, but using the wrong bit rate or baud rate cause framing errors, making ti difficult to interpret the data or waveform correctly.
I then brute-forced the baud rate by testing different values until the framing errors were resolved. Turns out the value that we achieved is 115200 Bits/s
When we examined the strings, we quickly identified that they were Base64-encoded strings. After decoding them, we noteiced that the first line matched the PNG file signature or image header (refer image below). From there, we converted the decoded data into an image file format.
Lastly, we got the flag!
