Description “I sealed my master phassphrase on this device and protected it using my own TOTP algorithm. Can you recover it ? Once ready, come to the organizers desk to validate your solution on the device. (No connection to the device allowed)” Solution I didn’t solve this challenge on my own, but with nice team work with another team mate :) Overview of the device The device is a M5 Core (we used M5 Core Ink at Ph0wn CTF).

Actually, you’re not that welcome… ;-) You’ll understand why. Update March 28, 2023. Solutions to protect your computer. Update April 27, 2024. How they did the Welcome challenge in 2024. Description of the challenge “Welcome to Insomnihack! No bruteforce is needed! Simply run the following command on the attached file, and wait for the flag (it should take up to 1 minute). docker-compose up Have fun!” The challenge also provided a docker-compose.

BeLE - Hardwear.io CTF 2022 The challenge is named “BeLE” and says there are several BLE devices + provides a Bluetooth PCAP file. PCAP file The PCAP file is small with only 5 packets. The first packet is a BLE Read Request to read the BLE characteristic with handle 0x2a 02 10 00 07 00 03 00 04 00 0a 2a 00 The second packet is a BLE Read Response. The characteristic has value f3 dd 42 04 de ed c3 fc 1 2 0000 02 10 20 0d 00 09 00 04 00 0b f3 dd 42 04 de ed 0010 c3 fc The third packet is a BLE Write Command on handle 0x48.