Ph0wn 2018 - Wanna drink? Move your arm!
An ssh access to a Lego Mindstorms platform: ev3dev is given to control three motors of a robot arm. The goal is to open the fridge door.
Ph0wn aliens have abducted my coke and put it in the fridge. But, now, I am thirsty. Open the door with the robotic arm, and you will get a free coke … and a flag!
Fortunately, the aliens have left a few instructions in case they would format their internal memory.
You first must request access to the robot by giving your IP address, one team at a time. Then you can connect to the robot on ph0wn2018-robot with IP address 10.210.17.146
Once connected, you must make a program to move the arm and open the door. The door must rotate of 180 degrees to get the can. Knocking down the fridge is prohibited (you must get the can without destroying the fridge, you vandals!)
The flag is NOT in the robot system, it is printed on the coke can.
Oh, by the way, a very powerful lazer beam will strike your own computer if you were to erase to content of the system, or if you get the can without using the robotic arm.
Last but not least, they have noted the login/password on a post-it just next to the printed manual:
The flag has the usual format.
Points: 500 (intermediate)
The robotic arm was made with Lego:
When connecting to the server, we had an indication about the service used:
According to the documentention, the motors are located in the /sys/class/tacho-motor/ folder. Three motors were present: motor0, motor1 and motor3. It is possible to list all the available commands and parameters:
Basically we were interested by the speed and the movement of each motor. We were able to move them with the following commands:
After playing a bit with the tree motors, we were able to find that motor0 controls angular movement, motor1 vertical movements and motor3 is the pinch.
Finally it was only a matter of time to find the proper sequence to open the fridge door and the flag was stick to the can inside: