From 2b1425766d6863f2e8caca27c44175649dbd093d Mon Sep 17 00:00:00 2001 From: Eun0us Date: Thu, 26 Mar 2026 17:32:54 +0000 Subject: [PATCH] test update --- ESP/ESP_Start/README.md | 64 ++--------------------------------------- 1 file changed, 2 insertions(+), 62 deletions(-) diff --git a/ESP/ESP_Start/README.md b/ESP/ESP_Start/README.md index a2ccf14..3be62ab 100644 --- a/ESP/ESP_Start/README.md +++ b/ESP/ESP_Start/README.md @@ -1,63 +1,3 @@ -# ESP Start — Solution +# test -**Difficulty:** Easy | **Category:** ESP | **Flag:** `ESPILON{st4rt_th3_w1r3}` - -## Overview - -Flash the provided firmware onto an ESP32. On boot, the device outputs an -XOR-encrypted flag along with the XOR key via UART at 115200 baud. - -## Step 1 — Flash the firmware - -```bash -esptool.py --chip esp32 --port /dev/ttyUSB0 --baud 460800 write_flash -z \ - 0x1000 bootloader.bin \ - 0x8000 partition-table.bin \ - 0x10000 hello-espilon.bin -``` - -## Step 2 — Read the UART output - -```bash -screen /dev/ttyUSB0 115200 -# Or: -minicom -D /dev/ttyUSB0 -b 115200 -``` - -The device prints: - -```text -=== Hello ESP === -System ready. - -Encrypted flag: 09 12 19 07 00 0E 07 35 3F 35 7D 3C 38 1E 3D 26 7F 1E 3E 7F 3E 72 34 -XOR Key: 4C 41 49 4E -``` - -## Step 3 — Decrypt the flag - -XOR key is `LAIN` (`4C 41 49 4E`). Apply it cyclically: - -```python -enc = bytes([0x09,0x12,0x19,0x07,0x00,0x0E,0x07,0x35, - 0x3F,0x35,0x7D,0x3C,0x38,0x1E,0x3D,0x26, - 0x7F,0x1E,0x3E,0x7F,0x3E,0x72,0x34]) -key = b"LAIN" -flag = bytes(b ^ key[i % len(key)] for i, b in enumerate(enc)) -print(flag.decode()) -# ESPILON{st4rt_th3_w1r3} -``` - -## Key Concepts - -- **ESP32 flashing**: `esptool.py` writes bootloader, partition table, and application at their respective offsets -- **UART monitoring**: ESP32 default baud rate is 115200, 8N1 -- **XOR cipher**: Simple symmetric cipher — key is broadcast in plaintext here as an intro challenge - -## Flag - -`ESPILON{st4rt_th3_w1r3}` - -## Author - -Eun0us +hello world