# Glitch The Wired — Solution

## Overview

Simulated voltage glitching attack on a WIRED-MED secure boot module. The goal is to inject a fault during the signature verification phase to bypass it and access the debug console.

## Steps

1. Connect to the glitch lab:

```bash
nc <host> 3700
```

2. Observe the boot sequence:

```
observe
```

Note the cycle ranges — SIG_VERIFY runs at cycles 3200-3400.

3. Configure glitch parameters:

```
set_delay 3300
set_width 20
```

The delay targets the middle of the SIG_VERIFY window. Width of 10-30 cycles works.

4. Arm and trigger:

```
arm
trigger
```

If successful, the boot log shows "SIG_VERIFY ....... SKIPPED" and a debug shell activates.

5. Read the debug console:

```
read_console
```

The flag is in the maintenance token output.

## Key Concepts

- **Voltage glitching**: Briefly disrupting power supply to cause CPU instruction skips
- **Secure boot bypass**: Skipping signature verification allows unsigned code to run
- **Timing precision**: The glitch must overlap with the target operation's execution window
- **Width matters**: Too short = transient recovery, too wide = brown-out crash