# Observe The Wired -- Solution

## Overview
CoAP node with observable stream. Recover fragments, decode the firmware blob, then POST the maintenance key.

## Steps

1. Discover resources
```bash
coap-client -m get coap://HOST/.well-known/core
```

2. Get fragments A and B
```bash
coap-client -m get coap://HOST/status
coap-client -m get coap://HOST/telemetry/heart
```

3. Observe the stream for fragment C
```bash
coap-client -m get -s 30 -o coap://HOST/wired/stream
```
Capture the JSON notification that includes `fragment_c`.

4. Build XOR key
Concatenate fragments in order A + B + C:
```
WIRED + LAIN + 23 = WIREDLAIN23
```

5. Download firmware blob
```bash
coap-client -m get coap://HOST/archive/firmware
```
Save the base64 data between `FIRMWARE_B64_BEGIN` and `FIRMWARE_B64_END` into `firmware.b64`.

6. Decode the blob
```bash
python3 decode.py firmware.b64
```
The JSON includes `maintenance_key`.

7. Unlock and get the flag
```bash
coap-client -m post -e '0BS3RV3-L41N-23' coap://HOST/maintenance/unlock
```

## Flag
`ESPILON{c0ap_0bs3rv3_th3_w1r3d}`

## Author
Eun0us