ph0wn CTF 2017 Write-up: Misc/helpxman - Stage 1
When wearing the smart glasses, we can see there is an application called
Ph0wn Glasses
. Go to that application (by using controller on the glasses, we can see one QR code appears on the screen.
The QR code is much likely have information about the flag. Let's try to read it!
- Connect the smart glasses with the (ADB already installed) computer.
- From the command prompt of the computer (
Ctrl+R
--> Typecmd
--> PressEnter
). Type:
> adb devices
List of devices attached
* daemon not running. starting it now at tcp:5037 *
* daemon started successfully *
IDOFTHEDEVICE device
=> Make sure the ID of the device appear as above. Otherwise, we have to:
- Turn on
Developer options
in the Settings of the glasses. (The glasses is running Android, so it's the same as any other Android devices). - Restart
ADB service
on host computer:> adb kill-server
- Try to connect with the device (glasses) again:
> adb devices
- On the smart glasses, browse to the application, so that the QR code image appears on the screen. The idea is we try to take a screenshot of the glasses, pull it to our host computer and read it by QR code reader.
- Take a screen shot by
adb
command:
> adb shell screencap -p /sdcard/screencap.png
The screenshot will be saved in the glasses' SDcard.
- Pull the file to host computer (current working folder):
> adb pull /sdcard/screencap.png .
- View the image:
> screencap.png
- Now, let's read the QR code. No need to make things complecated, let's choose a very simple way: show the image on computer's creen, read it with the Barcode scanner app on our normal phone.
It's quickly be recognized as follows:
So, the flag is:
Ph0wn{ScottWishesHeHadOurSmartGlasses}
And, we note the key
X@M
for the next stage.
Comments