Writeup: Glitch The Wired - EspilonCTF (Hardware)

Challenge Info

• Category: Hardware / Fault Injection
• Service: tcp://espilon.net:38740
• Flag Format: ESPILON{...}
• Description: A WIRED-MED secure boot module is exposed on the lab bench. You have access to the power rail and can inject voltage glitches. Find the right timing to bypass signature verification and access the debug console.

Solution

Step 1: Recon

Connected to the service and ran help to enumerate available commands:

help          Show this help
status        Show current glitch parameters
observe       View boot sequence trace with cycle timings
set_delay N   Set glitch delay (cycles before trigger)
set_width N   Set glitch pulse width (cycles)
arm           Arm the glitch module
trigger       Fire the glitch and observe boot
read_console  Read debug console (after successful glitch)

Step 2: Observe Boot Sequence

Used observe to view the boot trace with cycle timings:

[    0- 1000] ROM_INIT        | ROM bootloader initializing...
[ 1000- 2000] FLASH_READ      | Reading firmware from flash...
[ 2000- 3000] HASH_COMPUTE    | Computing SHA-256 digest...
[ 3000- 3200] SIG_LOAD        | Loading RSA signature from OTP...
[ 3200- 3400] SIG_VERIFY      | Verifying firmware signature...
[ 3400- 4000] APP_LOAD        | Loading application into SRAM...
[ 4000- 5000] APP_RUN         | Jumping to application entry point...

The target is SIG_VERIFY at cycles 3200–3400. A voltage glitch during this window can cause the verification to be skipped.

Step 3: Calibrate the Glitch

Set delay=3300 (middle of SIG_VERIFY window) and experimented with pulse width:

The sweet spot is a width of 10 cycles — enough to corrupt the verification logic without crashing the whole system.

Step 4: Exploit

set_delay 3300
set_width 10
arm
trigger
read_console

Output:

[WIRED-MED DEBUG CONSOLE]
Firmware: v2.3-unsigned
Boot: INSECURE (sig_verify skipped)
Maintenance token: ESPILON{gl1tch_byp4ss_s3cur3_b00t}
[END]

Flag

ESPILON{gl1tch_byp4ss_s3cur3_b00t}