Challenge category:
Radio Frequency
Binary Exploitation Cryptography Forensics Miscellaneous Networks Open-Source Intelligence Radio Frequency Reverse Engineering Web Exploitation Welcome
50 Points

Hey, welcome to the radio frequency category!

Radio hacking can be a lot of fun, but what's not fun is getting the feds knocking at your door, paying fines, and getting your equipment confiscated. Before we let you dig into this category, let's get some housekeeping items out of the way.

We are not lawyers. We're not your lawyers. This isn't legal advice.

When playing with radios, never transmit unless you know what you're doing. Always check your local laws and legislations before you transmit. In the United States, unauthorized transmission outside of certain frequency bands is illegal and can even be considered a felony offense in some cases. Radio frequency is cool, but don't get in trouble!

You do not need to transmit for any of these challenges. You do not need any radio hardware for any of these challenges. All of these challenges were made to be solved without the need for real-life hardware.

This disclaimer isn't meant to deter. It's meant to educate and communicate that you should educate yourself on the specific legalities for your locality if you want to dive into the world of RF. Once again, this is not legal advice, and you do not need to transmit for any of these challenges.

Now that we've gotten that out of the way, let's give you the flag so you can ungate the rest of this category.


By: skat

I was listening to some banger jams on 920 MHz the other day when the broadcast was suddenly interrupted! The channel was just replaced with some erratic bursts of static before it went back to the music. I managed to capture the audio as well as the RF at 2 Msps at the time of the event. What happened?

$ shasum *
96c65f2f404fa6bc27a38a3b822ef2aefb404b92  radio_hijack.mp3
By: skat
Spicy Sines
491 Points

"RF is easy, I swear. It's all just spicy sines."

  • skat
By: skat
500 Points

On relaxing afternoons, I sometimes like to sit around and just watch the waves -- radio waves, that is!

On one particular afternoon as I was listening at a center frequency of 433 MHz, sampling at 2 Msps with a bandwidth of 2 MHz, I picked up some RF from my neighbor. Every time a signal was transmitted, I saw that some stuff happened around their house, so I think that this is some kind of a home remote control system.

I captured the signals and tried replaying them, but it didn't work! There must be some kind of a mechanism to prevent replay attacks. If you can complete the analysis of the captured signals, then we should be able to transmit our own commands to make their house go berserk!

Signal 1(a) and 1(b):
<message: "GARAGE OPEN"> .. <message: "GARAGE CLOSE">

Signal 2(a) and 2(b):
<message: "ROOM 1 LIGHTS ENABLE"> .. <message: "ROOM 1 LIGHTS DISABLE">

Signal 3(a) and 3(b):
<message: "ROOM 2 LIGHTS ENABLE"> .. <message: "ROOM 2 LIGHTS DISABLE">

Signal 4(a) and 4(b):

Signal 5(a) and 5(b):
<message: unknown> .. <message: unknown>

Signal 6(a) and 6(b):
<message: unknown> .. <message: unknown>

Signal 7(a):
<message: unknown>

These signals were transmitted in sequential order, so 1(a) was transmitted first, 1(b) second, 2(a) third, etc.

Kids these days are so used to using Wireshark to analyze wireless traffic, but what if the wireless traffic you're trying to analyze isn't Wi-Fi-based?

$ shasum
By: skat
500 Points

I had a conversation with a little birdie over the radio the other day. She told me her name is Laura and she's from a far away place. Then, she sent me the flag.

By: skat