$ cat writeup.md…
$ cat writeup.md…
hackthebox
Task: Analyze Gerber PCB manufacturing files for irregularities in a drone flight controller. Solution: Visualize inner copper layers to find hidden flag text drawn with copper traces.
Your team has assigned you to a mission to investigate the production files of Printed Circuit Boards for irregularities. This is in response to the deployment of nonfunctional DIY drones that keep falling out of the sky. The team had used a slightly modified version of an open-source flight controller in order to save time, but it appears that someone had sabotaged the design before production. Can you help identify any suspicious alterations made to the boards?
The task provides an archive with Gerber files — a standard format for PCB (Printed Circuit Board) manufacturing. The files describe the "HadesMicro" board — a flight controller for drones.
HadesMicro-F_Cu.gbr - Front Copper layer
HadesMicro-B_Cu.gbr - Back Copper layer
HadesMicro-In1_Cu.gbr - Inner Copper layer 1
HadesMicro-In2_Cu.gbr - Inner Copper layer 2
HadesMicro-F_Silkscreen.gbr - Silkscreen markings
HadesMicro-F_Mask.gbr - Solder mask
HadesMicro-Edge_Cuts.gbr - Board outline
Gerber is a text format with coordinates and D-codes:
D01 — drawD02 — move without drawingD03 — flash/pointCoordinates are specified in the format X...Y...D...*
Multi-layer PCBs have inner copper layers that:
Wrote a Python script to extract coordinates from Gerber:
#!/usr/bin/env python3 """ Gerber file parser and visualizer for PCB analysis. Extracts coordinates and renders copper layers. """ import re import matplotlib.pyplot as plt from pathlib import Path def parse_gerber(filepath): """Parse Gerber file and extract drawing coordinates.""" coordinates = [] current_x, current_y = 0, 0 with open(filepath, 'r') as f: content = f.read() # Pattern for coordinates: X<num>Y<num>D<code>* pattern = r'X(-?\d+)Y(-?\d+)D(\d+)\*' for match in re.finditer(pattern, content): x = int(match.group(1)) y = int(match.group(2)) d_code = int(match.group(3)) if d_code == 1: # Draw coordinates.append((current_x, current_y, x, y, 'draw')) elif d_code == 2: # Move coordinates.append((current_x, current_y, x, y, 'move')) elif d_code == 3: # Flash coordinates.append((x, y, x, y, 'flash')) current_x, current_y = x, y return coordinates def visualize_layer(filepath, title="PCB Layer"): """Render a Gerber layer using matplotlib.""" coords = parse_gerber(filepath) fig, ax = plt.subplots(figsize=(12, 10)) for x1, y1, x2, y2, action in coords: if action == 'draw': ax.plot([x1, x2], [y1, y2], 'b-', linewidth=0.5) elif action == 'flash': ax.plot(x1, y1, 'ro', markersize=1) ax.set_aspect('equal') ax.set_title(title) plt.savefig(f"{title.replace(' ', '_')}.png", dpi=300) plt.show() # Visualize all copper layers layers = [ ('HadesMicro-F_Cu.gbr', 'Front Copper'), ('HadesMicro-B_Cu.gbr', 'Back Copper'), ('HadesMicro-In1_Cu.gbr', 'Inner Layer 1'), ('HadesMicro-In2_Cu.gbr', 'Inner Layer 2'), ] for filepath, name in layers: if Path(filepath).exists(): visualize_layer(filepath, name)
When visualizing the inner layers, text drawn with copper traces was discovered:
0f_313c720n1c5#$@} — end of the flag533_7h3_1nn32_w02k1n95_ — middle of the flagCombining the parts in the correct order:
HTB{ + 533_7h3_1nn32_w02k1n95_ + 0f_313c720n1c5#$@}
533_7h3_1nn32_w02k1n95_0f_313c720n1c5
see_the_inner_workings_of_electronics
The flag literally says "see the inner workings of electronics" — a hint about the inner PCB layers.
Use this technique when:
$ cat /etc/motd
Liked this one?
Pro unlocks every writeup, every flag, and API access. $9/mo.
$ cat pricing.md$ grep --similar