Badge Hacking WriteUp Help

2025 Mile High Flags

Flag 1

1.) Turn on the badge and record the light flashes (video uploaded here)

2.) Transcribe the 8 LEDS to binary strings

01010111 01000111 01001110 01111011 01110111 00110100 01101110 01110100 00110011 01100100 01011111 01100100 00110011 00110100 01100100 01011111 00110000 01110010 01011111 00110100 01101100 00110001 01110110 00110011

3.) CyberChef Decode (LINK)

Flag 2

This is the serial message that will appear after the ascii art. It will take a while for it to pop up

Serial Output

_╓▄▓▓▓╬╩^``▒_,░µ_ _ ,▓▓╬╢╩`╓Ü@D╚╩``╙╙╩Ü=_-╔___ ╓▓▓█╬╬Ü#R`Ü ` '|»░`░_ ║▓█▓╬▒░░Ü ```` `╙\² ▓█▓█▓╬Ü` ' ▓█▓███╬Ü ▐█▓▓██╬╩H ║█▓██▓╬_ '▓▓▓██▓▒╓_ ' ___ █▓▓██╩▀▀▓▄▓_ _______ ▀║▓██▓▓Ö╠╬█▌,,`╠╠╩▓DHφ_ __,,,╔▄ '▀%╣▓█╣╠╬▒╠█▓ \_ ╠== ` j ' ║██▓╬▒╣███ `` , ║▓▓╬╣╫╫▓██▒ `ⁿq∩ ╠▓█╣╬║▓███▓_ _ '_ ║▓▓█▓▓██████▒_ ╠▓█████▌╬▒╬Ü▒__╓_,_ |║▓█▓██╬███╬▀╙^`````╚▒ [╣█▓█╬╣▓█▒▒∩▒__ ╙╠▓▓╬╬╣██╣▒_╙` .╓╖__ ⁿ^╠║╬╠╬╩║╝Ñ╬▒__ ╣▓▓███▓▄╖,_ |▒╩╣╬]╠ÜÜ╠╬╬R@╓╦∩ ,▓█████▓█▓▓▓▓▓██▓▄, `╔╬╬╣▒╩▒▒∩Ü╠Ü║▒¼ _╣▓████▓█▓▓███▓▓▓▓▓▓▓██▄, ,▄╣╬╬Ñ╬▒╬╬╩ÜÜ╩╩ ╔▓▓█▓▓▓▓▓▓▓█▓█▓█▓██▓▓▓▓▓▓██▄ _╓▄██▓╬╬╠▒^ÜÅ╚╙▒[ÜÄ ,╔▓█▓█▓▓▓▓▓▓█▓▓▓███▓█▓▓▓▓▓▓▓▓▓ ,▄███████╬╬╬░Ü╙²- ╠_ , ▄▄▓▓█▓██▓▓▓█▓▓▓▓▓▓██▓▓██▓▓█▓▓▓▓▓ ▄████████████▓▒^▒UÜ _jÜ`=_ µ▓▓█▓█████▓█▓▓█▓▓▓▓██▓██▓█▓█▓▓▓▓▓█▓ ╔█████████████████▓▓@▄▒╔╠╗▄,_╓-__╒,╦╬█████████████▓▓▓▓▓█▓▓▓▓█▓▓▓▓▓▓███▓ ╔██████████████████████████████▓██▓▓████████▓████▓▓▓█▓██▓█▓▓██▓█▓▓█▓█▓██ JVNJAAADAAAAABAAAAAP77YAAC4AAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAOD65A4AFUBHGSDOABJTGSCVDINFZSA4DSN5TXEYLNEBRWC3TON52CAYTFEBZHK3RANFXCARCPKMQG233EMUXA2DIKEQAAAAAAAAAAAUCFAAAEYAIDABZYFCHUAAAAAAAAAAAABYAAEIAAWAJQAAAAQAAAAAEAAAAAAAAABKRHAAAAAIAAAAAEAAAAAAAEAAAAEAAAAAACAAAAIAAAAAAAAAAAAQAAAAAAAAAAAAEAAAAAAAQAAAAAAAAAAMAGBBIAAAIAAAAQAAAAAAAQAAABAAAAAAAAAAAQAAAAAAAAAAAAAAAAABMCOAAAJ4AAAAAAIAAAAKAFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAAAAAYAAAACECMAAAKQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAACAAAAAAAAAAAAAAAAAABAQAAACIAAAAAAAAAAAAAAAAAAXHIZLYOQAAAAFQA4AAAABAAAAAACAAAAAAEAAAAAAAAAAAAAAAAAAAAAACAAAAMAXHE43SMMAAAABIAUAAAACAAAAAABQAAAAAUAAAAAAAAAAAAAAAAAAAAAAEAAAAIAXHEZLMN5RQAAAMAAAAAADAAAAAAAQAAAABAAAAAAAAAAAAAAAAAAAAAAAEAAAAIIAAAAAAAAAAAAAAAAAAAAAAAAAIYJYAAAAAAAAAJAAAAAACAACQBPBAAAAMYBIAAAAQAAAAAIAAABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGMAEABEAAAAAAEAAAEIAPYAQAAAEN4HAAAAKRUIQAAABBILAWKYXAADAO7QBAAAAIB3PB4AAACQ5MHIZ2AAHC5MAWB36AEAAABDPBYAAACX6AQGAQLOYAZZRAAAABIGSWAAJFIFAAKRCAIUBCAAABIACULTSAEAAA4EAAEAAABBKIJJUUQQBAAAQAAAAAAAAYAAAAB3DILRQFYZTAMZRHEAAAAAAAUAGYAAAADWACAAAEN7AAACYAIAAAQACAAACGU3UOJUW4Z3TAAAAAAEYAQAAALAAAAACGVKTADCAIAAACAAAAABDI5KUSRAAAAANIBAAAD4AAAAAENBGY33CAAAAAAAAAAAAEAAAAFLRIAQABEAAAAAA7IATGAAWAAAACAAAAAIQAAAAAIAAAAABAAAAABAAAAABCAAAAAGQAAAAAEAAAAABAAAAAAIAAAAAAAFJAEAQAAAAAAAAMAHOAD7ACBQALEA74AIGAAPAB2YBB4AB4AQAAADAAWYAO4AQMACAAHDQCBQAW4AMOAIGAB2ABRYBAYAJCAGHAEDAADQBY4AQMACEADDQCBQA2YAP4AIGAATQD7QBAYADEAH6AEDAANYCXMAQMAERAG5QCBQA3EA3WAIAAAAAAAIAAAAAAAABAAAQAAAACAALGAIAAA6QAAIAAEABCAAKAA5AAUBAAAAAAAERACRQCPIAAEAKIIAAAAAABEIAYIAUCAABACTSAAAAAAAIMGG6AEDAAAIAWAQAAAAAACIRRZABIEAACAAJADPACAIACEAN4AIGAAMQBXQBBIACSAG6AEIAAMIA3YARAABZADPACEAAIEAN4AIQABEQBXQBCAAFCAG6AEIAAWIA3YARAADBADPACAIANEAN4AIVABYQBXQBCUAICAEYAERABAIAFUBCMAEBADPACKYAPEAN4AIGAATQAWYA5YAC4AALABCQALQACMAE4ABOAANQA3IAFYACGADWAAXAAKYAWQAC4ABTAC7QALQAHMAMUABOABBQBVYAFYAEWAFUAAXAAUYAWQAEGADDADRAAQYANMAOQAA2AACIAAAAAEAAAAAAAAAAAAAAAAAAAAFDAEAAACIAAAAAAAAAAAAAAAAAGEAA6AAAAAAAAAAAAA6E233EOVWGKPQAMRQXIYIAKN4XG5DFNUXFE5LOORUW2ZIAIRSWE5LHM5QWE3DFIF2HI4TJMJ2XIZIAJZ2WY3DBMJWGKQLUORZGSYTVORSQAQLTONSW2YTMPFKGS5DMMVAXI5DSNFRHK5DFABKGC4THMV2EM4TBNVSXO33SNNAXI5DSNFRHK5DFABAXG43FNVRGY6KGNFWGKVTFOJZWS33OIF2HI4TJMJ2XIZIAIFZXGZLNMJWHSSLOMZXXE3LBORUW63TBNRLGK4TTNFXW4QLUORZGSYTVORSQAQLTONSW2YTMPFBW63TGNFTXK4TBORUW63SBOR2HE2LCOV2GKACSMVTFGYLGMV2HSUTVNRSXGQLUORZGSYTVORSQAQ3PNVYGS3DBORUW63SSMVWGC6DBORUW63TTIF2HI4TJMJ2XIZIAIFZXGZLNMJWHSUDSN5SHKY3UIF2HI4TJMJ2XIZIAJZ2WY3DBMJWGKQ3PNZ2GK6DUIF2HI4TJMJ2XIZIAIFZXGZLNMJWHSQ3PNVYGC3TZIF2HI4TJMJ2XIZIAKJ2W45DJNVSUG33NOBQXI2LCNFWGS5DZIF2HI4TJMJ2XIZIAKN4XG5DFNUXFE5LOORUW2ZJOKZSXE43JN5XGS3THABJXI4TJNZTQAZ3FORPUYZLOM52GQACUOJQWS3AAKRZGC2LMFZSGY3AAKBZG6Z3SMFWQAU3ZON2GK3IAJVQWS3QAKN4XG5DFNUXFEZLGNRSWG5DJN5XAAQ3IMFZAALTDORXXEABOMNRXI33SABJXS43UMVWS4RDJMFTW433TORUWG4YAKN4XG5DFNUXFE5LOORUW2ZJOINXW24DJNRSXEU3FOJ3GSY3FOMAEIZLCOVTWO2LOM5GW6ZDFOMAGOZLUL5BWQYLSOMAE6YTKMVRXIAAAAAACSUAAIAAESAD4ABQAANYANMAGGACYAB2QA4QAGIAG6ACYABQQANAAOEADIADVAB5AAAAAJS4BZ2CCTJQUTKJVWCEJLULXNEAAIIABAEEAGIAAAECSAAIBCEIQIIABAEHAIIABAECQOBYEDUBQQAQOAMQAACAEEAAQGCAFEAAQCHIDBCYD6X37CHKQUOQCAYHAGAAABYBQAAABBAAQACAAAAAAAAA6AEAACACUAILFO4TBOBHG63SFPBRWK4DUNFXW4VDIOJXXO4YBBAAQABYBAAAAAAB5AEABQLSOIVKEG33SMVAXA4BMKZSXE43JN5XD25RZFYYACACUBYKEM4TBNVSXO33SNNCGS43QNRQXSTTBNVSQQLSOIVKCAOJOGAFACAAFKRZGC2LMAAAAUAIAAVCGKYTVM4AAADABAADTCLRQFYYC4MAAAAFACAAFGEXDALRQAAAAKAIAAEAAABIBAAAAAAAIAEAAWAAAAAAAAAAAAAAABK74USRQAAKNKABAAAAAKUAAAAG4EYAABXAIAAAAAAAAAAAAAAAAAEAAAAATAAAAAJYAAAADCJYAAAYQSAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAUSTIRJR2K22BJA324CCRU4SZVEQ6NY7YAIAAAAEGOS4KVZWK4TTLRGWS23FEBDGK3DDNBOEIZLTNN2G64C4KRZGC2LMLRXWE2S4IRSWE5LHLRXGK5BZFYYFYVDSMFUWYLTQMRRAAU2IIEZDKNQADUVVUCSBXVYEEDJZFTKJB43R7SV7ZJBDEP2X432CDQOMMKOWDYEIAJYAAAAAAAAAAAAAAAE2E4AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIYJYAAAAAAAAAAAAAAAAAABPUG33SIV4GKTLBNFXAA3LTMNXXEZLFFZSGY3AAAAAAAAH7EUACAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAIAAAAAEAAABAAYAAAAAUAAACAAAAAAAAAAAAAAAAAAAAAAAAAQAAIAAAADQAAAQAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAQAAAANAAABAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAAAABIAMAABECAAAAJQAQAAAAAAAAAAAAAAAEYAI2AAAAAKYAFGAC7ABLAARIAKIAFGACJABHQATQAL4AESACOABDAATYAAAAAAAF5ATX74AAAAEAAAAABAAAAAAAAAAAACAAAAAAAAPYAAAAAAAAAAACAAAAAAEAAAAAAAAAAAAAAAAAAAAAAABCAAAAAAEAFMADBABZAARQANEAGYADFABEQA3QAMYAG6AAAAAAAAJAAAQAAAACUABZAAYIANYAHGADMABQQA5AANEAG6ADOAAAAAAAAAAALABHYAEAAAAIAKMAHIADSABUQA3QAM4AEMADJABWAAZIAJEAG4ADGABXQAAAA2QAQAAABAAYAAMAAGAADAABQAA2AAYQAGAAAAABMAADAAAIAIMAG6ADNABYAAYIANYAHSACOABQQA3IAMUAAAAAAABKAA4QAMEAGSADMAAAAANAAAYAACACGABUQA3AAMUAEIADFABZQAYYAOIAGSADQAB2AA2IAN4AG4AAAAAAAAVAAOIAGCADJABWAAAAAGAAAQAABABDAA2IANQAGKACWABSQA4QAOMAGSADPABXAAAAAAAADCABOAAYAALQAGAAC4ABQAAAAANAABIAACACJABXAA5AAMUAHEADOABQQA3AAJYAGCADNABSQAAAAKQAHEADBABUQA3AAFYAGIADMABWAAAAAFAAAEAABABGAAZIAM4AGCADMABBQA3YAOAAHSADSABUQAZYANAAHIAAAAAQAAAAAHQAAUAABABHQA4QANEAGOADJABXAAYIANQAEMADJABWAAZIANYAGCADNABSQAAAAKQAHEADBABUQA3AAFYAGIADMABWAAAAAFQAAMAABABIAA4QAN4AGIADVABRQA5AAJYAGCADNABSQAAAAAAAFIADSABQQA2IANQAAAABQAADAAAIAKAAHEADPABSAA5IAMMAHIACWABSQA4QAOMAGSADPABXAAAAAGEAC4ABQAAXAAMAAAAADQAAIAAAQAQIAOMAHGADFABWQAYQANQAHSABAABLAAZIAOIAHGADJABXQA3QAAAADCABOAAYAALQAGAAC4ABQAAAAAOCDAAAOUAIAAAAAAAAAAAAAAAHPXO7TYP3YNVWCA5TFOJZWS33OHURDCLRQEIQGK3TDN5SGS3THHURFKVCGFU4CEIDTORQW4ZDBNRXW4ZJ5EJ4WK4ZCH47A2CQNBI6GC43TMVWWE3DZEB4G23DOOM6SE5LSNY5HGY3IMVWWC4ZNNVUWG4TPONXWM5BNMNXW2OTBONWS45RREIQG2YLONFTGK43UKZSXE43JN5XD2IRRFYYCEPQNBIQCAPDBONZWK3LCNR4USZDFNZ2GS5DZEB3GK4TTNFXW4PJCGEXDALRQFYYCEIDOMFWWKPJCJV4UC4DQNRUWGYLUNFXW4LTBOBYCELZ6BUFCAIB4ORZHK43UJFXGM3ZAPBWWY3TTHURHK4TOHJZWG2DFNVQXGLLNNFRXE33TN5THILLDN5WTUYLTNUXHMMRCHYGQUIBAEAQDY43FMN2XE2LUPE7A2CRAEAQCAIBAHRZGK4LVMVZXIZLEKBZGS5TJNRSWOZLTEB4G23DOOM6SE5LSNY5HGY3IMVWWC4ZNNVUWG4TPONXWM5BNMNXW2OTBONWS45RTEI7A2CRAEAQCAIBAEAQDY4TFOF2WK43UMVSEK6DFMN2XI2LPNZGGK5TFNQQGYZLWMVWD2ITBONEW45TPNNSXEIRAOVUUCY3DMVZXGPJCMZQWY43FEIXT4DIKEAQCAIBAEA6C64TFOF2WK43UMVSFA4TJOZUWYZLHMVZT4DIKEAQCAIB4F5ZWKY3VOJUXI6J6BUFCAIB4F52HE5LTOREW4ZTPHYGQUPBPMFZXGZLNMJWHSPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAABQAAAAFMG4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA===

Convert message

Using Cyberchef with magic we can see that this is a exe and download it.

image_7.png

Seeing some of the strings output lead me to believe that it is a C# application. We could verify that with Detect It Easy but dotpeek can quickly tell us also.

DotPeek

I used dotpeek to analyze the binary but ilspy and dnspy (my favorite) work just as well

image_6.png

Code Block

// Decompiled with JetBrains decompiler // Type: Program // Assembly: Trail, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null // MVID: E81CB84C-9A42-4961-A935-B08895D17769 // Assembly location: C:\Users\NSSte\Downloads\download.exe #nullable enable internal class Program { private static string data = "P@I|`7kcXur2oXa4q4uz"; private static string Trail() { char[] chArray = new char[Program.data.Length]; for (int index = 0; index < Program.data.Length; ++index) chArray[index] = (char) ((uint) Program.data[index] ^ 7U); return new string(chArray); } private static void Main() { } }

Script to undo

def decrypt(data: str) -> str: return ''.join(chr(ord(c) ^ 7) for c in data) encrypted_data = "P@I|`7kcXur2oXa4q4uz" decrypted_text = decrypt(encrypted_data) print(f"Decrypted text: {decrypted_text}")

Flag 3

There is a mysterious signal message sent in MQTT

{ "broadcast_event": 12, "data": "tnNHCuwT/ixFcK9BIcyufJDohSTwxb76IoU+SJXdwO8SI63YopxMUcU2Vu5/JnpY", "date": "02/04/25", "time": "02:36AM UTC", "message": "Mystery Signal" }

I am thinking that the badge must be able to decode the data. So to send my badge this data I edit the NVS data on my badge to my own mqtt server. (See extra on this) Then I run the following command to dump most of memory.

python -m esptool dump_mem 0x40380000 393216 out.bin

We choose this memory section based on esp32 docs. (S3 mem sections from @precurse) (After further reading of docs we miss some of the upper parts but as this command works I am not going to deal with the headaches and change it)

Running strings on the binary file yields no useful results so instead I run stringsSquared (Tool I made for this see extra)

python stringsSquared.py out.bin | grep WGN{

Which outputs the flag

Decode: WGN{h1gh_n00n_sh0wd0wn}

Flag 4

The LED in the button right can randomly flash

https://youtube.com/shorts/ijG1FVzJa5s

The hardest part with this seeing how many colors there, it turns out there are only 4 Blue, Red, Green and cyan the others are just the led transitioning.

In our reading, the colors (red, blue, cyan) are “carriers” of the dot/dash information while green isn’t part of the signal at all – it is used as a separator. Moreover, when a letter is repeated three times (e.g. “RRR”, “CCC”, “BBB”) that indicates a long pulse (a “dash”), while a lone letter (e.g. “R”, “B”, “C”) is a short pulse (a “dot”). Finally, a single green “G” between pulses means “don’t break the letter” while a triple green “GGG” marks the end of a letter.

Let’s illustrate this with the data you provided. (We ignore the “///” header.)

Step 1. Separate out pulses from the green separators

The non‐green lines (the pulses) are interleaved with green lines. The single “G” lines mark a pause between pulses within one Morse–encoded letter, while a “GGG” signals that one letter is finished. (That is why sometimes you see a “GGG” on its own.)

For example, the very first part is:

RRR G R G C G R GGG

Here the pulses are: • RRR – a long red pulse (→ “dash”) • R – a short red pulse (→ “dot”) • C – a short cyan pulse (→ “dot”) • R – a short red pulse (→ “dot”)

So the first Morse symbol is: dash dot dot dot

Step 2. Interpret the dot/dash pulses as Morse code

Recall that in Morse code: • dash dot dot dot is the letter B.

Now let’s briefly go through all the groups (each group being the pulses between “GGG” separators):

Group 1: Pulses: RRR (dash), R (dot), C (dot), R (dot) Morse: –··· → B

Group 2: Pulses: B (dot), CCC (dash), B (dot), B (dot) Morse: ·–·· → L

Group 3: Pulses: B (dot), RRR (dash) Morse: ·– → A

Group 4: Pulses: RRR (dash), BBB (dash), B (dot), C (dot) Morse: ––·· → Z

Group 5: Pulses: B (dot) Morse: · → E

Group 6: Pulses: CCC (dash) Morse: – → T

Group 7: Pulses: B (dot), C (dot), C (dot), B (dot) Morse: ···· → H

Group 8: Pulses: R (dot) Morse: · → E

Group 9: Pulses: BBB (dash) Morse: – → T

Group 10: Pulses: B (dot), CCC (dash), B (dot) Morse: ·–· → R

Group 11: Pulses: B (dot), BBB (dash) Morse: ·– → A

Group 12: Pulses: B (dot), R (dot) Morse: ·· → I

Group 13: Pulses: B (dot), CCC (dash), R (dot), B (dot) Morse: ·–·· → L

Step 3. Put it all together

Reading the letters in order gives:

B L A Z E T H E T R A I L

Flag 5+

The images on the site has some interesting metadata

image_10.png

https://www.aperisolve.com/d053eca26e2ceded99a82cdc14a707ed

image_12.png
image_13.png

This gives us how the messages will be organized.

Downloading all the images to folder on my computer I then run

strings * | awk 'length($0) > 30'
image_14.png
image_15.png

The output message is then the flag you put in

Last modified: 17 February 2025
2024 Deadwood FlagsCharger Fix