{"id":987,"date":"2024-09-15T07:38:13","date_gmt":"2024-09-14T22:38:13","guid":{"rendered":"https:\/\/emeth.jp\/diary\/?p=987"},"modified":"2024-09-15T07:40:34","modified_gmt":"2024-09-14T22:40:34","slug":"automotive-ctf-japan-writeup","status":"publish","type":"post","link":"https:\/\/emeth.jp\/diary\/2024\/09\/automotive-ctf-japan-writeup\/","title":{"rendered":"Automotive CTF Japan\u6c7a\u52dd\u306b\u53c2\u52a0\u3057\u305f\uff06writeup"},"content":{"rendered":"\n<p>9\/13(\u91d1)\u306b\u884c\u308f\u308c\u305fAutomotive CTF Japan\u306e\u6c7a\u52dd\u306b\u300cTeamONE\u300d\u306e\u30e1\u30f3\u30d0\u30fc\u3068\u3057\u3066\u53c2\u52a0\u3057\u3066\u304d\u305f\u3002\u7d50\u679c\u306f2\u4f4d\u3067\u3001\u7c73\u56fd\u30c7\u30c8\u30ed\u30a4\u30c8\u3067\u958b\u50ac\u3055\u308c\u308b\u300cAutomotive CTF 2024\u300d\u306e\u6c7a\u52dd\u306b\u53c2\u52a0\u3067\u304d\u308b\u3053\u3068\u306b\u3002<\/p>\n\n\n<div class=\"wp-block-su-blogcard\">\n\t<article class=\"wp-blogcard\" cite=\"https:\/\/vicone.com\/jp\/automotive-ctf\">\n\t\t<a\n\t\t\thref=\"https:\/\/vicone.com\/jp\/automotive-ctf\"\n\t\t\t\t\t\t\ttarget=\"_blank\"\n\t\t\t\t\t\t\t\t\t\trel=\"noopener noreferrer nofollow\"\n\t\t\t\t\t\tclass=\"wp-blogcard-item\"\n\t\t>\n\t\t\t\t\t\t<div class=\"wp-blogcard-content\">\n\t\t\t\t<div class=\"wp-blogcard-title\"><\/div>\n\t\t\t\t<div class=\"wp-blogcard-description\"><\/div>\n\t\t\t\t<div class=\"wp-blogcard-cite\">\n\t\t\t\t\t\t\t\t\t\t\t<img\n\t\t\t\t\t\t\tclass=\"wp-blogcard-favicon\"\n\t\t\t\t\t\t\tsrc=\"https:\/\/www.google.com\/s2\/favicons?domain=vicone.com&#038;sz=16\"\n\t\t\t\t\t\t\talt=\"\"\n\t\t\t\t\t\t\taria-hidden=\"true\"\n\t\t\t\t\t\t\/>\n\t\t\t\t\t\t\t\t\t\t<div class=\"wp-blogcard-domain\">vicone.com<\/div>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t<\/a>\n\t<\/article>\n<\/div>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><a href=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"797\" src=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-1024x797.png\" alt=\"\" class=\"wp-image-988\" srcset=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-1024x797.png 1024w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-300x234.png 300w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-768x598.png 768w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-624x486.png 624w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image.png 1071w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><figcaption class=\"wp-element-caption\">\u6c7a\u52dd\u306e\u7d50\u679c<\/figcaption><\/figure>\n<\/div>\n\n\n<!--more-->\n\n\n\n<h2 class=\"wp-block-heading\">\u53c2\u52a0\u30ec\u30dd\u30fc\u30c8<\/h2>\n\n\n\n<p>Automotive CTF Japan\u306f\u30aa\u30f3\u30e9\u30a4\u30f3\u306e\u4e88\u9078\u304c\u3042\u3063\u305f\u3093\u3060\u3051\u3069\u3001\u305d\u3061\u3089\u304c\u958b\u50ac\u3055\u308c\u3066\u3044\u305f\u671f\u9593\u306f\u307b\u3068\u3093\u3069\u6642\u9593\u304c\u53d6\u308c\u305a\u3001\u6c17\u304c\u4ed8\u3044\u305f\u3089\u5168\u5b8c\u3055\u308c\u3066\u3044\u30660\u70b9\u30d5\u30a3\u30cb\u30c3\u30b7\u30e5\u3092\u30ad\u30e1\u305f\u3002\u3053\u306e0\u70b9\u306f\u300c\u307f\u3093\u306a\u306e\u30b5\u30dd\u30fc\u30c8\u306b\u5fb9\u3057\u30660\u70b9\u300d\u3067\u306f\u306a\u304f\u300c\u4f55\u3082\u3057\u3066\u306a\u304f\u30660\u70b9\u300d\u306a\u306e\u3067\u3042\u308b\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-2.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"541\" src=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-2-1024x541.png\" alt=\"\" class=\"wp-image-990\" srcset=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-2-1024x541.png 1024w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-2-300x159.png 300w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-2-768x406.png 768w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-2-624x330.png 624w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-2.png 1322w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><figcaption class=\"wp-element-caption\">\u4e88\u9078\u306e\u7d50\u679c<\/figcaption><\/figure>\n\n\n\n<p>\u305d\u3093\u306a\u4e88\u9078\u3092\u7d4c\u3066\u3001\u30e1\u30f3\u30d0\u30fc5\u4eba\u304c\u9854\u3092\u5408\u308f\u305b\u305f\u306e\u306f\u3053\u306e\u65e5\u304c\u521d\u3060\u3063\u305f\u3002\u3068\u306f\u3044\u3063\u3066\u3082\u57fa\u672c\u306fDicsord\u3067\u30b3\u30df\u30e5\u30cb\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u53d6\u3063\u3066\u4f5c\u6226\u4f1a\u8b70\u3068\u304b\u52c9\u5f37\u4f1a\u3068\u304b\u30aa\u30f3\u30e9\u30a4\u30f3\u3067\u3084\u3063\u3066\u305f\u306e\u3067\u7279\u306b\u30b3\u30df\u30e5\u30cb\u30b1\u30fc\u30b7\u30e7\u30f3\u306b\u56f0\u308b\u3068\u3053\u308d\u306f\u306a\u304b\u3063\u305f\u3002<\/p>\n\n\n\n<p>Japan\u306e\u6c7a\u52dd\u3067\u306f\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u3092\u4f7f\u3063\u305f\u554f\u984c\u304c\u51fa\u308b\u3068\u4e8b\u524d\u306b\u30a2\u30ca\u30a6\u30f3\u30b9\u304c\u3042\u3063\u305f\u3002UART\u3084JTAG\u3001OpenOCD\u306a\u3069\u304c\u30ad\u30fc\u30ef\u30fc\u30c9\u3068\u3057\u3066\u6319\u3052\u3089\u308c\u3066\u305f\u306e\u3067\u3001\u4e8b\u524d\u306e\u6e96\u5099\u3068\u3057\u3066\u79cb\u6708\u3067UART\u3068JTAG\u306b\u4f7f\u3048\u308bUSB-\u30b7\u30ea\u30a2\u30eb\u5909\u63db\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u8cb7\u3046\u306a\u3069\u3057\u305f\u3002\u3053\u306e\u9031\u3084\u3051\u306b\u79cb\u8449\u539f\u306b\u884c\u3063\u3066\u3044\u305f\u306e\u306f\u3053\u306e\u6e96\u5099\u306e\u305f\u3081\u3067\u3042\u308b\u3002<\/p>\n\n\n<div class=\"wp-block-su-blogcard\">\n\t<article class=\"wp-blogcard\" cite=\"https:\/\/akizukidenshi.com\/catalog\/g\/g106503\/\">\n\t\t<a\n\t\t\thref=\"https:\/\/akizukidenshi.com\/catalog\/g\/g106503\/\"\n\t\t\t\t\t\t\ttarget=\"_blank\"\n\t\t\t\t\t\t\t\t\t\trel=\"noopener noreferrer nofollow\"\n\t\t\t\t\t\tclass=\"wp-blogcard-item\"\n\t\t>\n\t\t\t\t\t\t<div class=\"wp-blogcard-content\">\n\t\t\t\t<div class=\"wp-blogcard-title\"><\/div>\n\t\t\t\t<div class=\"wp-blogcard-description\"><\/div>\n\t\t\t\t<div class=\"wp-blogcard-cite\">\n\t\t\t\t\t\t\t\t\t\t\t<img\n\t\t\t\t\t\t\tclass=\"wp-blogcard-favicon\"\n\t\t\t\t\t\t\tsrc=\"https:\/\/www.google.com\/s2\/favicons?domain=akizukidenshi.com&#038;sz=16\"\n\t\t\t\t\t\t\talt=\"\"\n\t\t\t\t\t\t\taria-hidden=\"true\"\n\t\t\t\t\t\t\/>\n\t\t\t\t\t\t\t\t\t\t<div class=\"wp-blogcard-domain\">akizukidenshi.com<\/div>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t<\/a>\n\t<\/article>\n<\/div>\n\n\n\n<p>\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u304c\u4f55\u53f0\u51fa\u3066\u304f\u308b\u306e\u304b\u308f\u304b\u3089\u306a\u304b\u3063\u305f\u305f\u3081\u3001\u5404\u81ea\u3053\u306e\u8fba\u306e\u30c7\u30d0\u30a4\u30b9\u3092\u7528\u610f\u3057\u3066\u3044\u3063\u305f\u304c\u3001\u5b9f\u969b\u4e0e\u3048\u3089\u308c\u305f\u306e\u306f\u3001RAMN\u3068\u3044\u3046\u30c8\u30e8\u30bf\u304c\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u3068\u3057\u3066\u516c\u958b\u3057\u3066\u3044\u308b\u81ea\u52d5\u8eca\u5468\u308a\u306e\u5b66\u7fd2\u7528\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u3060\u3063\u305f\u3002\u3061\u306a\u307f\u306b\u30e9\u30fc\u30e1\u30f3\u3068\u8aad\u3080\u6a21\u69d8\u3002<\/p>\n\n\n<div class=\"wp-block-su-blogcard\">\n\t<article class=\"wp-blogcard\" cite=\"https:\/\/github.com\/ToyotaInfoTech\/RAMN\">\n\t\t<a\n\t\t\thref=\"https:\/\/github.com\/ToyotaInfoTech\/RAMN\"\n\t\t\t\t\t\t\ttarget=\"_blank\"\n\t\t\t\t\t\t\t\t\t\trel=\"noopener noreferrer nofollow\"\n\t\t\t\t\t\tclass=\"wp-blogcard-item\"\n\t\t>\n\t\t\t\t\t\t<div class=\"wp-blogcard-content\">\n\t\t\t\t<div class=\"wp-blogcard-title\"><\/div>\n\t\t\t\t<div class=\"wp-blogcard-description\"><\/div>\n\t\t\t\t<div class=\"wp-blogcard-cite\">\n\t\t\t\t\t\t\t\t\t\t\t<img\n\t\t\t\t\t\t\tclass=\"wp-blogcard-favicon\"\n\t\t\t\t\t\t\tsrc=\"https:\/\/www.google.com\/s2\/favicons?domain=github.com&#038;sz=16\"\n\t\t\t\t\t\t\talt=\"\"\n\t\t\t\t\t\t\taria-hidden=\"true\"\n\t\t\t\t\t\t\/>\n\t\t\t\t\t\t\t\t\t\t<div class=\"wp-blogcard-domain\">github.com<\/div>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t<\/a>\n\t<\/article>\n<\/div>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/IMG_1151.jpeg\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/IMG_1151-1024x768.jpeg\" alt=\"\" class=\"wp-image-992\" srcset=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/IMG_1151-1024x768.jpeg 1024w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/IMG_1151-300x225.jpeg 300w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/IMG_1151-768x576.jpeg 768w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/IMG_1151-1536x1152.jpeg 1536w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/IMG_1151-624x468.jpeg 624w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/IMG_1151.jpeg 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><figcaption class=\"wp-element-caption\">RAMN\u3002\u7af6\u6280\u7d42\u4e86\u5f8c\u306e\u5199\u771f\u306a\u306e\u3067\u3069\u3053\u306b\u3082\u7e4b\u304c\u3063\u3066\u3044\u306a\u3044\u3002<\/figcaption><\/figure>\n\n\n\n<p>\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u306f1\u53f0\u3057\u304b\u306a\u3044\u306e\u3067\u3001\u8eca\u5468\u308a\u306b\u4e00\u756a\u8a73\u3057\u304b\u3063\u305flaysakura\u3055\u3093\u306ePC\u306bRAMN\u306f\u7e4b\u3044\u3067\u3001\u4ed6\u306e\u30e1\u30f3\u30d0\u30fc\u306f\u30c7\u30fc\u30bf\u3092\u3082\u3089\u3063\u305f\u308a\u30b3\u30de\u30f3\u30c9\u9001\u4fe1\u3092\u4f9d\u983c\u3057\u305f\u308a\u3057\u3066\u89e3\u3044\u3066\u3044\u3063\u305f\u3002\u554f\u984c\u4e00\u89a7\u3092\u898b\u308b\u3068\u308f\u304b\u308b\u3068\u304a\u308a\u3001\u30ab\u30c6\u30b4\u30eaRAMN\u306e\u554f\u984c\u304c\u5927\u534a\u3092\u5360\u3081\u3066\u3044\u305f\u3002\u3053\u306e\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u306e\u4e2d\u306b\u30d5\u30e9\u30b0\u306b\u95a2\u308f\u308b\u8af8\u3005\u304c\u8a70\u3081\u8fbc\u307e\u308c\u3066\u3044\u305f\u306e\u3067\u3042\u308b\u3002<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><a href=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-1.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"794\" src=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-1-1024x794.png\" alt=\"\" class=\"wp-image-989\" srcset=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-1-1024x794.png 1024w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-1-300x233.png 300w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-1-768x596.png 768w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-1-624x484.png 624w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-1.png 1093w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><figcaption class=\"wp-element-caption\">\u6c7a\u52dd\u306e\u30b9\u30b3\u30a2\u30dc\u30fc\u30c9\uff08\u7dd1\u304cTeamONE\uff09<\/figcaption><\/figure>\n<\/div>\n\n\n<p>\u30b9\u30b3\u30a2\u30dc\u30fc\u30c9\u306e\u7dd1\u306e\u7dda\u304c\u5f0a\u30c1\u30fc\u30e0\u3002\u7af6\u6280\u6642\u9593\u306e\u534a\u5206\u304b\u304b\u3089\u305a\u306b1\u554f\u4ee5\u5916\u5168\u90e8\u89e3\u3051\u3066\u300c\u3053\u308c\u306f\u512a\u52dd\u3082\u3089\u3063\u305f\u306a\u30ac\u30cf\u30cf\u300d\u3068\u601d\u3063\u3066\u305f\u3089\u6700\u5f8c\u306e1\u554f\u304c\u305a\u3063\u3068\u89e3\u3051\u305a\u306b\u5168\u5b8c\u3092\u6210\u3057\u9042\u3052\u305fierae\u306b\u629c\u304b\u308c\u3066\u7d42\u4e86\u3002\u7d42\u308f\u308a\u969b\u306f\u4ed6\u306e\u30c1\u30fc\u30e0\u306b\u629c\u304b\u308c\u308b\u3093\u3058\u3083\u306a\u3044\u304b\u3068\u305a\u3063\u3068\u30d3\u30af\u30d3\u30af\u3057\u3066\u305f\u3002\u5fc3\u81d3\u306b\u60aa\u3044\u3002\u4f55\u3068\u304b\u9003\u3052\u5207\u308c\u3066\u3088\u304b\u3063\u305f\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-3.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"594\" src=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-3-1024x594.png\" alt=\"\" class=\"wp-image-991\" srcset=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-3-1024x594.png 1024w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-3-300x174.png 300w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-3-768x446.png 768w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-3-624x362.png 624w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-3.png 1134w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><figcaption class=\"wp-element-caption\">\u554f\u984c\u4e00\u89a7\u3002\u4e00\u3064\u660e\u308b\u3044\u306e\u304c\u89e3\u3051\u306a\u304b\u3063\u305f\u554f\u984c\u3002<\/figcaption><\/figure>\n\n\n\n<p>\u8eca\u306b\u95a2\u3059\u308bCTF\u3068\u3044\u3046\u3053\u3068\u3067\u3001\u666e\u6bb5\u3084\u3063\u3066\u308bCTF\u3068\u306f\u304b\u306a\u308a\u6027\u8cea\u306e\u9055\u3046\u3082\u306e\u3067\u65b0\u9bae\u5473\u304c\u3042\u308a\u697d\u3057\u304b\u3063\u305f\u3002\u4f55\u3067\u3042\u3063\u3066\u3082\u65b0\u3057\u3044\u77e5\u8b58\u3092\u8eab\u306b\u3064\u3051\u3066\u5b9f\u8df5\u3067\u304d\u308b\u3068\u697d\u3057\u3044\u306e\u3067\u3042\u308b\u3002\u554f\u984c\u306e\u96e3\u6613\u5ea6\u304c\u3001\u81ea\u5206\u304c\u89e3\u6cd5\u3092\u805e\u3044\u3066\u7406\u89e3\u3067\u304d\u308b\u30ec\u30d9\u30eb\u306e\u3082\u306e\u3060\u3063\u305f\u3068\u3044\u3046\u306e\u3082\u6e80\u8db3\u5ea6\u3092\u4e0a\u3052\u3066\u3044\u308b\u3068\u601d\u3046\u3002<\/p>\n\n\n\n<p>\u4e88\u9078\u3067\u306f\u3044\u308d\u3044\u308d\u3088\u308d\u3057\u304f\u306a\u3044\u70b9\u304c\u898b\u53d7\u3051\u3089\u308c\u305f\u304c\u3001Japan\u6c7a\u52dd\u306e\u7af6\u6280\u81ea\u4f53\u306f\u305d\u3093\u306a\u306b\u7c97\u3082\u611f\u3058\u3089\u308c\u305a\uff08\u904b\u55b6\u306b\u6c17\u306b\u306a\u308b\u3068\u3053\u308d\u304c\u3044\u304f\u3064\u304b\u3042\u308a\u306f\u3057\u305f\uff09\u3001\u5909\u306a\u554f\u984c\u3082\u306a\u304f\u826f\u304b\u3063\u305f\u3068\u601d\u3046\u3002\u7af6\u6280\u3092\u697d\u3057\u3081\u305f\u306e\u304c\u4e00\u756a\u3002<\/p>\n\n\n\n<p>Automotive CTF Japan\u904b\u55b6\u306e\u7686\u69d8\u3001\u305d\u3057\u3066\u30c1\u30fc\u30e0\u30e1\u30f3\u30d0\u30fc\u306ebea\u3055\u3093\u3001laysakura\u3055\u3093\u3001kusano_k\u3055\u3093\u3001hamayanhamayan\u3055\u3093\u3001\u3042\u308a\u304c\u3068\u3046\u3054\u3056\u3044\u307e\u3057\u305f\uff01<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Writeup<\/h2>\n\n\n\n<p>\u3055\u3066\u3001\u4ee5\u4e0b\u306f\u81ea\u5206\u304cSubmit\u3057\u305f\u554f\u984c\u306ewriteup\u3002\u30d5\u30e9\u30b0\u306f\u30e1\u30e2\u3057\u5fd8\u308c\u305f\u306e\u3067\u7121\u3057\u3002\u4ed6\u306e\u554f\u984c\u306b\u3064\u3044\u3066\u306f\u30e1\u30f3\u30d0\u30fc\u306e\u30d6\u30ed\u30b0\u3092\u53c2\u7167\u3042\u308c\u3002<\/p>\n\n\n<div class=\"wp-block-su-blogcard\">\n\t<article class=\"wp-blogcard\" cite=\"https:\/\/laysakura.github.io\/2024\/09\/14\/automotive-ctf-2024-japan-final\/\">\n\t\t<a\n\t\t\thref=\"https:\/\/laysakura.github.io\/2024\/09\/14\/automotive-ctf-2024-japan-final\/\"\n\t\t\t\t\t\t\ttarget=\"_blank\"\n\t\t\t\t\t\t\t\t\t\trel=\"noopener noreferrer nofollow\"\n\t\t\t\t\t\tclass=\"wp-blogcard-item\"\n\t\t>\n\t\t\t\t\t\t<div class=\"wp-blogcard-content\">\n\t\t\t\t<div class=\"wp-blogcard-title\"><\/div>\n\t\t\t\t<div class=\"wp-blogcard-description\"><\/div>\n\t\t\t\t<div class=\"wp-blogcard-cite\">\n\t\t\t\t\t\t\t\t\t\t\t<img\n\t\t\t\t\t\t\tclass=\"wp-blogcard-favicon\"\n\t\t\t\t\t\t\tsrc=\"https:\/\/www.google.com\/s2\/favicons?domain=laysakura.github.io&#038;sz=16\"\n\t\t\t\t\t\t\talt=\"\"\n\t\t\t\t\t\t\taria-hidden=\"true\"\n\t\t\t\t\t\t\/>\n\t\t\t\t\t\t\t\t\t\t<div class=\"wp-blogcard-domain\">laysakura.github.io<\/div>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t<\/a>\n\t<\/article>\n<\/div>\n\n\n<div class=\"wp-block-su-blogcard\">\n\t<article class=\"wp-blogcard\" cite=\"https:\/\/qiita.com\/kusano_k\/items\/140d08521b9667cd6ab9\">\n\t\t<a\n\t\t\thref=\"https:\/\/qiita.com\/kusano_k\/items\/140d08521b9667cd6ab9\"\n\t\t\t\t\t\t\ttarget=\"_blank\"\n\t\t\t\t\t\t\t\t\t\trel=\"noopener noreferrer nofollow\"\n\t\t\t\t\t\tclass=\"wp-blogcard-item\"\n\t\t>\n\t\t\t\t\t\t<div class=\"wp-blogcard-content\">\n\t\t\t\t<div class=\"wp-blogcard-title\"><\/div>\n\t\t\t\t<div class=\"wp-blogcard-description\"><\/div>\n\t\t\t\t<div class=\"wp-blogcard-cite\">\n\t\t\t\t\t\t\t\t\t\t\t<img\n\t\t\t\t\t\t\tclass=\"wp-blogcard-favicon\"\n\t\t\t\t\t\t\tsrc=\"https:\/\/www.google.com\/s2\/favicons?domain=qiita.com&#038;sz=16\"\n\t\t\t\t\t\t\talt=\"\"\n\t\t\t\t\t\t\taria-hidden=\"true\"\n\t\t\t\t\t\t\/>\n\t\t\t\t\t\t\t\t\t\t<div class=\"wp-blogcard-domain\">qiita.com<\/div>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t<\/a>\n\t<\/article>\n<\/div>\n\n\n<div class=\"wp-block-su-blogcard\">\n\t<article class=\"wp-blogcard\" cite=\"https:\/\/blog.hamayanhamayan.com\/entry\/2024\/09\/14\/112907\">\n\t\t<a\n\t\t\thref=\"https:\/\/blog.hamayanhamayan.com\/entry\/2024\/09\/14\/112907\"\n\t\t\t\t\t\t\ttarget=\"_blank\"\n\t\t\t\t\t\t\t\t\t\trel=\"noopener noreferrer nofollow\"\n\t\t\t\t\t\tclass=\"wp-blogcard-item\"\n\t\t>\n\t\t\t\t\t\t<div class=\"wp-blogcard-content\">\n\t\t\t\t<div class=\"wp-blogcard-title\"><\/div>\n\t\t\t\t<div class=\"wp-blogcard-description\"><\/div>\n\t\t\t\t<div class=\"wp-blogcard-cite\">\n\t\t\t\t\t\t\t\t\t\t\t<img\n\t\t\t\t\t\t\tclass=\"wp-blogcard-favicon\"\n\t\t\t\t\t\t\tsrc=\"https:\/\/www.google.com\/s2\/favicons?domain=blog.hamayanhamayan.com&#038;sz=16\"\n\t\t\t\t\t\t\talt=\"\"\n\t\t\t\t\t\t\taria-hidden=\"true\"\n\t\t\t\t\t\t\/>\n\t\t\t\t\t\t\t\t\t\t<div class=\"wp-blogcard-domain\">blog.hamayanhamayan.com<\/div>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t<\/a>\n\t<\/article>\n<\/div>\n\n\n\n<h3 class=\"wp-block-heading\">[ECU A] Takeover (1000)<\/h3>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&lt;\u65e5\u672c\u8a9e&gt; \u5404CAN\u30e1\u30c3\u30bb\u30fc\u30b8\u304c\u3001\u30d6\u30ec\u30fc\u30ad 0xF0x\u3001\u30a2\u30af\u30bb\u30eb 0xDDx\u3001\u30b9\u30c6\u30a2\u30ea\u30f3\u30b0\u30db\u30a4\u30fc\u30eb 0xF1x\u3001\u30a8\u30f3\u30b8\u30f3\u30ad\u30fc 0x02\u3001\u30e9\u30a4\u30c8\u30b9\u30a4\u30c3\u30c1 0x01\u3001\u30b5\u30a4\u30c9\u30d6\u30ec\u30fc\u30ad 0x00\u306e\u5834\u5408\u3001\u753b\u9762\u306e\u4e0b\u90e8\u306b\u30d5\u30e9\u30b0\u304c\u8868\u793a\u3055\u308c\u307e\u3059\u3002<\/p>\n\n\n\n<p>\u6ce8\u610f:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u672b\u5c3e\u306ex\u306fCAN\u30e1\u30c3\u30bb\u30fc\u30b8\u306e\u672b\u5c3e4bit\u306f\u7121\u8996\u3059\u308b\u3053\u3068\u3092\u610f\u5473\u3057\u307e\u3059\u3002<\/li>\n\n\n\n<li>\u3053\u306e\u30c1\u30e3\u30ec\u30f3\u30b8\u3067\u306fCRC\u3068\u30ab\u30a6\u30f3\u30bf\u30fc\u306f\u7121\u8996\u3055\u308c\u307e\u3059\u3002<\/li>\n\n\n\n<li>\u753b\u9762\u306b\u8868\u793a\u3055\u308c\u308b\u30d5\u30e9\u30b0\u5185\u306e\u7a7a\u767d\u306f&#8221;_&#8221;\u306b\u7f6e\u304d\u63db\u3048\u3066\u304f\u3060\u3055\u3044\u3002<\/li>\n<\/ul>\n\n\n\n<p>&lt;\u82f1\u8a9e&gt; Flag will be displayed at the bottom of the screen if brake CAN sensor data is 0xF0x (x meaning last 4 bits are ignored), accelerator data is 0xDDx, steering wheel data is 0xF1x, engine key data is 0x02, lighting switch data is 0x01, and side brake data is 0x00. Note: CRCs and counters are ignored for this challenge. Note: Please replace blank as &#8220;_&#8221; in the displayed flag.<\/p>\n<\/blockquote>\n\n\n\n<p>RAMN\u306e\u5404\u30a4\u30f3\u30bf\u30d5\u30a7\u30fc\u30b9\u3092\u3044\u3058\u3063\u3066CAN\u30e1\u30c3\u30bb\u30fc\u30b8\u306e\u5024\u3092\u6307\u5b9a\u3055\u308c\u305f\u3082\u306e\u306b\u3059\u308c\u3070RAMN\u306b\u642d\u8f09\u3055\u308c\u305f\u753b\u9762\u306b\u30d5\u30e9\u30b0\u304c\u8868\u793a\u3055\u308c\u308b\u3002\u6307\u5b9a\u3055\u308c\u305f\u5024\u306f\u7279\u7570\u306a\u3082\u306e\u3067\u306f\u306a\u304f\u3001\u5fae\u8abf\u6574\u306f\u5fc5\u8981\u3060\u304c\u30ec\u30d0\u30fc\u3092\u52d5\u304b\u3057\u305f\u308a\u30b9\u30a4\u30c3\u30c1\u3092\u5165\u308c\u305f\u308a\u3059\u308b\u3060\u3051\u3067\u8a2d\u5b9a\u53ef\u80fd\u306a\u5024\u3002\u3053\u306e\u554f\u984c\u306b\u3088\u3063\u3066\u3069\u306e\u30a4\u30f3\u30bf\u30d5\u30a7\u30fc\u30b9\u304c\u3069\u306eCAN ID\u306b\u5bfe\u5fdc\u3059\u308b\u304b\u3092\u78ba\u8a8d\u3067\u304d\u308b\u306e\u3067\u3068\u3066\u3082\u5927\u4e8b\u306a\u5165\u9580\u554f\u984c\u3002\u81ea\u5206\u306fSavvyCan\u306e\u753b\u9762\u3092\u898b\u306a\u304c\u3089\u6311\u6226\u3057\u305f\u3051\u3069\u3001\u5f8c\u304b\u3089RAMN\u306e\u753b\u9762\u306b\u5024\u304c\u8868\u793a\u3055\u308c\u3066\u3044\u308b\u3053\u3068\u306b\u6c17\u3065\u3044\u305f\u306e\u3067RAMN\u5358\u4f53\u3067\u3082\u306a\u3093\u3068\u304b\u3067\u304d\u305f\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">[ECU D] UART (1000)<\/h3>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&lt;\u65e5\u672c\u8a9e&gt; \u30d5\u30e9\u30b0\u306fECU D\u306eLPUART1\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30fc\u30b9\u306b115200 bps\u3067\u30d6\u30ed\u30fc\u30c9\u30ad\u30e3\u30b9\u30c8\u3055\u308c\u307e\u3059\u3002<\/p>\n\n\n\n<p>&lt;\u82f1\u8a9e&gt; This flag is broadcasted on ECU D&#8217;s LPUART1 interface @115200 bps.<\/p>\n<\/blockquote>\n\n\n\n<p>ECU D\u304cUART\u901a\u4fe1\u3067\u30d5\u30e9\u30b0\u3092\u5782\u308c\u6d41\u3057\u3066\u3044\u308b\u306e\u3067\u305d\u308c\u3092\u53d7\u4fe1\u3059\u308b\u554f\u984c\u3002ECU D\u306eExpansion Socket\u306e\u3069\u3053\u304b\u306bUART\u304c\u3042\u308b\u306f\u305a\u3001\u3068\u3044\u3046\u3053\u3068\u3067\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u3084GitHub\u306e\u30ec\u30dd\u30b8\u30c8\u30ea\u5185\u3092\u63a2\u3057\u3066\u3082\u3044\u3044\u60c5\u5831\u3092\u898b\u3064\u3051\u3089\u308c\u305a\u3002<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><a href=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/expansion_D.webp\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"298\" src=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/expansion_D-1024x298.webp\" alt=\"\" class=\"wp-image-997\" srcset=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/expansion_D-1024x298.webp 1024w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/expansion_D-300x87.webp 300w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/expansion_D-768x223.webp 768w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/expansion_D-1536x447.webp 1536w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/expansion_D-624x182.webp 624w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/expansion_D.webp 1629w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/div>\n\n\n<p>\u7d50\u5c40\u308f\u304b\u3089\u306a\u304b\u3063\u305f\u306e\u3067\u3001\u307e\u305aGND\u3060\u3051\u63a5\u7d9a\u3057\u3001USB-\u30b7\u30ea\u30a2\u30eb\u306e\u7e4b\u304c\u3063\u3066\u3044\u308bPC\u5074\u3067minicom\u3092\u52d5\u304b\u3057\u305f\u307e\u307e\u306b\u3057\u306a\u304c\u3089RX\u306e\u30d4\u30f3\u3092\u5404\u30bd\u30b1\u30c3\u30c8\u306b\u9806\u756a\u306b\u523a\u3057\u3066\u3044\u3063\u305f\u3002\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u7684\u30d6\u30eb\u30fc\u30c8\u30d5\u30a9\u30fc\u30b9\u3002\u3053\u3061\u3089\u304b\u3089\u30c7\u30fc\u30bf\u3092\u9001\u4fe1\u3059\u308b\u308f\u3051\u3058\u3083\u306a\u3044\u306e\u3067GND\u3068RX\u3060\u3051\u63a5\u7d9a\u3055\u308c\u3066\u3044\u308c\u3070\u3044\u3044\u306e\u3060\u3002PA2\u304bPA3\u3042\u305f\u308a\u3067minicom\u5074\u306b\u30d5\u30e9\u30b0\u304c\u8868\u793a\u3055\u308c\u305f\u306e\u3067\u305d\u308c\u3092\u5165\u529b\u3057\u3066\u5b8c\u4e86\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">[ECU A] Override (1200)<\/h3>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&lt;\u65e5\u672c\u8a9e&gt; \u30a2\u30af\u30bb\u30eb\u30920xFFF\u4ee5\u4e0a\u306e\u6709\u52b9\u306aCAN\u30e1\u30c3\u30bb\u30fc\u30b8\u306b\u5f37\u5236\u3067\u304d\u308c\u3070\u3001\u753b\u9762\u306e\u4e0b\u90e8\u306b\u30d5\u30e9\u30b0\u304c\u8868\u793a\u3055\u308c\u307e\u3059\u3002<\/p>\n\n\n\n<p>\u6ce8\u610f:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u6b63\u3057\u3044CRC\u30bf\u30a4\u30d7\u3068\u30a8\u30f3\u30c7\u30a3\u30a2\u30f3\u3092\u7279\u5b9a\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/li>\n\n\n\n<li>\u753b\u9762\u306b\u8868\u793a\u3055\u308c\u308b\u30d5\u30e9\u30b0\u5185\u306e\u7a7a\u767d\u306f&#8221;_&#8221;\u306b\u7f6e\u304d\u63db\u3048\u3066\u304f\u3060\u3055\u3044\u3002<\/li>\n<\/ul>\n\n\n\n<p>&lt;\u82f1\u8a9e&gt; Flag will be displayed at the bottom of the screen if you can force the accelerator to a value higher than 0xFFF with a valid CAN message.<\/p>\n\n\n\n<p>Note: You must identify the correct CRC type and endian. Note: Please replace blank as &#8220;_&#8221; in the displayed flag.<\/p>\n<\/blockquote>\n\n\n\n<p>RAMN\u306e\u30a4\u30f3\u30bf\u30d5\u30a7\u30fc\u30b9\u3092\u3044\u3058\u3063\u305f\u3060\u3051\u3067\u306f\u5230\u9054\u3067\u304d\u306a\u3044\u5024\u306b\u3059\u308b\u554f\u984c\u3002CAN\u306f\u30d6\u30ed\u30fc\u30c9\u30ad\u30e3\u30b9\u30c8\u3067\u8a8d\u8a3c\u306a\u3069\u306a\u3044\u3001\u3068\u3044\u3046\u3053\u3068\u3067ARP Spoofing\u306e\u3088\u3046\u306b\u6a2a\u304b\u3089CAN\u30e1\u30c3\u30bb\u30fc\u30b8\u3092\u9001\u308a\u307e\u304f\u308c\u3070\u901a\u308b\u3060\u308d\u3046\u3068\u63a8\u6e2c\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/candump_accel.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"656\" src=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/candump_accel-1024x656.png\" alt=\"\" class=\"wp-image-998\" srcset=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/candump_accel-1024x656.png 1024w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/candump_accel-300x192.png 300w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/candump_accel-768x492.png 768w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/candump_accel-624x400.png 624w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/candump_accel.png 1172w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n\n\n\n<p>\u30a2\u30af\u30bb\u30eb\u3092\u5909\u5316\u3055\u305b\u306a\u304c\u3089\u53d6\u3063\u3066\u3082\u3089\u3063\u305fcandump\u3092\u898b\u308b\u3068\u3001\u30a2\u30af\u30bb\u30eb\uff08CAN ID 0x010\uff09\u306e\u30c7\u30fc\u30bf\u306f8\u30d0\u30a4\u30c8\u3067\u3042\u308b\u3053\u3068\u304c\u308f\u304b\u308a\u3001\u30c7\u30fc\u30bf\u3092\u3056\u3063\u3068\u898b\u308b\u3053\u3068\u3067\u3001\u6700\u521d2\u30d0\u30a4\u30c8\u304c\u30a2\u30af\u30bb\u30eb\u306e\u5024\u3001\u6b21\u306e2\u30d0\u30a4\u30c8\u304c\u30c7\u30fc\u30bf\u9001\u4fe11\u56de\u3054\u3068\u306b1\u5897\u3048\u308b\u4f55\u3089\u304b\u306e\u30ab\u30a6\u30f3\u30bf\u30fc\u3068\u63a8\u6e2c\u3067\u304d\u308b\u3002\u6b8b\u308a4\u30d0\u30a4\u30c8\u306f\u30e9\u30f3\u30c0\u30e0\u3063\u307d\u304f\u898b\u3048\u3066\u3044\u308b\u3002\u554f\u984c\u6587\u306bCRC\u3068\u3042\u3063\u305f\u306e\u3067\u3001\u591a\u5206\u524d4\u30d0\u30a4\u30c8\u5206\u306eCRC32\u3060\u308d\u3046\u3068\u3042\u305f\u308a\u3092\u3064\u3051\u3066\u691c\u8a3c\u3057\u3066\u307f\u305f\u3068\u3053\u308d\u3001\u5f53\u305f\u3063\u3066\u3044\u305f\u3002\u30ea\u30c8\u30eb\u30a8\u30f3\u30c7\u30a3\u30a2\u30f3\u3089\u3057\u304f\u3001CRC32\u306e\u51fa\u529b\u3068\u5b9f\u969b\u306e\u30c7\u30fc\u30bf\u5217\u306f\u4e26\u3073\u304c\u9006\u306b\u306a\u3063\u3066\u3044\u308b\u3002<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><a href=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-4.png\"><img loading=\"lazy\" decoding=\"async\" width=\"474\" height=\"281\" src=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-4.png\" alt=\"\" class=\"wp-image-999\" srcset=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-4.png 474w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-4-300x178.png 300w\" sizes=\"auto, (max-width: 474px) 100vw, 474px\" \/><\/a><\/figure>\n<\/div>\n\n\n<p>\u3053\u308c\u3067\u30e1\u30c3\u30bb\u30fc\u30b8\u30d5\u30a9\u30fc\u30de\u30c3\u30c8\u306f\u308f\u304b\u3063\u305f\u306e\u3067\u3001\u30a2\u30af\u30bb\u30eb\u306e\u5024\u304c <code>0xfff<\/code> \u306aCAN\u30e1\u30c3\u30bb\u30fc\u30b8\u3092\u751f\u6210\u3057\u3066\u6295\u3052\u307e\u304f\u308c\u3070\u3044\u3044\u3068\u4ee5\u4e0b\u306e\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u4f5c\u6210\u3002\u30d0\u30a4\u30c8\u5217\u304b\u3089\u30ea\u30b9\u30c8\u3092\u751f\u6210\u3059\u308b\u3084\u308a\u65b9\u304c\u308f\u304b\u3089\u306a\u304f\u3066\u611a\u76f4\u306b\u66f8\u3044\u3066\u3057\u307e\u3063\u3066\u3044\u308b\u3002\u30b9\u30de\u30fc\u30c8\u306b\u306a\u308a\u305f\u3044\u3002\u3082\u3057\u304b\u3057\u3066\u3053\u3046\u3044\u3046\u6642\u306b <code>pack<\/code> \u3068\u304b <code>unpack<\/code> \u3092\u4f7f\u3046\u306e\u304b\u3002<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: python; title: ; notranslate\" title=\"\">\n#!\/usr\/bin\/python3\n\nimport can\nimport binascii\nimport time\nimport sys\n\nwith can.Bus(interface = &quot;socketcan&quot;, channel = &quot;can0&quot;) as bus:\n    accel = &#x5B; 0x0f, 0xff, 0, 1, 2, 3, 4, 5 ]\n    i = 0\n\n    while True:\n        accel&#x5B;2] = (i &amp; 0xff00) &gt;&gt; 8\n        accel&#x5B;3] = i &amp; 0xff\n        crc = binascii.crc32(bytes(accel&#x5B;0:4]))\n        accel&#x5B;4] = crc &amp; 0xff\n        accel&#x5B;5] = (crc &amp; 0xff00) &gt;&gt; 8\n        accel&#x5B;6] = (crc &amp; 0xff0000) &gt;&gt; 16\n        accel&#x5B;7] = (crc &amp; 0xff000000) &gt;&gt; 24\n\n        i = (i + 1) &amp; 0xffff\n\n        msg = can.Message(arbitration_id = 0x010, data = accel, is_extended_id = False)\n        try:\n            bus.send(msg)\n        except can.CanError:\n            print(&quot;Send message failed&quot;)\n\n        time.sleep(0.001)\n<\/pre><\/div>\n\n\n<p>\u3057\u304b\u3057\u3001\u30c7\u30fc\u30bf\u306f\u671f\u5f85\u901a\u308a\u9001\u4fe1\u3055\u308c\u3066\u3044\u308b\u3082\u306e\u306e\u3001\u30d5\u30e9\u30b0\u306f\u4e00\u5411\u306b\u73fe\u308c\u306a\u3044\u3002\u982d\u3092\u62b1\u3048\u3066\u3044\u305f\u3068\u3053\u308d\u3001\u3075\u3068\u601d\u3044\u7acb\u3063\u3066\u9001\u4fe1\u3059\u308b\u30a2\u30af\u30bb\u30eb\u5024\u3092 <code>0xFFF<\/code> \u304b\u3089 <code>0x1000<\/code> \u306b\u5909\u3048\u3066\u307f\u305f\u3068\u3053\u308d\u30d5\u30e9\u30b0\u304c\u73fe\u308c\u305f\u3002\u554f\u984c\u6587\u306b\u306f\u300c0xFFF<strong>\u4ee5\u4e0a<\/strong>\u306e\uff5e\u300d\u3068\u66f8\u304b\u308c\u3066\u3044\u305f\u306e\u306b\u3001\u3068\u601d\u3063\u3066\u3088\u304f\u3088\u304f\u898b\u308b\u3068\u3001\u82f1\u8a9e\u306e\u65b9\u306b\u306f\u300ca value <strong>higher than<\/strong> 0xFFF\u300d\u3068\u306a\u3063\u3066\u3044\u305f\u3002\u4ee5\u4e0a\u3058\u3083\u306d\u30fc\u3088\uff01\u8aa4\u8a33\u3060\uff01<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">[ECU C] Secret code (1200)<\/h3>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&lt;\u65e5\u672c\u8a9e&gt; ECU C\u306f\u79d8\u5bc6\u306eCAN\u30e1\u30c3\u30bb\u30fc\u30b8\u3092\u5f85\u3063\u3066\u3044\u307e\u3059\u3002<\/p>\n\n\n\n<p>\u6ce8\u610f: \u30a8\u30f3\u30c7\u30a3\u30a2\u30f3\u306b\u6ce8\u610f\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n\n\n\n<p>&lt;\u82f1\u8a9e&gt; ECU C is waiting for a secret CAN message.<\/p>\n\n\n\n<p>Note: Pay attention to endians.<\/p>\n<\/blockquote>\n\n\n\n<p>\u3053\u306e\u554f\u984c\u3001\u79c1\u304c\u30d5\u30e9\u30b0\u306e\u8868\u793a\u3092\u898b\u305f\u306e\u3067\u30d5\u30e9\u30b0\u3092Submit\u3057\u305f\u3051\u3069\u3001\u89e3\u3044\u305f\u306e\u306f\u4ed6\u306e\u4eba\u3060\u3063\u305f\u3002\u596a\u3063\u3066\u3057\u307e\u3063\u3066\u7533\u3057\u8a33\u306a\u3044\u3002\u8cac\u4efb\u3092\u53d6\u3063\u3066\u89e3\u6cd5\u3092\u66f8\u304f\u3002<\/p>\n\n\n\n<p>\u6dfb\u4ed8\u30d5\u30a1\u30a4\u30eb\u3068\u3057\u3066\u3001\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2\u306e\u4e00\u90e8\u306e\u95a2\u6570\u306e\u30a2\u30bb\u30f3\u30d6\u30e9\u3068\u305d\u306eC\u30b3\u30fc\u30c9\uff08\u3053\u3061\u3089\u306f\u809d\u5fc3\u306e\u3068\u3053\u308d\u306f\u307c\u304b\u3055\u308c\u3066\u3044\u308b\uff09\u304c\u4e0e\u3048\u3089\u308c\u3066\u3044\u305f\u3002\u30a2\u30bb\u30f3\u30d6\u30e9\u3092\u8aad\u3080\u529b\u304c\u8870\u3048\u3066\u3044\u305f\u306e\u3067\u3001ChatGPT\u306b\u4e0e\u3048\u305f\u3089\u3057\u3063\u304b\u308a\u8aad\u3093\u3067\u304f\u308c\u3066\u7279\u6b8a\u52d5\u4f5c\u306e\u6761\u4ef6\u3092\u6559\u3048\u3066\u304f\u308c\u305f\u3002<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><a href=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-5.png\"><img loading=\"lazy\" decoding=\"async\" width=\"723\" height=\"210\" src=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-5.png\" alt=\"\" class=\"wp-image-1000\" srcset=\"https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-5.png 723w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-5-300x87.png 300w, https:\/\/emeth.jp\/diary\/wp-content\/uploads\/2024\/09\/image-5-624x181.png 624w\" sizes=\"auto, (max-width: 723px) 100vw, 723px\" \/><\/a><\/figure>\n<\/div>\n\n\n<p>\u4e45\u3057\u3076\u308a\u306bChatGPT\u3092\u4f7f\u3063\u3066\u307f\u305f\u3051\u3069\u8ce2\u304f\u306a\u3063\u3066\u308b\u3057\u901f\u304f\u306a\u3063\u3066\u308b\u3057\u3067\u9694\u4e16\u306e\u611f\u304c\u3042\u308b\u3002\u751f\u6210AI\u30013\u65e5\u4f1a\u308f\u3056\u308c\u3070\u522e\u76ee\u3057\u3066\u898b\u3088\u3002\u8868\u73fe\u5909\u3048\u305f\u5225\u306e\u30d7\u30ed\u30f3\u30d7\u30c8\u3067\u3084\u3063\u3066\u307f\u305f\u3089\u30c7\u30fc\u30bf\u306e\u65b9\u306e\u6761\u4ef6\u3092\u51fa\u3057\u3066\u304f\u308c\u306a\u304b\u3063\u305f\u3051\u3069\u3002<\/p>\n\n\n\n<p>\u3042\u3068\u306f\u30a8\u30f3\u30c7\u30a3\u30a2\u30f3\u3092\u8003\u616e\u3057\u3066\u3001CAN ID\u304c <code>0x5AA<\/code> \u3067\u30c7\u30fc\u30bf\u304c <code>PLS_MR_!<\/code> \u3068\u306a\u3063\u3066\u3044\u308bCAN\u30e1\u30c3\u30bb\u30fc\u30b8\u3092\u9001\u308c\u3070\u30d5\u30e9\u30b0\u30b2\u30c3\u30c8\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">[ECU B] RAM peak (2000)<\/h3>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&lt;\u65e5\u672c\u8a9e&gt; RAM\u306b\u306fReadMemoryByAddress\u30b5\u30fc\u30d3\u30b9\u3067\u8aad\u307f\u53d6\u308c\u308b\u30d5\u30e9\u30b0\u304c\u3042\u308a\u307e\u3059\u3002\u30d5\u30e9\u30b0\u306e\u9577\u3055\u306f17\u6587\u5b57\u3067\u3059\u3002<\/p>\n\n\n\n<p>&lt;\u82f1\u8a9e&gt; There is a flag in RAM that can be read with the ReadMemoryByAddress Service. Flag length is 17 characters.<\/p>\n<\/blockquote>\n\n\n\n<p>\u89e3\u3051\u306a\u304b\u3063\u305f\u554f\u984c\u3002UDS\u306eReadMemoryByAddress\u30e1\u30c3\u30bb\u30fc\u30b8\u3067RAM\u3092\u8aad\u3080\u554f\u984c\u3002\u305f\u3060\u3057\u3001\u30d5\u30e9\u30b0\u304c\u683c\u7d0d\u3055\u308c\u3066\u3044\u308b\u30a2\u30c9\u30ec\u30b9\u3092\u30d4\u30f3\u30dd\u30a4\u30f3\u30c8\u3067\u5f53\u3066\u306a\u3044\u3068 <code>requestOutOfRange<\/code> \u3068\u8fd4\u3063\u3066\u304f\u308b\u3002\u4ed6\u306b\u30d2\u30f3\u30c8\u3089\u3057\u3044\u30d2\u30f3\u30c8\u304c\u306a\u3044\u306e\u3067\u3001\u3044\u308d\u3044\u308d\u306a\u30a2\u30c9\u30ec\u30b9\u3067\u8a66\u3057\u305f\u3002ECU\u306b\u4f7f\u308f\u308c\u3066\u3044\u308b\u30c1\u30c3\u30d7\u306e\u30c7\u30fc\u30bf\u30b7\u30fc\u30c8\u3092\u8aad\u3093\u3067SRAM\u306e\u30a2\u30c9\u30ec\u30b9\u3092\u30d6\u30eb\u30fc\u30c8\u30d5\u30a9\u30fc\u30b9\u3057\u305f\u308a\u3001\u554f\u984c\u540d\u306e\u300cpeak\u300d\u306b\u60d1\u308f\u3055\u308c\u3066\u3001\u3044\u308d\u3044\u308d\u306a\u30bb\u30b0\u30e1\u30f3\u30c8\u306e\u7d42\u308f\u308a\u969b\u306e\u30a2\u30c9\u30ec\u30b9\u3068\u8a66\u3057\u305f\u308a\u3001\u300cFlag\u300d\u3068\u3044\u3046\u6587\u5b57\u5217\u3092\u30a2\u30c9\u30ec\u30b9\u306b\u3057\u3066\u8a66\u3057\u305f\u308a\u3002<\/p>\n\n\n\n<p>\u7af6\u6280\u6642\u9593\u306e\u534a\u5206\u4ee5\u4e0a\u3092\u304b\u3051\u3066\u3082\u7d50\u5c40\u89e3\u3051\u305a\u306b\u7d42\u308f\u3063\u3066\u3057\u307e\u3063\u305f\u3002\u89e3\u3051\u305fierae\u30c1\u30fc\u30e0\u306b\u805e\u3044\u305f\u3068\u3053\u308d\u3001\u3069\u3046\u3084\u3089SRAM\u306e\u30a2\u30c9\u30ec\u30b9\u3092\u30d6\u30eb\u30fc\u30c8\u30d5\u30a9\u30fc\u30b9\u3057\u3066\u305f\u3089\u898b\u3064\u304b\u3063\u305f\u3089\u3057\u3044\u3002\u3046\u3061\u3082\u540c\u3058\u3068\u3053\u308d\u3092\u30d6\u30eb\u30fc\u30c8\u30d5\u30a9\u30fc\u30b9\u3057\u3066\u3044\u305f\u306f\u305a\u306a\u3093\u3060\u3051\u3069\u3001\u9014\u4e2d\u3067\u6839\u6c17\u304c\u5c3d\u304d\u3066\u3084\u3081\u3066\u3057\u307e\u3063\u305f\u304b\u4f55\u304b\u3057\u3089\u9001\u308b\u30c7\u30fc\u30bf\u306b\u30df\u30b9\u304c\u3042\u3063\u305f\u304b\u3002\u7121\u5ff5\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>9\/13(\u91d1)\u306b\u884c\u308f\u308c\u305fAutomotive CTF Japan\u306e\u6c7a\u52dd\u306b\u300cTeamONE\u300d\u306e\u30e1\u30f3\u30d0\u30fc\u3068\u3057\u3066\u53c2\u52a0\u3057\u3066\u304d\u305f\u3002\u7d50\u679c\u306f2\u4f4d\u3067\u3001\u7c73\u56fd\u30c7\u30c8\u30ed\u30a4\u30c8\u3067\u958b\u50ac\u3055\u308c\u308b\u300cAutomotive CTF 2024\u300d\u306e\u6c7a\u52dd\u306b\u53c2\u52a0\u3067\u304d\u308b [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":995,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"cybocfi_hide_featured_image":"","footnotes":""},"categories":[14],"tags":[8],"class_list":["post-987","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ctf","tag-ctf"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/emeth.jp\/diary\/wp-json\/wp\/v2\/posts\/987","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/emeth.jp\/diary\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/emeth.jp\/diary\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/emeth.jp\/diary\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/emeth.jp\/diary\/wp-json\/wp\/v2\/comments?post=987"}],"version-history":[{"count":8,"href":"https:\/\/emeth.jp\/diary\/wp-json\/wp\/v2\/posts\/987\/revisions"}],"predecessor-version":[{"id":1006,"href":"https:\/\/emeth.jp\/diary\/wp-json\/wp\/v2\/posts\/987\/revisions\/1006"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/emeth.jp\/diary\/wp-json\/wp\/v2\/media\/995"}],"wp:attachment":[{"href":"https:\/\/emeth.jp\/diary\/wp-json\/wp\/v2\/media?parent=987"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/emeth.jp\/diary\/wp-json\/wp\/v2\/categories?post=987"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/emeth.jp\/diary\/wp-json\/wp\/v2\/tags?post=987"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}