BLE CTF
Summary
This tutorial explains how to setup an ESP32 device for solving 20 flag based BLE challenges.
Requirements
- Operating system: Ubuntu 18.04 bionic amd64
- Packages: git emacs
Description
Step 1 - Standard Setup of Toolchain for Linux
Install prerequisites:
sudo apt-get install gcc git wget make libncurses-dev flex bison gperf python python-pip python-setuptools python-serial python-cryptography python-future python-pyparsing
Download ESP32 toolchain for Linux and extract it in ~/esp directory:
mkdir -p ~/esp cd ~/esp tar -xzf ~/Downloads/xtensa-esp32-elf-linux64-1.22.0-80-g6c4433a-5.2.0.tar.gz
Update your PATH environment variable in ~/.profile to use the toolchain. Add the following line to your ~/.profile file:
export PATH="$HOME/esp/xtensa-esp32-elf/bin:$PATH"
Log off and log back in to make the changes effective. Run the following command to verify if PATH is correctly set:
printenv PATH
The output should contain (userName gets replaced by your user name):
/home/userName/esp/xtensa-esp32-elf/bin
Step 2 - Install ESP-IDF
Go to ~/esp and clone the repository:
cd ~/esp git clone --recursive https://github.com/espressif/esp-idf.git
Set the IDF_PATH environment variable. Add the following line to ~/.profile:
export IDF_PATH=~/esp/esp-idf
Log off and log back in to make the change effective.
Verify if set correctly:
printenv IDF_PATH
The output should display the previously entered path (replace userName with your user name):
/home/userName/esp/esp-idf
Step 3 - Install Python packages
Run:
python -m pip install --user -r $IDF_PATH/requirements.txt
Step 4 - Connect the device
Make sure the device is unplugged, then run:
ls /dev/tty*
Plug the device into the host computer and run again:
ls /dev/tty*
The port that appears the second time is the one needed.
Step 5 - CTF Setup
Change into your ~/esp directory and execute the following commands:
cd ~/esp git clone https://github.com/hackgnar/ble_ctf.git cd ble_ctf make menuconfig
A window appears. Navigate to "Serial flasher config" > "Default Serial port" and enter the port you found out in step 4. Confirm, save and exit.
make
Plug the device into your host computer.
make flash
Step 6 -
Discover the MAC address of the device:
sudo hcitool lescan
The device with the description "BLECTF" is your device.
Display current score (replace the x's with the MAC address discovered before):
gatttool -b xx:xx:xx:xx:xx:xx --char-read -a 0x002a|awk -F':' '{print $2}'|tr -d ' '|xxd -r -p;printf '\n'
The terminal should display:
Score: 0/20
Used Hardware
Device to be used with this documentation Maybe another device to be used with this documentation
Courses
- A course where this documentation was used (2017, 2018)
- Another one (2018)
References
- https://docs.espressif.com/projects/esp-idf/en/latest/get-started/#setup-toolchain
- https://docs.espressif.com/projects/esp-idf/en/latest/get-started/add-idf_path-to-profile.html
- https://docs.espressif.com/projects/esp-idf/en/latest/get-started/establish-serial-connection.html
- https://github.com/hackgnar/ble_ctf/blob/master/docs/setup.md