Falcon Badge
InCTF 10th Edition
This year’s InCTF was very special for the hardware team @ bi0s as we released a electronic badge similar to the conferences internationally.
We wanted more students to get started with hardware. This year’s theme was inspired by Star Wars, and being huge fans of Han Solo and Chewbacca, the badge design inspiration came from the famous Millenium Falcon.
We created the badge with a small quest on it, focusing on IoT Security so that students get a taste of security as well.
We wanted the badge to be a fun and engaging activity, so we ported some games into it as well, not just to be played on the badge, but physically as well.
The games we ported into the badge were the:
- Conway’s Game of Life
- The game gets the input from the LDR connected, hence spawns a new generation every time
- Asteroids arcade game
- Similar to the original game with dodging the asteroids, and firing lasers, unlike the original one, one can only travel in a single direction
- Falcon Fire
- The physical game was that, if you unlock the lasers, you can shoot other badge’s LDR, to *attack thrice, that would put the badge in damaged state. Of course, you’d have to wait to recover from that for a couple of minutes.*
Technical Specs
- NodeMCU Development Board
- 74HC595 Shift Register
- LDR Sensor
- Laser Pointer (LED with a lens)
- OLED 128x32 Display
- 2 Pushbuttons
- 16 LEDs
- 4 AA batteries
Design Features
Just to make sure that people can make use of the badge, we designed the badge to be modular.
With IoT in mind, we decided to select one of the most commonly used microcontroller, the ESP8266. It is one of the best microcontrollers to get started with development and testing in the IoT field.
What’s a hardware badge without a display? So, we went for an OLED display, just because it upgrades its coolness, and is less costly than expected. ;)
And just to make the badge worth hacking and eye-catching, we arranged the LEDs in an array and used the shift register to control, the ESP8266 is a bit less on pins.
We added the LDR sensor and the Laser pin to support the physical game that we had designed.
To make game controls comfortable we used 2 push buttons[fewer pins :(]. Next year hopefully we’ll have more of those buttons ;).
Finally, to power this board up, we selected the commonly available AA batteries which can be easily replaced when dead.
Firmware
The firmware for the board was written using the Arduino SDK, due to open-source libraries for various libraries and ease of configuration for everyone. The badge had featured different firmware for different purposes.
There where 5 firmware in total:
- Initial
- The basic initial firmware everyone’s badge was loaded with.
- Serial-Exploitation
- Firmware that was designed to teach you serial exploitation.
- Falcon-Fire
- A version of the 80s Asteroid Game.
- Game-of-Life
- A version of Conway’s Game of Life on Falcon.
- Final-Unlocked
- Firmware with unlocked LED control and defense against laser attacks.
As mentioned before, as we wanted the badge to be an IoT device, we connected the badge to an open network on our campus, which was available anywhere within the campus. To make the firmware flashing as easy as possible, we had designed a custom OTA page for the users to update their badges. The badges were assigned static IPs and were secured by a username and password.
The badge displayed the name, ID and the username and password were stored on the SPIFFS, to avoid hard coding credentials in the firmware. Imagine creating 70x5=350 firmware! EEPROM/SPIFFS is the better way. :)
The source code and the files are available on Github
Production
We designed the board to be through-hole, where we hand-assembled all the boards. We had ordered the components through various wholesale-dealers. The PCB was printed at PCBPower based in Gujarat.
The experience of creating badges turned out to be an internal workshop for everyone to learn soldering at bi0s.