The Feskekôrka Piano Badge | Security Fest

Idea

I was brainstorming with the fabulous crew at Security Fest about a badge for their 2024 conference. For their 2022 conference, we took inspiration from Gothenburg's legendary trams and made The Tram Badge with a rickroll built in it. For the 2023 conference, we took the Gothenburg skyline and put it in a cyberpunk theme to turn it into a UV-printed full-colour CTF badge.

For the 2024 edition, the crew wanted a design based on the Feskekôrka which is an iconic indoor fish market with a resemblance to a Neo-gothic church in Gothenburg.

Design

The building although iconic felt incomplete. So we turned that into Disco-körka by giving it a nightclub look with an airship in the sky. To also distinguish different badge types, the building roof would be blue for speakers and golden yellow for the crew.

Similar to last year, the badge would certainly feature a CTF but we also wanted to put something more special in the form of musical instruments and games. And that is how Lars got involved to help out with the badge, where he combined his talents in music, embedded systems and cyber (in)security for the challenges. Lars experimented with the keyboard and a variety of instruments we can emulate using our badge.

The Disco-körka windows/doors would be the 7 keyboard keys while the airship would be reserved for the text adventure CTF.

Lars was able to validate the idea with some nice early prototypes.

Putting all of that into PCB design...

Fabrication

It'd be a double-sided PCB and our in-house fabrication went through fine as always.

Assembly

The assembly went well for half the badges but then suddenly our Reflow Oven seemed to stop working. It has a conveyor that moves the PCB and heats it enough to solder components. The conveyor is handled by a DC motor. It was not able to turn on the conveyor and control the speed. The oven would get turned on but since the conveyor was not working, no more assembly was possible.

Long weekends on those days also meant the manufacturer wouldn't respond on time to get the badges ready for the conference.

Time for some hackery.

We figured out everything was working fine except the conveyor belt motor. We connected that motor externally to our DC controllable power supply which can regulate 0 volts to 30 volts.

The Reflow Oven has a 1-meter bed. Takes about 260 Seconds for each batch of soldering, making approx. 25 badges at a time.

So we started experimenting with differential voltage supply to see how fast the conveyor belt worked. A little while later, found out that 8.5 volts to 9 volts got us the ideal speed for reflow.

And that worked!

UV Printing The Artwork

The Working

Turning on the slide switch glows all CTF LEDs in sequence for a second and then gets the badge ready for piano mode. The airship acts as a function key to change between different musical instruments and navigate the CTF menu.

The menu system and serial interface

The menu system on this badge can be navigated both with the touch keys, and through the serial port as an interactive text adventure. Connect the badge to your system using a USB-C cable and fire up your favourite serial monitor at 115200 baud with Both NL & CR.

Tapping the airship moves the serial screen between different menu options.

The CTF is written in a storyline of travelling by airship from the old conference venue to the new one. Feskekôrka/Disco-körka is halfway. The engine has stopped for security reasons. To get moving again, you to get inside the engine room, by exploring the airship, solving riddles and playing the different games. Besides the keyboard, there is a memory game, an action game and a morse code station.

Solving the first five challenges will light up the LEDs on the airship and open the engine room where three much harder CTF challenges await: cryptography, reverse engineering and memory corruption.

To reset the badge, navigate to the engine room and type I.WANT.RESET.

There are also some easter eggs and fun references to discover.

Happy Hacking!