Loki Posted August 1, 2008 Posted August 1, 2008 (edited) The contest starts on Friday 1st of August 2008 at 12:00 and ends on August 3rd 2008 at 11:59 (local Assembly time, EEST).Khallenge is a reverse engineering challenge made by F-Secure for the Summer ASSEMBLY 2008 event held in Helsinki, Finland. The contestants must reverse engineer binaries in order to discover keys that the executables will accept. After completing the first level, instructions will be given on how to proceed to the next level. Further information about challenge, including the official rules, is available from Assembly '08 web site. You can find more information about the people behind this compo from F-Secure Security Labs Weblog. Go here to check it out: http://www.khallenge.com/ Posted in the crackme forum as thats what these are. I'm closing the thread to respect F-Secure's request that this should not be discussed openly prior to the end of the competition. I'll reopen it afterwards so that you can discuss methods and problems Have fun - perhaps you'll win one of the iPod's Edited August 1, 2008 by Loki
Loki Posted August 4, 2008 Author Posted August 4, 2008 The official challenge is now over so I guess it should be ok to discuss things now. Attached are the executables incase someone missed it and wants to try them. FSC08_Level1.zip FSC08_Level2.zip FSC08_Level3.zip
Teddy Rogers Posted August 4, 2008 Posted August 4, 2008 Do you know who won the iPod's, anyone we know?Ted.
Loki Posted August 4, 2008 Author Posted August 4, 2008 Not me..... They usually announce it on the blog so I'll update the thread when its there
Hyperlisk Posted August 4, 2008 Posted August 4, 2008 Am I just crazy or did you have to crack an MD5 hash on level 2? I stopped doing it because I didn't feel like doing that lol. The smallest password length I got for level 2 was 9 characters.
SunBeam Posted August 4, 2008 Posted August 4, 2008 It was a pain in the *** with all the crap added to it - RDTSC + GetCurrentProcessId()..
GaBoR Posted August 4, 2008 Posted August 4, 2008 It's starts, but you have to run it with the key as argument in command line.
SunBeam Posted August 4, 2008 Posted August 4, 2008 ^ I second that I encountered a few that work in that fashion where CMP BYTE PTR [EBP+8] checked the bit for command line argument (usually 0x2)
Merc Posted August 5, 2008 Posted August 5, 2008 Hi all. The level 2 make me feel bored with challenge. So many cases. Here is strings we need have to by pass first check (password has 9 chars) :10.?G??Dx?A?12.?E??Fz?C?17.?N??Mq?H?18.?O??Lp?I?19.?L??Os?J?20.?M??Nr?K?21.?J??Iu?L?22.?K??Ht?M?23.?H??Kw?N?24.?I??Jv?O?25.?V??Ui?P?26.?W??Th?Q?27.?T??Wk?R?28.?U??Vj?S?29.?R??Qm?T?30.?S??Pl?U?31.?P??So?V?32.?Q??Rn?W?36.?g??dX?a?38.?e??fZ?c?43.?n??mQ?h?44.?o??lP?i?45.?l??oS?j?46.?m??nR?k?47.?j??iU?l?48.?k??hT?m?49.?h??kW?n?50.?i??jV?o?51.?v??uI?p?52.?w??tH?q?53.?t??wK?r?54.?u??vJ?s?55.?r??qM?t?56.?s??pL?u?57.?p??sO?v?58.?q??rN?w?First check :004012F4 50 PUSH EAX004012F5 E8 C6FEFFFF CALL FSC08_Le.004011C0004012FA 8BF8 MOV EDI,EAX004012FC 81F7 69B462A4 XOR EDI,A462B46900401302 81FF 69B462A4 CMP EDI,A462B469'?' char is char that we need find to make correctly on MD5 check. MD5 hash was modified.
Hyperlisk Posted August 5, 2008 Posted August 5, 2008 Here's one I modified when I was messing with it...dump_fixed.rar
Apuromafo Posted August 5, 2008 Posted August 5, 2008 (edited) well if are solved not are problem in post the 1rts item 1)Enter the key: BOFPCongratulations! Please send an e-mail to Easy2o08@khallenge.com when send an email you see the 2nd , and bypass the md5 uu, not know how solve as pass+correct crc example how must write the pass in the argument, mine argument is "apuromafo" /open archive and argument apuromafo the fixed work nice but ..what are the correct pass.. not know maybe can help this of old year http://securityxploded.com/hackerchallenge2007phase3.php http://zairon.wordpress.com/2007/08/06/f-s...-2007-solution/ Edited August 5, 2008 by apuromafo
Loki Posted August 6, 2008 Author Posted August 6, 2008 Khallenge III was over the weekend, here are the current solution statistics:Level 1: 393Level 2: 20Level 3: 8During the run of the competition, the final level was solved by 4 people:1. Igor Skochinsky (iPod Touch 32GB)2. Kaspars Osis (iPod Touch 16GB)3. "bbuc" (t-shirt)4. Ludvig Strigeus (t-shirt)Igor & Kaspars are returning winners from previous Khallenge competitions (1) (2). Great job guys!Runners-up:Alexander Polyakov, "Lancert", "push.ret", "Hellspawn", V. Usatyuk, "Piotras", "ASMax"Level 1 contains a hidden message, here are the winners:1. Alexandru Maximciuc (t-shirt)2. Volodymyr Pikhur (t-shirt)3. Richard Baranyi (t-shirt)On a personal note, while designing the challenges I've been wondering if level 2 was too difficult. The statistics have proven it was. However, according to your responses, it was great fun! I'm glad to hear that many people enjoyed it. Next year though, we'll aim to get the challenges into a bit better balance. ;-)
SunBeam Posted August 6, 2008 Posted August 6, 2008 LOL? "Level 1 contains a hidden message" - interesting )
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now