[crackme]F-Secure khallenge

[Loki]

The contest starts on Friday 1st of August 2008 at 12:00 and ends on August 3rd 2008 at 11:59 (local Assembly time, EEST).

Khallenge is a reverse engineering challenge made by F-Secure for the Summer ASSEMBLY 2008 event held in Helsinki, Finland. The contestants must reverse engineer binaries in order to discover keys that the executables will accept. After completing the first level, instructions will be given on how to proceed to the next level.

Further information about challenge, including the official rules, is available from Assembly '08 web site. You can find more information about the people behind this compo from F-Secure Security Labs Weblog.

Go here to check it out:

http://www.khallenge.com/

Posted in the crackme forum as thats what these are. I'm closing the thread to respect F-Secure's request that this should not be discussed openly prior to the end of the competition. I'll reopen it afterwards so that you can discuss methods and problems

Have fun - perhaps you'll win one of the iPod's

Edited August 1, 2008 by Loki

[Loki]

The official challenge is now over so I guess it should be ok to discuss things now.

Attached are the executables incase someone missed it and wants to try them.

FSC08_Level1.zip

FSC08_Level2.zip

FSC08_Level3.zip

[Teddy Rogers]

Do you know who won the iPod's, anyone we know?

Ted.

[Loki]

Not me.....

They usually announce it on the blog so I'll update the thread when its there

[Hyperlisk]

Am I just crazy or did you have to crack an MD5 hash on level 2? I stopped doing it because I didn't feel like doing that lol. The smallest password length I got for level 2 was 9 characters.

[SunBeam]

It was a pain in the *** with all the crap added to it - RDTSC + GetCurrentProcessId()..

[Sonny27]

Is it normal that Level 2 doesn

[GaBoR]

It's starts, but you have to run it with the key as argument in command line.

[SunBeam]

^ I second that I encountered a few that work in that fashion where CMP BYTE PTR [EBP+8] checked the bit for command line argument (usually 0x2)

[Sonny27]

Then my system doesn

[Merc]

Hi all. The level 2 make me feel bored with challenge. So many cases. Here is strings we need have to by pass first check (password has 9 chars) :

10.?G??Dx?A?
12.?E??Fz?C?
17.?N??Mq?H?
18.?O??Lp?I?
19.?L??Os?J?
20.?M??Nr?K?
21.?J??Iu?L?
22.?K??Ht?M?
23.?H??Kw?N?
24.?I??Jv?O?
25.?V??Ui?P?
26.?W??Th?Q?
27.?T??Wk?R?
28.?U??Vj?S?
29.?R??Qm?T?
30.?S??Pl?U?
31.?P??So?V?
32.?Q??Rn?W?
36.?g??dX?a?
38.?e??fZ?c?
43.?n??mQ?h?
44.?o??lP?i?
45.?l??oS?j?
46.?m??nR?k?
47.?j??iU?l?
48.?k??hT?m?
49.?h??kW?n?
50.?i??jV?o?
51.?v??uI?p?
52.?w??tH?q?
53.?t??wK?r?
54.?u??vJ?s?
55.?r??qM?t?
56.?s??pL?u?
57.?p??sO?v?
58.?q??rN?w?

First check :

004012F4 50 PUSH EAX
004012F5 E8 C6FEFFFF CALL FSC08_Le.004011C0
004012FA 8BF8 MOV EDI,EAX
004012FC 81F7 69B462A4 XOR EDI,A462B469
00401302 81FF 69B462A4 CMP EDI,A462B469

'?' char is char that we need find to make correctly on MD5 check. MD5 hash was modified.

[Hyperlisk]

Here's one I modified when I was messing with it...

dump_fixed.rar

[Apuromafo]

well if are solved not are problem in post the 1rts item

1)
Enter the key: BOFPCongratulations! Please send an e-mail to Easy2o08@khallenge.com

when send an email you see the 2nd , and bypass the md5 uu, not know how solve as pass+correct crc

example how must write the pass in the argument, mine argument is "apuromafo" /open archive and argument apuromafo

the fixed work nice but ..what are the correct pass.. not know

maybe can help this of old year

http://securityxploded.com/hackerchallenge2007phase3.php

http://zairon.wordpress.com/2007/08/06/f-s...-2007-solution/

Edited August 5, 2008 by apuromafo

[Loki]

Khallenge III was over the weekend, here are the current solution statistics:

Level 1: 393

Level 2: 20

Level 3: 8

During the run of the competition, the final level was solved by 4 people:

1. Igor Skochinsky (iPod Touch 32GB)

2. Kaspars Osis (iPod Touch 16GB)

3. "bbuc" (t-shirt)

4. Ludvig Strigeus (t-shirt)

Igor & Kaspars are returning winners from previous Khallenge competitions (1) (2). Great job guys!

Runners-up:

Alexander Polyakov, "Lancert", "push.ret", "Hellspawn", V. Usatyuk, "Piotras", "ASMax"

Level 1 contains a hidden message, here are the winners:

1. Alexandru Maximciuc (t-shirt)

2. Volodymyr Pikhur (t-shirt)

3. Richard Baranyi (t-shirt)

On a personal note, while designing the challenges I've been wondering if level 2 was too difficult. The statistics have proven it was. However, according to your responses, it was great fun! I'm glad to hear that many people enjoyed it. Next year though, we'll aim to get the challenges into a bit better balance. ;-)

[SunBeam]

LOL? "Level 1 contains a hidden message" - interesting )

[Sonny27]

Gotta find that one

greetz