FLARE On Challenge - starts tonight!

[kao 1,955]

The FireEye Labs Advanced Reverse Engineering (FLARE) team is hosting its second annual CTF-style challenge for all reverse engineers, malware analysts, and security professionals.

 

...

 

The puzzles start with basic skills and escalate quickly to more difficult reversing tasks. At FLARE we have to deal with whatever challenges come our way, so the challenge reflects this. If you take on the challenge you might see puzzles involving Packers, Mobile platforms, steganography, obfuscated .NET, and so on.

 

The Second FLARE On Challenge will open at July 28, 2015 20:00EDT and close on Sept. 8, 2015 20:00EDT. You can finish any time before Sept. 8 to qualify for a prize.

 

... 

 

After completing the final challenge, you’ll be contacted by a FLARE team member. Once you provide a mailing address we’ll ship you your prize. Last year, the prize was a coin and this year we have something new and special for the winners . The full details can be found at: www.flare-on.com.

@moderators: sorry, could not find a better place to post it.

Edited July 28, 2015 by kao (see edit history)

[kao 1,955]

After 27 hours of reversing, I've done it again! https://twitter.com/nickharbour/status/626765867519508480

Now I need to get some sleep.

[madskillz 24]

Congrats Kao.

 

Well if I had to reverse the first binary , where should I look ? examples, book ref , etc ?

[Extreme Coders 407]

@kao Impressive Skills. What is the total number of challenges?

 

@madskillz For the first refer to xor encryption.

[kao 1,955]

@Extreme Coders: 11. The real fun starts from #8.

@madskillz: To avoid spoiling it for others I won't be commenting on specific challenges. There is a list of suggested materials on flare-on.com, you can start with those.

[Loki 373]

Nice work - congrats Kao

 

I took a look at the first one in work yesterday which was a nice eay primer - hoping to get some time over the next couple of weeks to dig through the others

[GIV 1,150]

@moderators: sorry, could not find a better place to post it.

Take easy KAO.

Your health is more important than a place on a contest.

Get some rest.

[kao 1,955]

@GIV: I just love to win. And second place is just the first loser. Also, who needs sleep when you got mate?

[akkaldama 7]

@Anybody please,

 

from where i can download the files? at 'http://www.flare-on.com/'i get a page like command prompt.

[Extreme Coders 407]

Currently on challenge 6 (android). Need to study ARM arch in more detail.

[kao 1,955]

@akkaldama: type 'help' and follow instructions.

@Extreme Coders: you're doing well! Thumbs up! :-)

[akkaldama 7]

@kao, thanks.

My problem is the syntax of CD ccomand.

I have used square brackets with that.:-().

BTW congrats for the first place.

[Extreme Coders 407]

Challenge 6 is over. But there is a bug in the challenge.

There are 2 possible email addresses which are valid.

 

However only 1 of them accepts an email to progress to the next challenge.

[kao 1,955]

Really? Both of them are accepted by Android app?   My tool only found one, and it was a proper one. 

 

You could always ping Nick Harbour ( https://twitter.com/nickharbour/) who's managing the challenge - maybe you get extra points for finding unexpected solutions?

EDIT: auto-format broke my twitter link

Edited August 2, 2015 by kao (see edit history)

[Extreme Coders 407]

@kao My tool found two. Both are accepted by the android app. There may even be more.

The addresses are proper, i.e. they contain legit chars allowed in an email id.

 

Need to open a twitter account for this

 

EDIT:

Alright, he has an email ID too.

Edited August 2, 2015 by Extreme Coders (see edit history)

[Antelox 0]

Hi reversers,

some hints about level 4? I miss some things to close the circle... :\

 

Tnx in advance.

 

Antelox

[Extreme Coders 407]

Finished Challenge #9, but their mail server seems to be down. No response.

[ultrain 0]

@kao Congratulation to u~

@Extrem Coders: I have just finished Challenge #7, and are going mad by #8. 

 

It seemed that "the key" was neither in exe nor png. For I almost analyse all png bytes..

But Likely in twitter...

[kao 1,955]

@Extreme Coders: did you finally get the email? If not, you probably found another bug or something. If you want to check your solution, SHA1 of accepted pass starts with 64e7d343....

@antelox: read and follow instructions in the mail. And don't spend too much time debugging it.

@ultrain: password is in the PNG but if you look at bytes, you won't see it.

[Extreme Coders 407]

@kao: No response email till now.. Yes the sha1 starts with those and ends with ....33a6e8f2.

 

EDIT:

Received Challenge #10. Let's see.

Edited August 4, 2015 by Extreme Coders (see edit history)

[Extreme Coders 407]

Finally completed challenge #10.

However, frankly speaking, this did not look like a Reversing challenge at all.

[AcidShout 2]

Finally completed challenge #10.

However, frankly speaking, this did not look like a Reversing challenge at all.

why do you think so? I just started reversing it, and a driver seems very much like reversing to me :-p

Edited August 9, 2015 by AcidShout (see edit history)

[kao 1,955]

@AcidShout: you'll know what he meant when you solve it. ;-)

[0xd4d 375]

After 27 hours of reversing, I've done it again! https://twitter.com/nickharbour/status/626765867519508480

Now I need to get some sleep.

 

LOL, I hope you just woke up before the contest and hadn't been awake for 16 hours already.

 

Congratulations on the win!

Edited August 10, 2015 by 0xd4d (see edit history)

[kao 1,955]

It started at 2AM my time - I was too tired and fell asleep before the contest started. So, I actually slept for the first 6 hours of the contest.  

 

Thanks!