noregret 0 Posted September 6, 2015 Share Posted September 6, 2015 I'm pretty much stuck on #6 as well, same as noregret. I've tried to make sense of the code and some things are still not clear to me. Would anyone be able to clear some things up for me via PM? same here Link to post
atn 0 Posted September 6, 2015 Share Posted September 6, 2015 (edited) @noregret, @xoreaxeax: if you need help, you can contact to me. Have you Skype ID? My Skype ID: xxxx Edited June 20, 2016 by atn (see edit history) Link to post
Gyrus 8 Posted September 6, 2015 Share Posted September 6, 2015 From wikipedia: The fundamental theorem of arithmetic, states that every integer greater than 1 either is prime itself or is the product of prime numbers, and that this product is unique, up to the order of the factors. The Prime numbers set is:{2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, ..., 577, ..} For example (* is multiply and ^ is power):11 = (2^0) * (3^0) * (5^0) * (7^0) * (11^1) * (13^0) * ...11 = 0 , 0 , 0 , 0 , 1 , 0 , 0 , ... -> the number as a sequence of powers. 25 = (2^0) * (3^0) * (5^2) * (7^0) * (11^0) * ...25 = 0 , 0 , 2 , 0 , 0 , ... 1731 = (2^0) * (3^1) * (5^0) * ... * (577^1) * ...1731 = 0 , 1 , 0 , .. , 1 , 0 , ... In #6 you have the sequence of powers, reconstruct the number! Link to post
malforenz 0 Posted September 7, 2015 Share Posted September 7, 2015 I am stuck on #8, I have extracted the png and have run various tools to extract the LSB, but have not found the key. Don't know what to do next, any clues? What am I missing? Link to post
kao 2,161 Posted September 7, 2015 Author Share Posted September 7, 2015 @malforenz: make something useful out of those bits. Link to post
Extreme Coders 443 Posted September 7, 2015 Share Posted September 7, 2015 @malforenz: Search on twitter, big hint there. https://twitter.com/mikesiko/status/636242424784928768 Link to post
malforenz 0 Posted September 8, 2015 Share Posted September 8, 2015 thanks for the help @kao and @Extream Coders, you got me over the hump! Link to post
atn 0 Posted September 8, 2015 Share Posted September 8, 2015 I am stuck on #8, I have extracted the png and have run various tools to extract the LSB, but have not found the key. Don't know what to do next, any clues? What am I missing?Don't use any tool, just think about LSB and imagine Link to post
PolarBear 0 Posted September 8, 2015 Share Posted September 8, 2015 (edited) Last day of the game discovered this place, where people actually discuss about the Flare-on Challenges. Big lesson. I was wasting a lot of my time on #3 and now stuck on the #6. My goal is to solving #6 Edited September 8, 2015 by PolarBear (see edit history) Link to post
AcidShout 2 Posted September 9, 2015 Share Posted September 9, 2015 So... it ended tonight... Congratulations to everybody! Link to post
atn 0 Posted September 9, 2015 Share Posted September 9, 2015 FLARE-ON challenge finished. i solved 9/11. so sad but not at all, next year we will try to solve all challenge. BTW, @Extreme Coders: At #6, you can post your code that get 2 email addresses which are accepted by apk app? Thanks. Link to post
Extreme Coders 443 Posted September 9, 2015 Share Posted September 9, 2015 (edited) Why only 2 ? I am posting a bunch of email addresses that are accepted by the android app of Challenge #6. Note that this is not all. There are even more. Anyways, the official solutions have been published. https://www.fireeye.com/blog/threat-research/2015/09/flare-on_challenges.html Should_havAYg0ne_to_tashi_$tation@flare-on.com Should_havAeg0ne_to_tashi_$tation@flare-on.comShould_havAkg0ne_to_tashi_$tation@flare-on.comShould_havAwg0ne_to_tashi_$tation@flare-on.comShould_havBCg0ne_to_tashi_$tation@flare-on.comShould_havBSg0ne_to_tashi_$tation@flare-on.comShould_havBUg0ne_to_tashi_$tation@flare-on.comShould_havBag0ne_to_tashi_$tation@flare-on.comShould_havBsg0ne_to_tashi_$tation@flare-on.comShould_havCOg0ne_to_tashi_$tation@flare-on.comShould_havCWg0ne_to_tashi_$tation@flare-on.comShould_havCig0ne_to_tashi_$tation@flare-on.comShould_havDEg0ne_to_tashi_$tation@flare-on.comShould_havDKg0ne_to_tashi_$tation@flare-on.comShould_havDQg0ne_to_tashi_$tation@flare-on.comShould_havDSg0ne_to_tashi_$tation@flare-on.comShould_havDYg0ne_to_tashi_$tation@flare-on.comShould_havDeg0ne_to_tashi_$tation@flare-on.comShould_havDog0ne_to_tashi_$tation@flare-on.comShould_havEAg0ne_to_tashi_$tation@flare-on.comShould_havEIg0ne_to_tashi_$tation@flare-on.comShould_havESg0ne_to_tashi_$tation@flare-on.comShould_havEUg0ne_to_tashi_$tation@flare-on.comShould_havEag0ne_to_tashi_$tation@flare-on.comShould_havEwg0ne_to_tashi_$tation@flare-on.comShould_havFCg0ne_to_tashi_$tation@flare-on.comShould_havFEg0ne_to_tashi_$tation@flare-on.comShould_havFyg0ne_to_tashi_$tation@flare-on.comShould_havGKg0ne_to_tashi_$tation@flare-on.comShould_havGMg0ne_to_tashi_$tation@flare-on.comShould_havGQg0ne_to_tashi_$tation@flare-on.comShould_havGog0ne_to_tashi_$tation@flare-on.comShould_havGqg0ne_to_tashi_$tation@flare-on.comShould_havHGg0ne_to_tashi_$tation@flare-on.comShould_havHUg0ne_to_tashi_$tation@flare-on.comShould_havHYg0ne_to_tashi_$tation@flare-on.comShould_havHkg0ne_to_tashi_$tation@flare-on.comShould_havHmg0ne_to_tashi_$tation@flare-on.comShould_havHyg0ne_to_tashi_$tation@flare-on.comShould_havIEg0ne_to_tashi_$tation@flare-on.comShould_havIUg0ne_to_tashi_$tation@flare-on.comShould_havIcg0ne_to_tashi_$tation@flare-on.comShould_havIig0ne_to_tashi_$tation@flare-on.comShould_havImg0ne_to_tashi_$tation@flare-on.comShould_havIsg0ne_to_tashi_$tation@flare-on.comShould_havJAg0ne_to_tashi_$tation@flare-on.comShould_havJEg0ne_to_tashi_$tation@flare-on.comShould_havJWg0ne_to_tashi_$tation@flare-on.comShould_havJkg0ne_to_tashi_$tation@flare-on.comShould_havKCg0ne_to_tashi_$tation@flare-on.comShould_havKIg0ne_to_tashi_$tation@flare-on.comShould_havKYg0ne_to_tashi_$tation@flare-on.comShould_havKeg0ne_to_tashi_$tation@flare-on.comShould_havKmg0ne_to_tashi_$tation@flare-on.comShould_havKwg0ne_to_tashi_$tation@flare-on.comShould_havLKg0ne_to_tashi_$tation@flare-on.comShould_havLUg0ne_to_tashi_$tation@flare-on.comShould_havLWg0ne_to_tashi_$tation@flare-on.comShould_havLag0ne_to_tashi_$tation@flare-on.comShould_havLgg0ne_to_tashi_$tation@flare-on.comShould_havLsg0ne_to_tashi_$tation@flare-on.comShould_havLyg0ne_to_tashi_$tation@flare-on.comShould_havMAg0ne_to_tashi_$tation@flare-on.comShould_havMQg0ne_to_tashi_$tation@flare-on.comShould_havMYg0ne_to_tashi_$tation@flare-on.comShould_havMeg0ne_to_tashi_$tation@flare-on.comShould_havMkg0ne_to_tashi_$tation@flare-on.comShould_havNOg0ne_to_tashi_$tation@flare-on.comShould_havNSg0ne_to_tashi_$tation@flare-on.comShould_havNgg0ne_to_tashi_$tation@flare-on.comShould_havNyg0ne_to_tashi_$tation@flare-on.comShould_havOIg0ne_to_tashi_$tation@flare-on.comShould_havOcg0ne_to_tashi_$tation@flare-on.comShould_havOgg0ne_to_tashi_$tation@flare-on.comShould_havOmg0ne_to_tashi_$tation@flare-on.comShould_havOug0ne_to_tashi_$tation@flare-on.comShould_havPEg0ne_to_tashi_$tation@flare-on.comShould_havPGg0ne_to_tashi_$tation@flare-on.comShould_havPSg0ne_to_tashi_$tation@flare-on.comShould_havPqg0ne_to_tashi_$tation@flare-on.comShould_havPwg0ne_to_tashi_$tation@flare-on.comShould_havQGg0ne_to_tashi_$tation@flare-on.comShould_havQIg0ne_to_tashi_$tation@flare-on.comShould_havQqg0ne_to_tashi_$tation@flare-on.comShould_havQyg0ne_to_tashi_$tation@flare-on.comShould_havRCg0ne_to_tashi_$tation@flare-on.comShould_havREg0ne_to_tashi_$tation@flare-on.comShould_havRKg0ne_to_tashi_$tation@flare-on.comShould_havRag0ne_to_tashi_$tation@flare-on.comShould_havRmg0ne_to_tashi_$tation@flare-on.comShould_havRsg0ne_to_tashi_$tation@flare-on.comShould_havSAg0ne_to_tashi_$tation@flare-on.comShould_havSEg0ne_to_tashi_$tation@flare-on.comShould_havSGg0ne_to_tashi_$tation@flare-on.comShould_havSKg0ne_to_tashi_$tation@flare-on.comShould_havScg0ne_to_tashi_$tation@flare-on.comShould_havTAg0ne_to_tashi_$tation@flare-on.comShould_havTIg0ne_to_tashi_$tation@flare-on.comShould_havTSg0ne_to_tashi_$tation@flare-on.comShould_havTUg0ne_to_tashi_$tation@flare-on.comShould_havTag0ne_to_tashi_$tation@flare-on.comShould_havTkg0ne_to_tashi_$tation@flare-on.comShould_havTmg0ne_to_tashi_$tation@flare-on.comShould_havTqg0ne_to_tashi_$tation@flare-on.comShould_havUOg0ne_to_tashi_$tation@flare-on.comShould_havUQg0ne_to_tashi_$tation@flare-on.comShould_havUcg0ne_to_tashi_$tation@flare-on.comShould_havUgg0ne_to_tashi_$tation@flare-on.comShould_havUog0ne_to_tashi_$tation@flare-on.comShould_havUyg0ne_to_tashi_$tation@flare-on.comShould_havVKg0ne_to_tashi_$tation@flare-on.comShould_havVMg0ne_to_tashi_$tation@flare-on.comShould_havVkg0ne_to_tashi_$tation@flare-on.comShould_havVqg0ne_to_tashi_$tation@flare-on.comShould_havVug0ne_to_tashi_$tation@flare-on.comShould_havWGg0ne_to_tashi_$tation@flare-on.comShould_havWMg0ne_to_tashi_$tation@flare-on.comShould_havWag0ne_to_tashi_$tation@flare-on.comShould_havWmg0ne_to_tashi_$tation@flare-on.comShould_havWwg0ne_to_tashi_$tation@flare-on.comShould_havXUg0ne_to_tashi_$tation@flare-on.comShould_havXmg0ne_to_tashi_$tation@flare-on.comShould_havXog0ne_to_tashi_$tation@flare-on.comShould_havXsg0ne_to_tashi_$tation@flare-on.comShould_havYEg0ne_to_tashi_$tation@flare-on.comShould_havYKg0ne_to_tashi_$tation@flare-on.comShould_havYMg0ne_to_tashi_$tation@flare-on.comShould_havYWg0ne_to_tashi_$tation@flare-on.comShould_havYug0ne_to_tashi_$tation@flare-on.comShould_havZMg0ne_to_tashi_$tation@flare-on.comShould_havZgg0ne_to_tashi_$tation@flare-on.comShould_havZwg0ne_to_tashi_$tation@flare-on.comShould_havaKg0ne_to_tashi_$tation@flare-on.comShould_havaUg0ne_to_tashi_$tation@flare-on.comShould_havaWg0ne_to_tashi_$tation@flare-on.comShould_havaog0ne_to_tashi_$tation@flare-on.comShould_havayg0ne_to_tashi_$tation@flare-on.comShould_havbAg0ne_to_tashi_$tation@flare-on.comShould_havbKg0ne_to_tashi_$tation@flare-on.comShould_havbQg0ne_to_tashi_$tation@flare-on.comShould_havbSg0ne_to_tashi_$tation@flare-on.comShould_havbeg0ne_to_tashi_$tation@flare-on.comShould_havcAg0ne_to_tashi_$tation@flare-on.comShould_havcCg0ne_to_tashi_$tation@flare-on.comShould_havcOg0ne_to_tashi_$tation@flare-on.comShould_havcgg0ne_to_tashi_$tation@flare-on.comShould_havcmg0ne_to_tashi_$tation@flare-on.comShould_havcqg0ne_to_tashi_$tation@flare-on.comShould_havcwg0ne_to_tashi_$tation@flare-on.comShould_havdCg0ne_to_tashi_$tation@flare-on.comShould_havdIg0ne_to_tashi_$tation@flare-on.comShould_havdOg0ne_to_tashi_$tation@flare-on.comShould_havdgg0ne_to_tashi_$tation@flare-on.comShould_havdug0ne_to_tashi_$tation@flare-on.comShould_haveKg0ne_to_tashi_$tation@flare-on.comShould_haveMg0ne_to_tashi_$tation@flare-on.comShould_haveSg0ne_to_tashi_$tation@flare-on.comShould_haveWg0ne_to_tashi_$tation@flare-on.comShould_haveqg0ne_to_tashi_$tation@flare-on.comShould_havfAg0ne_to_tashi_$tation@flare-on.comShould_havfGg0ne_to_tashi_$tation@flare-on.comShould_havfMg0ne_to_tashi_$tation@flare-on.comShould_havfag0ne_to_tashi_$tation@flare-on.comShould_havfsg0ne_to_tashi_$tation@flare-on.comShould_havgEg0ne_to_tashi_$tation@flare-on.comShould_havgQg0ne_to_tashi_$tation@flare-on.comShould_havgog0ne_to_tashi_$tation@flare-on.comShould_havgyg0ne_to_tashi_$tation@flare-on.comShould_havhEg0ne_to_tashi_$tation@flare-on.comShould_havhKg0ne_to_tashi_$tation@flare-on.comShould_havhMg0ne_to_tashi_$tation@flare-on.comShould_havhWg0ne_to_tashi_$tation@flare-on.comShould_havhYg0ne_to_tashi_$tation@flare-on.comShould_havhcg0ne_to_tashi_$tation@flare-on.comShould_havhig0ne_to_tashi_$tation@flare-on.comShould_havhkg0ne_to_tashi_$tation@flare-on.comShould_havhqg0ne_to_tashi_$tation@flare-on.comShould_haviCg0ne_to_tashi_$tation@flare-on.comShould_haviGg0ne_to_tashi_$tation@flare-on.comShould_haviIg0ne_to_tashi_$tation@flare-on.comShould_haviOg0ne_to_tashi_$tation@flare-on.comShould_havieg0ne_to_tashi_$tation@flare-on.comShould_havikg0ne_to_tashi_$tation@flare-on.comShould_haviqg0ne_to_tashi_$tation@flare-on.comShould_havjKg0ne_to_tashi_$tation@flare-on.comShould_havjgg0ne_to_tashi_$tation@flare-on.comShould_havjig0ne_to_tashi_$tation@flare-on.comShould_havjug0ne_to_tashi_$tation@flare-on.comShould_havkAg0ne_to_tashi_$tation@flare-on.comShould_havkWg0ne_to_tashi_$tation@flare-on.comShould_havkYg0ne_to_tashi_$tation@flare-on.comShould_havkug0ne_to_tashi_$tation@flare-on.comShould_havlUg0ne_to_tashi_$tation@flare-on.comShould_havlYg0ne_to_tashi_$tation@flare-on.comShould_havleg0ne_to_tashi_$tation@flare-on.comShould_havlgg0ne_to_tashi_$tation@flare-on.comShould_havlsg0ne_to_tashi_$tation@flare-on.comShould_havlwg0ne_to_tashi_$tation@flare-on.comShould_havmOg0ne_to_tashi_$tation@flare-on.comShould_havmag0ne_to_tashi_$tation@flare-on.comShould_havmsg0ne_to_tashi_$tation@flare-on.comShould_havnEg0ne_to_tashi_$tation@flare-on.comShould_havnug0ne_to_tashi_$tation@flare-on.comShould_havnwg0ne_to_tashi_$tation@flare-on.comShould_havoMg0ne_to_tashi_$tation@flare-on.comShould_havoSg0ne_to_tashi_$tation@flare-on.comShould_havoag0ne_to_tashi_$tation@flare-on.comShould_havoeg0ne_to_tashi_$tation@flare-on.comShould_havoyg0ne_to_tashi_$tation@flare-on.comShould_havpOg0ne_to_tashi_$tation@flare-on.comShould_havpQg0ne_to_tashi_$tation@flare-on.comShould_havpWg0ne_to_tashi_$tation@flare-on.comShould_havpcg0ne_to_tashi_$tation@flare-on.comShould_havpug0ne_to_tashi_$tation@flare-on.comShould_havpyg0ne_to_tashi_$tation@flare-on.comShould_havqQg0ne_to_tashi_$tation@flare-on.comShould_havqYg0ne_to_tashi_$tation@flare-on.comShould_havqcg0ne_to_tashi_$tation@flare-on.comShould_havqig0ne_to_tashi_$tation@flare-on.comShould_havrCg0ne_to_tashi_$tation@flare-on.comShould_havrUg0ne_to_tashi_$tation@flare-on.comShould_havrgg0ne_to_tashi_$tation@flare-on.comShould_havrqg0ne_to_tashi_$tation@flare-on.comShould_havrwg0ne_to_tashi_$tation@flare-on.comShould_havsWg0ne_to_tashi_$tation@flare-on.comShould_havsag0ne_to_tashi_$tation@flare-on.comShould_havtAg0ne_to_tashi_$tation@flare-on.comShould_havtkg0ne_to_tashi_$tation@flare-on.comShould_havuMg0ne_to_tashi_$tation@flare-on.comShould_havukg0ne_to_tashi_$tation@flare-on.comShould_havuwg0ne_to_tashi_$tation@flare-on.comShould_havvUg0ne_to_tashi_$tation@flare-on.comShould_havvcg0ne_to_tashi_$tation@flare-on.comShould_havvig0ne_to_tashi_$tation@flare-on.comShould_havvog0ne_to_tashi_$tation@flare-on.comShould_havvsg0ne_to_tashi_$tation@flare-on.comShould_havwAg0ne_to_tashi_$tation@flare-on.comShould_havwKg0ne_to_tashi_$tation@flare-on.comShould_havwYg0ne_to_tashi_$tation@flare-on.comShould_havwqg0ne_to_tashi_$tation@flare-on.comShould_havxSg0ne_to_tashi_$tation@flare-on.comShould_havxYg0ne_to_tashi_$tation@flare-on.comShould_havxag0ne_to_tashi_$tation@flare-on.comShould_havxmg0ne_to_tashi_$tation@flare-on.comShould_havxwg0ne_to_tashi_$tation@flare-on.comShould_havxyg0ne_to_tashi_$tation@flare-on.comShould_havyKg0ne_to_tashi_$tation@flare-on.comShould_havyWg0ne_to_tashi_$tation@flare-on.comShould_havygg0ne_to_tashi_$tation@flare-on.comShould_havyig0ne_to_tashi_$tation@flare-on.comShould_havysg0ne_to_tashi_$tation@flare-on.comShould_havzKg0ne_to_tashi_$tation@flare-on.comShould_havzWg0ne_to_tashi_$tation@flare-on.comShould_havzYg0ne_to_tashi_$tation@flare-on.comShould_havzeg0ne_to_tashi_$tation@flare-on.comShould_havzig0ne_to_tashi_$tation@flare-on.com Edited September 9, 2015 by Extreme Coders (see edit history) Link to post
kao 2,161 Posted September 9, 2015 Author Share Posted September 9, 2015 (edited) ..and the proper one was "Should_have_g0ne_to_tashi_$tation@flare-on.com" Sometimes you just need to use a common sense. Official solutions have been posted here: https://www.fireeye.com/blog/threat-research/2015/09/flare-on_challenges.html EDIT: oops, missed link to official solutions in the middle of ExtremeCoders post.. I have the attention span of a squirrel. Edited September 9, 2015 by kao (see edit history) Link to post
Extreme Coders 443 Posted September 9, 2015 Share Posted September 9, 2015 (edited) The reason for the large number of *valid* emails, is that 6th prime factorization array is composed of all zeros. Hence any, prime number between 0 & 0x7E7E for the 11 and 12th character combined (taken as a 16 bit value) is valid. Filtering out non printable characters and other invalid characters. we can get a decent sized list. Edited September 9, 2015 by Extreme Coders (see edit history) Link to post
kao 2,161 Posted September 9, 2015 Author Share Posted September 9, 2015 I will have to look at that challenge again. Here's my stupid solver which got the job done and provided just the correct address: https://www.mediafire.com/?gnypecz9l7th4ea It's a really crappy code - but that does not matter. During the challenge all I care about is getting job done, not the purity and clarity of code. Link to post
Loki 384 Posted September 9, 2015 Share Posted September 9, 2015 It's a really crappy code - but that does not matter. During the challenge all I care about is getting job done, not the purity and clarity of code. Exactly - good enough is good enough when it comes to this stuff! Nice work everyone - we have some talented people here! Wear those belt buckles with pride Link to post
Extreme Coders 443 Posted September 9, 2015 Share Posted September 9, 2015 Pretty much same sort of code for the first stupid solver.It stops immediately after finding a valid email, hence the output is not the actual email, as there are more than one possible emails. http://www.mediafire.com/download/39brdepxjsjqk8s/source.rar Link to post
noregret 0 Posted September 9, 2015 Share Posted September 9, 2015 That is great guys, any idea where we can download the challenges? They just published write-ups without the actual challenges binaries. Link to post
Extreme Coders 443 Posted September 9, 2015 Share Posted September 9, 2015 @noregret: Find the link in the blog post. http://mshetta.blogspot.in/2015/09/flare-on-2015-walkthrough.html Link to post
kao 2,161 Posted September 9, 2015 Author Share Posted September 9, 2015 Verrry nice writeups! We've taken very different approaches at some stages, and you have obviously analyzed stuff much deeper than me. Let's see if I can manage to write down my solutions over the weekend. 1 Link to post
kienmanowar 3 Posted September 9, 2015 Share Posted September 9, 2015 Verrry nice writeups! We've taken very different approaches at some stages, and you have obviously analyzed stuff much deeper than me. Let's see if I can manage to write down my solutions over the weekend. Wait to see your writeups kao! Link to post
PolarBear 0 Posted September 9, 2015 Share Posted September 9, 2015 Verrry nice writeups! We've taken very different approaches at some stages, and you have obviously analyzed stuff much deeper than me. Let's see if I can manage to write down my solutions over the weekend. Looking forward to see the fastest winner's solution. Link to post
kao 2,161 Posted September 10, 2015 Author Share Posted September 10, 2015 Since he's too shy to write a post here - here are AcidShout's solutions: http://acidshout.github.io/ 3 Link to post
Loki 384 Posted September 11, 2015 Share Posted September 11, 2015 Nice work AcidShout, and very nice write ups 1 Link to post
Extreme Coders 443 Posted September 12, 2015 Share Posted September 12, 2015 My solutions (Challenge 6-11). It's nowhere near the quality as that of other's writeups. http://1drv.ms/1XWdFGm 1 Link to post
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now