FLARE On Challenge - starts tonight!

[noregret 0]

I'm pretty much stuck on #6 as well, same as noregret. I've tried to make sense of the code and some things are still not clear to me. Would anyone be able to clear some things up for me via PM?

 

same here

[atn 0]

@noregret, @xoreaxeax: if you need help, you can contact to me. Have you Skype ID?

My Skype ID: xxxx

Edited June 20, 2016 by atn (see edit history)

[Gyrus 8]

From wikipedia:

 

The fundamental theorem of arithmetic, states that every integer greater than 1 either is prime itself or is the product of prime numbers, and that this product is unique, up to the order of the factors.

 

The Prime numbers set is:

{2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, ..., 577, ..}

 

For example (* is multiply and ^ is power):

11 = (2^0) * (3^0) * (5^0) * (7^0) * (11^1) * (13^0) * ...

11 =      0       , 0      , 0        , 0         , 1         , 0 , 0 , ... -> the number as a sequence of powers.

 

25 = (2^0) * (3^0) * (5^2) * (7^0) * (11^0) * ...

25 =      0 ,       0 ,       2       , 0 ,         0 , ...

 

1731 = (2^0) * (3^1) * (5^0) * ... * (577^1) * ...

1731 =      0       , 1       , 0  , .. ,           1     , 0 , ...

 

In #6 you have the sequence of powers, reconstruct the number!

[malforenz 0]

I am stuck on #8, I have extracted the png and have run various tools to extract the LSB, but have not found the key. Don't know what to do next, any clues? What am I missing?

[kao 1,872]

@malforenz: make something useful out of those bits.

[Extreme Coders 405]

@malforenz: Search on twitter, big hint there. https://twitter.com/mikesiko/status/636242424784928768

[malforenz 0]

thanks for the help @kao and @Extream Coders, you got me over the hump!

[atn 0]

I am stuck on #8, I have extracted the png and have run various tools to extract the LSB, but have not found the key. Don't know what to do next, any clues? What am I missing?

Don't use any tool, just think about LSB and imagine

[PolarBear 0]

Last day of the game discovered this place, where people actually discuss about the Flare-on Challenges. Big lesson.

 

I was wasting a lot of my time on #3 and now stuck on the #6. My goal is to solving #6 

Edited September 8, 2015 by PolarBear (see edit history)

[AcidShout 2]

So... it ended tonight...

 

Congratulations to everybody!

[atn 0]

FLARE-ON challenge finished.

i solved 9/11. so sad but not at all, next year we will try to solve all challenge.

BTW, @Extreme Coders: At #6, you can post your code that get 2 email addresses which are accepted by apk app? Thanks.

[Extreme Coders 405]

Why only 2 ? 

I am posting a bunch of email addresses that are accepted by the android app of Challenge #6.

Note that this is not all. There are even more.

 

Anyways, the official solutions have been published.

https://www.fireeye.com/blog/threat-research/2015/09/flare-on_challenges.html

 

Should_havAYg0ne_to_tashi_$tation@flare-on.com

Should_havAeg0ne_to_tashi_$tation@flare-on.com
Should_havAkg0ne_to_tashi_$tation@flare-on.com
Should_havAwg0ne_to_tashi_$tation@flare-on.com
Should_havBCg0ne_to_tashi_$tation@flare-on.com
Should_havBSg0ne_to_tashi_$tation@flare-on.com
Should_havBUg0ne_to_tashi_$tation@flare-on.com
Should_havBag0ne_to_tashi_$tation@flare-on.com
Should_havBsg0ne_to_tashi_$tation@flare-on.com
Should_havCOg0ne_to_tashi_$tation@flare-on.com
Should_havCWg0ne_to_tashi_$tation@flare-on.com
Should_havCig0ne_to_tashi_$tation@flare-on.com
Should_havDEg0ne_to_tashi_$tation@flare-on.com
Should_havDKg0ne_to_tashi_$tation@flare-on.com
Should_havDQg0ne_to_tashi_$tation@flare-on.com
Should_havDSg0ne_to_tashi_$tation@flare-on.com
Should_havDYg0ne_to_tashi_$tation@flare-on.com
Should_havDeg0ne_to_tashi_$tation@flare-on.com
Should_havDog0ne_to_tashi_$tation@flare-on.com
Should_havEAg0ne_to_tashi_$tation@flare-on.com
Should_havEIg0ne_to_tashi_$tation@flare-on.com
Should_havESg0ne_to_tashi_$tation@flare-on.com
Should_havEUg0ne_to_tashi_$tation@flare-on.com
Should_havEag0ne_to_tashi_$tation@flare-on.com
Should_havEwg0ne_to_tashi_$tation@flare-on.com
Should_havFCg0ne_to_tashi_$tation@flare-on.com
Should_havFEg0ne_to_tashi_$tation@flare-on.com
Should_havFyg0ne_to_tashi_$tation@flare-on.com
Should_havGKg0ne_to_tashi_$tation@flare-on.com
Should_havGMg0ne_to_tashi_$tation@flare-on.com
Should_havGQg0ne_to_tashi_$tation@flare-on.com
Should_havGog0ne_to_tashi_$tation@flare-on.com
Should_havGqg0ne_to_tashi_$tation@flare-on.com
Should_havHGg0ne_to_tashi_$tation@flare-on.com
Should_havHUg0ne_to_tashi_$tation@flare-on.com
Should_havHYg0ne_to_tashi_$tation@flare-on.com
Should_havHkg0ne_to_tashi_$tation@flare-on.com
Should_havHmg0ne_to_tashi_$tation@flare-on.com
Should_havHyg0ne_to_tashi_$tation@flare-on.com
Should_havIEg0ne_to_tashi_$tation@flare-on.com
Should_havIUg0ne_to_tashi_$tation@flare-on.com
Should_havIcg0ne_to_tashi_$tation@flare-on.com
Should_havIig0ne_to_tashi_$tation@flare-on.com
Should_havImg0ne_to_tashi_$tation@flare-on.com
Should_havIsg0ne_to_tashi_$tation@flare-on.com
Should_havJAg0ne_to_tashi_$tation@flare-on.com
Should_havJEg0ne_to_tashi_$tation@flare-on.com
Should_havJWg0ne_to_tashi_$tation@flare-on.com
Should_havJkg0ne_to_tashi_$tation@flare-on.com
Should_havKCg0ne_to_tashi_$tation@flare-on.com
Should_havKIg0ne_to_tashi_$tation@flare-on.com
Should_havKYg0ne_to_tashi_$tation@flare-on.com
Should_havKeg0ne_to_tashi_$tation@flare-on.com
Should_havKmg0ne_to_tashi_$tation@flare-on.com
Should_havKwg0ne_to_tashi_$tation@flare-on.com
Should_havLKg0ne_to_tashi_$tation@flare-on.com
Should_havLUg0ne_to_tashi_$tation@flare-on.com
Should_havLWg0ne_to_tashi_$tation@flare-on.com
Should_havLag0ne_to_tashi_$tation@flare-on.com
Should_havLgg0ne_to_tashi_$tation@flare-on.com
Should_havLsg0ne_to_tashi_$tation@flare-on.com
Should_havLyg0ne_to_tashi_$tation@flare-on.com
Should_havMAg0ne_to_tashi_$tation@flare-on.com
Should_havMQg0ne_to_tashi_$tation@flare-on.com
Should_havMYg0ne_to_tashi_$tation@flare-on.com
Should_havMeg0ne_to_tashi_$tation@flare-on.com
Should_havMkg0ne_to_tashi_$tation@flare-on.com
Should_havNOg0ne_to_tashi_$tation@flare-on.com
Should_havNSg0ne_to_tashi_$tation@flare-on.com
Should_havNgg0ne_to_tashi_$tation@flare-on.com
Should_havNyg0ne_to_tashi_$tation@flare-on.com
Should_havOIg0ne_to_tashi_$tation@flare-on.com
Should_havOcg0ne_to_tashi_$tation@flare-on.com
Should_havOgg0ne_to_tashi_$tation@flare-on.com
Should_havOmg0ne_to_tashi_$tation@flare-on.com
Should_havOug0ne_to_tashi_$tation@flare-on.com
Should_havPEg0ne_to_tashi_$tation@flare-on.com
Should_havPGg0ne_to_tashi_$tation@flare-on.com
Should_havPSg0ne_to_tashi_$tation@flare-on.com
Should_havPqg0ne_to_tashi_$tation@flare-on.com
Should_havPwg0ne_to_tashi_$tation@flare-on.com
Should_havQGg0ne_to_tashi_$tation@flare-on.com
Should_havQIg0ne_to_tashi_$tation@flare-on.com
Should_havQqg0ne_to_tashi_$tation@flare-on.com
Should_havQyg0ne_to_tashi_$tation@flare-on.com
Should_havRCg0ne_to_tashi_$tation@flare-on.com
Should_havREg0ne_to_tashi_$tation@flare-on.com
Should_havRKg0ne_to_tashi_$tation@flare-on.com
Should_havRag0ne_to_tashi_$tation@flare-on.com
Should_havRmg0ne_to_tashi_$tation@flare-on.com
Should_havRsg0ne_to_tashi_$tation@flare-on.com
Should_havSAg0ne_to_tashi_$tation@flare-on.com
Should_havSEg0ne_to_tashi_$tation@flare-on.com
Should_havSGg0ne_to_tashi_$tation@flare-on.com
Should_havSKg0ne_to_tashi_$tation@flare-on.com
Should_havScg0ne_to_tashi_$tation@flare-on.com
Should_havTAg0ne_to_tashi_$tation@flare-on.com
Should_havTIg0ne_to_tashi_$tation@flare-on.com
Should_havTSg0ne_to_tashi_$tation@flare-on.com
Should_havTUg0ne_to_tashi_$tation@flare-on.com
Should_havTag0ne_to_tashi_$tation@flare-on.com
Should_havTkg0ne_to_tashi_$tation@flare-on.com
Should_havTmg0ne_to_tashi_$tation@flare-on.com
Should_havTqg0ne_to_tashi_$tation@flare-on.com
Should_havUOg0ne_to_tashi_$tation@flare-on.com
Should_havUQg0ne_to_tashi_$tation@flare-on.com
Should_havUcg0ne_to_tashi_$tation@flare-on.com
Should_havUgg0ne_to_tashi_$tation@flare-on.com
Should_havUog0ne_to_tashi_$tation@flare-on.com
Should_havUyg0ne_to_tashi_$tation@flare-on.com
Should_havVKg0ne_to_tashi_$tation@flare-on.com
Should_havVMg0ne_to_tashi_$tation@flare-on.com
Should_havVkg0ne_to_tashi_$tation@flare-on.com
Should_havVqg0ne_to_tashi_$tation@flare-on.com
Should_havVug0ne_to_tashi_$tation@flare-on.com
Should_havWGg0ne_to_tashi_$tation@flare-on.com
Should_havWMg0ne_to_tashi_$tation@flare-on.com
Should_havWag0ne_to_tashi_$tation@flare-on.com
Should_havWmg0ne_to_tashi_$tation@flare-on.com
Should_havWwg0ne_to_tashi_$tation@flare-on.com
Should_havXUg0ne_to_tashi_$tation@flare-on.com
Should_havXmg0ne_to_tashi_$tation@flare-on.com
Should_havXog0ne_to_tashi_$tation@flare-on.com
Should_havXsg0ne_to_tashi_$tation@flare-on.com
Should_havYEg0ne_to_tashi_$tation@flare-on.com
Should_havYKg0ne_to_tashi_$tation@flare-on.com
Should_havYMg0ne_to_tashi_$tation@flare-on.com
Should_havYWg0ne_to_tashi_$tation@flare-on.com
Should_havYug0ne_to_tashi_$tation@flare-on.com
Should_havZMg0ne_to_tashi_$tation@flare-on.com
Should_havZgg0ne_to_tashi_$tation@flare-on.com
Should_havZwg0ne_to_tashi_$tation@flare-on.com
Should_havaKg0ne_to_tashi_$tation@flare-on.com
Should_havaUg0ne_to_tashi_$tation@flare-on.com
Should_havaWg0ne_to_tashi_$tation@flare-on.com
Should_havaog0ne_to_tashi_$tation@flare-on.com
Should_havayg0ne_to_tashi_$tation@flare-on.com
Should_havbAg0ne_to_tashi_$tation@flare-on.com
Should_havbKg0ne_to_tashi_$tation@flare-on.com
Should_havbQg0ne_to_tashi_$tation@flare-on.com
Should_havbSg0ne_to_tashi_$tation@flare-on.com
Should_havbeg0ne_to_tashi_$tation@flare-on.com
Should_havcAg0ne_to_tashi_$tation@flare-on.com
Should_havcCg0ne_to_tashi_$tation@flare-on.com
Should_havcOg0ne_to_tashi_$tation@flare-on.com
Should_havcgg0ne_to_tashi_$tation@flare-on.com
Should_havcmg0ne_to_tashi_$tation@flare-on.com
Should_havcqg0ne_to_tashi_$tation@flare-on.com
Should_havcwg0ne_to_tashi_$tation@flare-on.com
Should_havdCg0ne_to_tashi_$tation@flare-on.com
Should_havdIg0ne_to_tashi_$tation@flare-on.com
Should_havdOg0ne_to_tashi_$tation@flare-on.com
Should_havdgg0ne_to_tashi_$tation@flare-on.com
Should_havdug0ne_to_tashi_$tation@flare-on.com
Should_haveKg0ne_to_tashi_$tation@flare-on.com
Should_haveMg0ne_to_tashi_$tation@flare-on.com
Should_haveSg0ne_to_tashi_$tation@flare-on.com
Should_haveWg0ne_to_tashi_$tation@flare-on.com
Should_haveqg0ne_to_tashi_$tation@flare-on.com
Should_havfAg0ne_to_tashi_$tation@flare-on.com
Should_havfGg0ne_to_tashi_$tation@flare-on.com
Should_havfMg0ne_to_tashi_$tation@flare-on.com
Should_havfag0ne_to_tashi_$tation@flare-on.com
Should_havfsg0ne_to_tashi_$tation@flare-on.com
Should_havgEg0ne_to_tashi_$tation@flare-on.com
Should_havgQg0ne_to_tashi_$tation@flare-on.com
Should_havgog0ne_to_tashi_$tation@flare-on.com
Should_havgyg0ne_to_tashi_$tation@flare-on.com
Should_havhEg0ne_to_tashi_$tation@flare-on.com
Should_havhKg0ne_to_tashi_$tation@flare-on.com
Should_havhMg0ne_to_tashi_$tation@flare-on.com
Should_havhWg0ne_to_tashi_$tation@flare-on.com
Should_havhYg0ne_to_tashi_$tation@flare-on.com
Should_havhcg0ne_to_tashi_$tation@flare-on.com
Should_havhig0ne_to_tashi_$tation@flare-on.com
Should_havhkg0ne_to_tashi_$tation@flare-on.com
Should_havhqg0ne_to_tashi_$tation@flare-on.com
Should_haviCg0ne_to_tashi_$tation@flare-on.com
Should_haviGg0ne_to_tashi_$tation@flare-on.com
Should_haviIg0ne_to_tashi_$tation@flare-on.com
Should_haviOg0ne_to_tashi_$tation@flare-on.com
Should_havieg0ne_to_tashi_$tation@flare-on.com
Should_havikg0ne_to_tashi_$tation@flare-on.com
Should_haviqg0ne_to_tashi_$tation@flare-on.com
Should_havjKg0ne_to_tashi_$tation@flare-on.com
Should_havjgg0ne_to_tashi_$tation@flare-on.com
Should_havjig0ne_to_tashi_$tation@flare-on.com
Should_havjug0ne_to_tashi_$tation@flare-on.com
Should_havkAg0ne_to_tashi_$tation@flare-on.com
Should_havkWg0ne_to_tashi_$tation@flare-on.com
Should_havkYg0ne_to_tashi_$tation@flare-on.com
Should_havkug0ne_to_tashi_$tation@flare-on.com
Should_havlUg0ne_to_tashi_$tation@flare-on.com
Should_havlYg0ne_to_tashi_$tation@flare-on.com
Should_havleg0ne_to_tashi_$tation@flare-on.com
Should_havlgg0ne_to_tashi_$tation@flare-on.com
Should_havlsg0ne_to_tashi_$tation@flare-on.com
Should_havlwg0ne_to_tashi_$tation@flare-on.com
Should_havmOg0ne_to_tashi_$tation@flare-on.com
Should_havmag0ne_to_tashi_$tation@flare-on.com
Should_havmsg0ne_to_tashi_$tation@flare-on.com
Should_havnEg0ne_to_tashi_$tation@flare-on.com
Should_havnug0ne_to_tashi_$tation@flare-on.com
Should_havnwg0ne_to_tashi_$tation@flare-on.com
Should_havoMg0ne_to_tashi_$tation@flare-on.com
Should_havoSg0ne_to_tashi_$tation@flare-on.com
Should_havoag0ne_to_tashi_$tation@flare-on.com
Should_havoeg0ne_to_tashi_$tation@flare-on.com
Should_havoyg0ne_to_tashi_$tation@flare-on.com
Should_havpOg0ne_to_tashi_$tation@flare-on.com
Should_havpQg0ne_to_tashi_$tation@flare-on.com
Should_havpWg0ne_to_tashi_$tation@flare-on.com
Should_havpcg0ne_to_tashi_$tation@flare-on.com
Should_havpug0ne_to_tashi_$tation@flare-on.com
Should_havpyg0ne_to_tashi_$tation@flare-on.com
Should_havqQg0ne_to_tashi_$tation@flare-on.com
Should_havqYg0ne_to_tashi_$tation@flare-on.com
Should_havqcg0ne_to_tashi_$tation@flare-on.com
Should_havqig0ne_to_tashi_$tation@flare-on.com
Should_havrCg0ne_to_tashi_$tation@flare-on.com
Should_havrUg0ne_to_tashi_$tation@flare-on.com
Should_havrgg0ne_to_tashi_$tation@flare-on.com
Should_havrqg0ne_to_tashi_$tation@flare-on.com
Should_havrwg0ne_to_tashi_$tation@flare-on.com
Should_havsWg0ne_to_tashi_$tation@flare-on.com
Should_havsag0ne_to_tashi_$tation@flare-on.com
Should_havtAg0ne_to_tashi_$tation@flare-on.com
Should_havtkg0ne_to_tashi_$tation@flare-on.com
Should_havuMg0ne_to_tashi_$tation@flare-on.com
Should_havukg0ne_to_tashi_$tation@flare-on.com
Should_havuwg0ne_to_tashi_$tation@flare-on.com
Should_havvUg0ne_to_tashi_$tation@flare-on.com
Should_havvcg0ne_to_tashi_$tation@flare-on.com
Should_havvig0ne_to_tashi_$tation@flare-on.com
Should_havvog0ne_to_tashi_$tation@flare-on.com
Should_havvsg0ne_to_tashi_$tation@flare-on.com
Should_havwAg0ne_to_tashi_$tation@flare-on.com
Should_havwKg0ne_to_tashi_$tation@flare-on.com
Should_havwYg0ne_to_tashi_$tation@flare-on.com
Should_havwqg0ne_to_tashi_$tation@flare-on.com
Should_havxSg0ne_to_tashi_$tation@flare-on.com
Should_havxYg0ne_to_tashi_$tation@flare-on.com
Should_havxag0ne_to_tashi_$tation@flare-on.com
Should_havxmg0ne_to_tashi_$tation@flare-on.com
Should_havxwg0ne_to_tashi_$tation@flare-on.com
Should_havxyg0ne_to_tashi_$tation@flare-on.com
Should_havyKg0ne_to_tashi_$tation@flare-on.com
Should_havyWg0ne_to_tashi_$tation@flare-on.com
Should_havygg0ne_to_tashi_$tation@flare-on.com
Should_havyig0ne_to_tashi_$tation@flare-on.com
Should_havysg0ne_to_tashi_$tation@flare-on.com
Should_havzKg0ne_to_tashi_$tation@flare-on.com
Should_havzWg0ne_to_tashi_$tation@flare-on.com
Should_havzYg0ne_to_tashi_$tation@flare-on.com
Should_havzeg0ne_to_tashi_$tation@flare-on.com
Should_havzig0ne_to_tashi_$tation@flare-on.com

Edited September 9, 2015 by Extreme Coders (see edit history)

[kao 1,872]

..and the proper one was "Should_have_g0ne_to_tashi_$tation@flare-on.com"

Sometimes you just need to use a common sense.

 

Official solutions have been posted here: https://www.fireeye.com/blog/threat-research/2015/09/flare-on_challenges.html

 

EDIT: oops, missed link to official solutions in the middle of ExtremeCoders post..  I have the attention span of a squirrel.

Edited September 9, 2015 by kao (see edit history)

[Extreme Coders 405]

The reason for the large number of *valid* emails, 

is that 6th prime factorization array is composed of all zeros.

 

Hence any, prime number between 0 & 0x7E7E for the 11 and 12th character combined (taken as a 16 bit value) is valid. 

Filtering out non printable characters and other invalid characters. we can get a decent sized list.

Edited September 9, 2015 by Extreme Coders (see edit history)

[kao 1,872]

I will have to look at that challenge again.

 

Here's my stupid solver which got the job done and provided just the correct address: https://www.mediafire.com/?gnypecz9l7th4ea

It's a really crappy code - but that does not matter. During the challenge all I care about is getting job done, not the purity and clarity of code.

[Loki 359]

It's a really crappy code - but that does not matter. During the challenge all I care about is getting job done, not the purity and clarity of code.

 

Exactly - good enough is good enough when it comes to this stuff!

 

Nice work everyone - we have some talented people here! Wear those belt buckles with pride

[Extreme Coders 405]

Pretty much same sort of code for the first stupid solver.

It stops immediately after finding a valid email, hence the output is not the actual email, as there are more than one possible emails.

 

http://www.mediafire.com/download/39brdepxjsjqk8s/source.rar

[noregret 0]

That is great guys, any idea where we can download the challenges? They just published write-ups without the actual challenges binaries.

[Extreme Coders 405]

@noregret: Find the link in the blog post. http://mshetta.blogspot.in/2015/09/flare-on-2015-walkthrough.html

[kao 1,872]

Verrry nice writeups! We've taken very different approaches at some stages, and you have obviously analyzed stuff much deeper than me.

 

Let's see if I can manage to write down my solutions over the weekend.

[kienmanowar 3]

Verrry nice writeups! We've taken very different approaches at some stages, and you have obviously analyzed stuff much deeper than me.

 

Let's see if I can manage to write down my solutions over the weekend.

 

Wait to see your writeups kao!

[PolarBear 0]

Verrry nice writeups! We've taken very different approaches at some stages, and you have obviously analyzed stuff much deeper than me.

 

Let's see if I can manage to write down my solutions over the weekend.

Looking forward to see the fastest winner's solution.

[kao 1,872]

Since he's too shy to write a post here - here are AcidShout's solutions: http://acidshout.github.io/

[Loki 359]

Nice work AcidShout, and very nice write ups

[Extreme Coders 405]

My solutions (Challenge 6-11). It's nowhere near the quality as that of other's writeups.

 

http://1drv.ms/1XWdFGm