Jump to content
Tuts 4 You
Sign in to follow this  
rand0m

Flare On 4

Recommended Posts

rand0m

So how is everyone going with it

Share this post


Link to post
kao

I'm on #9 and I know that few other members are playing. But all in all forum is unusually quiet this year. :)

Share this post


Link to post
kao

For the boat game? I didn't use any Linux debugger whatsoever. If I really had to - I'd use IDA with Linux debugger server.

But I'm sure that everyone has his/her favorite tools. :) 

Share this post


Link to post
Futex

I'm on it too, i started the 5 challenge.

Share this post


Link to post
Eskalina

Guys hello. Somebody can help me with 10th task ? i'm really stuck on it. I was recovered some bytes from key (particular 1th, 25, 26 and 27), identified set of characters that can be used on positions in the key and I found the expected length of the key (64b). I was trying to reverse algorithm and trying to create system of xor equations, but all to no avail :(

Share this post


Link to post
Extreme Coders
22 hours ago, rand0m said:

I'm wondering if people use plain gdb or scripts like this are popular https://github.com/longld/peda

Vanilla gdb is cumbersome to use. As such, I tend to use pwngdb or gef when the need arises, but again there is no replacement for IDA.

Started the challenges late. Currently, on the 5th one.

Share this post


Link to post
rand0m
1 minute ago, Extreme Coders said:

Vanilla gdb is cumbersome to use. As such, I tend to use pwngdb or gef when the need arises, but again there is no replacement for IDA.

Started the challenges late. Currently, on the 5th one.

Yeah I switched to IDA in the end. I'm still at level 6.

Share this post


Link to post
kao

@Eskalina: I'm at the pretty much same place, so no suggestions yet. There must be better way than sheer bruteforce..

 

EDIT: there's no substitute for human eyes. I made semi-interactive tool which allowed me to cycle through all possible set of chars for each byte and printed first 320 bytes decoded.. In few minutes I was able to recover correct key.

Edited by kao (see edit history)
  • Like 1

Share this post


Link to post
Eskalina

@kao You right, I decided this. 10/12 completed.

Share this post


Link to post
Aldhard Oswine

Any tips for the 9th challenge?
If not just analyzing whole AVR disassembly via IDA? 

Share this post


Link to post
rand0m

in level 6, I got one letter of the flag from a certain function, does the same function decrypt the rest of the flag or I should be looking for other functions to call ?

Share this post


Link to post
rand0m
6 hours ago, rand0m said:

in level 6, I got one letter of the flag from a certain function, does the same function decrypt the rest of the flag or I should be looking for other functions to call ?

nevermind, figured it out

Share this post


Link to post
kao

@Aldhard Oswine: IDA is sufficient. With a bit of skill and trained eye you will recognize the check and then you can reimplement it in any language you like.

Or you can use Atmel Studio, if you wish to debug it.

Share this post


Link to post
Eskalina

@Aldhard Oswine Another way, you can use a bunch of radare2+simavr+gdb. IDA makes errors in calculating addresses of instructions.

Share this post


Link to post
Aldhard Oswine

Using Atmel and debugging is was easy :lol:
I need your help in the 10th challenge, any suggestions for the crypto?
How to get correct function from encoded data, how to get correct input

Share this post


Link to post
endered

I stuck at challenge 5 for two days, still have no idea to do with the number sequence I've got in the last round. :(

Share this post


Link to post
crystalboy

@endered 

Spoiler

Start by replacing 'PEW' string with empty string. :D
When you play you fill the grid to sink the ships. At the end of each level the various 'X' toghether represent a letter.
At the end of the challenge you get these numbers that are the order in which you need to sort those letters. When you sort them out and you perform ROT-13 on the sorted string you will get something readable. :)

 

Edited by crystalboy (see edit history)
  • Like 1

Share this post


Link to post
Aldhard Oswine

@crystalboy what about 10th? Is there a better way than brute force?

Share this post


Link to post
crystalboy

@Aldhard Oswine Unfortunately i am taking it slowly and i didn't reached level 10 yet.  :P

Considering kao hint by the way it seems that you need a smart bruteforcer :)

On 9/9/2017 at 8:19 AM, kao said:

I made semi-interactive tool which allowed me to cycle through all possible set of chars for each byte and printed first 320 bytes decoded.. In few minutes I was able to recover correct key.

 

Share this post


Link to post
endered

@crystalboy Thanks for u help, I forgot that encryption.:blink:

I got something readable but still meaningless after decrypt, continue to see and try to find the ans. 

Share this post


Link to post
rand0m

Is there a better java debugger than JDB ?

Share this post


Link to post
quend

#11.... >.< getting caught up in the first decryption part. Any suggestions?

Share this post


Link to post
grau

Got stuck on challenge 4. Can't decrypt with key.bin

Share this post


Link to post
SmilingWolf

Suggestions:

Spoiler

@quend any more details you can offer? What's not working? I have found that some challenges sometimes require a little nudge to go in the right direction.
@grau I couldn't find the last required item (assuming it ever existed EDIT: whelps, it exists, I was damn blind), so I ended up forcing the program a bit in the right direction. If you have done everything right, 3/4 of the key are all you need to get the flag.

 

I have seen a number of people doing something like this on twitter, am I doing it right?

Spoiler

flareon4.png.6fd952f6c4a072fe2bfa6279af2584b6.png

 

Edited by SmilingWolf (see edit history)
  • Like 1
  • Thanks 1

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
×
×
  • Create New...