Flare-On 4

[satoshi]

On 03/10/2017 at 8:18 AM, Rurik said:

@satoshi The organizer gave a good hint on Twitter: 

  Reveal hidden contents

Take a look at the "REST APIs" like mentioned above, and the way this program deals with rand().

 

Thanks for the hint! I managed to solve it. That challenge was pretty tricky haha

[SmilingWolf]

The challenge has ended. Congratulations everybody

So, is anybody going to write some full writeups or dump some of his notes/overviews/thoughts?
I'm always looking forward to these when a competition ends

[Gyver75]

Ok! This is my script for solve challenge 5 ... I used Binary Ninja, gdb inside a Linux VM ( just to know the the value of key used to decrypt the 1 level :)) and, ofc, python. 

5 challenge.7z

[Gyver75]

https://securityboulevard.com/2017/10/2017-flare-on-challenge-solutions/

All challenges + solutions are posted here! Nice reading

[Rurik]

:/  That guy just scraped the FireEye web page and posted their results.

 

Good stuff on using Binary Ninja for #5, still reading through it. I just bought BN for fun, and trying to find situations where it would fare better than IDA.

I'll probably dump my notes and scripts to github here soon, after some clean-up.

[kao]

Let's put some links together...

https://www.fireeye.com/blog/threat-research/2017/10/2017-flare-on-challenge-solutions.html - official solutions.

https://lifeinhex.com/about-flare-2017/ - my non-writeup. If I ever get bored find some free time, I'll make detailed tutorials about #11 and #12. 
http://www.rtcore.gq/2017/10/flare-on-2017.html - by @Etor Madiv

The remaining list comes from twitter feed:
https://www.securifera.com/blog/2017/10/16/flare-4-challenge-11-writeup/ by b0yd
http://irq5.io/2017/10/15/flare-on-2017-write-up-pewpewboat-exe/ by darell tan aka zxcvgm
http://www.bulbafett.com/index.php/2017/10/12/2017-flare-on-write-up/ by bulbafett
https://theromanxpl0it.github.io/articles/flareon2017/ by dp1
https://github.com/L4ys/CTF/tree/master/flareon4 by _L4ys
https://blahcat.github.io/2017/10/13/flareon-4-writeups/ by _blahcat_
 

If you notice more writeups, please post links, preferrably direct ones (no t.co/whatever crap!)

 

[Extreme Coders]

My mini write-up: 
https://0xec.blogspot.com/2017/10/flare-on-challenge-2017-writeup.html

[kienmanowar]

Here is my write-up for Chal6 & 7 (Sorry for my bad English )

https://vsec.com.vn/en/blogen/write-chal6-flare-on4.html

https://vsec.com.vn/en/blogen/write-challenge-7-flare-4.html

Regards,

[kao]

More writeups from Twitter:

https://blog.xorhex.com/flare-on-2017-challenge-3/
https://shasaurabh.blogspot.com/2017/10/fireeye-flare-ctf-2017-pewpewboat.html

EDIT:

https://shasaurabh.blogspot.com/2017/10/fireeye-flare-ctf-2017-flair-apk.html
https://thomasw.eu/tag/flareon4/ (3,4,5,6,7,8,9,10)
https://blog.ret2.io/2017/10/17/untangling-exotic-architectures-with-binary-ninja/ (11)
https://0xd13a.github.io/FLARE-ON-2017/  (1,2,7,8,9,10,11)

Edited October 18, 2017 by kao

[Rurik]

I don't do write-ups anymore as much as I do rambling sets of notes and raw scripts, but I've been slowly pushing mine up.  Will clean-up over time.

https://github.com/Rurik/CTF/tree/master/FLARE_2017

[kao]

@Rurik: epic tweet!

 

[Rurik]

@kao Am I wrong?

We knew what we were signing up for, based on the prior three years. Last year took the most out of me, mentally. This year not as bad, but close, but it took a very long time. Just need to reverse faster.
Or maybe the wife has high standards of prizes from the Szechuan sauce and Lego David Bowie from LabyREnth

[Rurik]

Challenge 12 Solver Scripts -- by the challenge author:

https://github.com/jhsmith/flareon/tree/master/flareon4_challenge12