Jump to content
Tuts 4 You
rand0m

Flare On 4

Rate this topic

Recommended Posts

kimbo
On 10/2/2017 at 5:52 PM, kao said:

there are no readable words. You need to supply correct flag and then the program will print a good boy message.

Thanks a lot for the suggestions @kao, hopefully I can continue tracing it and solve the challenge, not sure if I can make it with this short time though.

On 10/2/2017 at 5:52 PM, kao said:

For me, the fastest way was pen, paper and small disassembler/emulator I wrote in C#.

Yup, can't denied you are a very good reverser with awesome skill :) 

Share this post


Link to post
Share on other sites
satoshi
On 03/10/2017 at 8:18 AM, Rurik said:

@satoshi The organizer gave a good hint on Twitter: 

  Reveal hidden contents

Take a look at the "REST APIs" like mentioned above, and the way this program deals with rand().

 

Thanks for the hint! I managed to solve it. That challenge was pretty tricky haha

Share this post


Link to post
Share on other sites
SmilingWolf

The challenge has ended. Congratulations everybody :D

So, is anybody going to write some full writeups or dump some of his notes/overviews/thoughts?
I'm always looking forward to these when a competition ends :)

Share this post


Link to post
Share on other sites
Gyver75

Ok! This is my script for solve challenge 5 ... I used Binary Ninja, gdb inside a Linux VM ( just to know the the value of key used to decrypt the 1 level :)) and, ofc, python. 

5 challenge.7z

Share this post


Link to post
Share on other sites
Rurik

:/  That guy just scraped the FireEye web page and posted their results.

 

Good stuff on using Binary Ninja for #5, still reading through it. I just bought BN for fun, and trying to find situations where it would fare better than IDA.

I'll probably dump my notes and scripts to github here soon, after some clean-up.

Share this post


Link to post
Share on other sites
kao

Let's put some links together... :)

https://www.fireeye.com/blog/threat-research/2017/10/2017-flare-on-challenge-solutions.html - official solutions.

https://lifeinhex.com/about-flare-2017/ - my non-writeup. If I ever get bored find some free time, I'll make detailed tutorials about #11 and #12. 
http://www.rtcore.gq/2017/10/flare-on-2017.html - by @Etor Madiv

The remaining list comes from twitter feed:
https://www.securifera.com/blog/2017/10/16/flare-4-challenge-11-writeup/ by b0yd
http://irq5.io/2017/10/15/flare-on-2017-write-up-pewpewboat-exe/ by darell tan aka zxcvgm
http://www.bulbafett.com/index.php/2017/10/12/2017-flare-on-write-up/ by bulbafett
https://theromanxpl0it.github.io/articles/flareon2017/ by dp1
https://github.com/L4ys/CTF/tree/master/flareon4 by _L4ys
https://blahcat.github.io/2017/10/13/flareon-4-writeups/ by _blahcat_
 

If you notice more writeups, please post links, preferrably direct ones (no t.co/whatever crap!) ;)

 

  • Like 1
  • Thanks 1

Share this post


Link to post
Share on other sites
kao
kao

@Rurik: epic tweet! :D

 

Share this post


Link to post
Share on other sites
Rurik

@kao Am I wrong? :D

We knew what we were signing up for, based on the prior three years. Last year took the most out of me, mentally. This year not as bad, but close, but it took a very long time. Just need to reverse faster.
Or maybe the wife has high standards of prizes from the Szechuan sauce and Lego David Bowie from LabyREnth :D

  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...