Jump to content
Tuts 4 You
Sign in to follow this  
kao

Flare On 6

Recommended Posts

kao

Following the good old tradition, this thread will be dedicated to the annual Flare-On challenge. :) Who's going to participate this year?

 

  • Like 1

Share this post


Link to post
Etor Madiv

2nd post reserved. :) 

Happy Hacking.

Share this post


Link to post
GautamGreat

Last year I solved 6 challenges hopefully this time I'll improve :D 

Share this post


Link to post
kao
Quote

The FireEye Labs Advanced Reverse Engineering (FLARE) team is thrilled to announce that the popular Flare-On reverse engineering challenge will return for the sixth straight year. The contest will begin at 8:00 p.m. ET on Aug. 16, 2019. This is a CTF-style challenge for all active and aspiring reverse engineers, malware analysts, and security professionals. The contest runs for six full weeks and ends at 8:00 p.m. ET on Sept. 27, 2019.

This year’s contest will feature a total of 12 challenges covering a variety of architectures from x86 on Windows, .NET, Linux, and Android. Also, for the first time in Flare-On history, the contest will feature a NES ROM challenge. This is one of the only Windows-centric CTF contests out there and we have crafted it to represent the skills and challenges our FLARE team faces.

If you are skilled and dedicated enough to complete the Sixth Flare-On challenge, you will receive a prize and recognition on the Flare-On website for your accomplishment. Prize details will be revealed later, but as always, it will be worthwhile swag to earn the envy of your peers. Previous prizes included belt buckles, a replica police badge, a challenge coin, and a huge pin.

Check the Flare-On website for a live countdown timer, to view the previous year’s winners, and to download past challenges and solutions for practice. For official news and information, we will be using the Twitter hashtag: #flareon6

I better brush up my NES hacking skillz.. :D

 

Share this post


Link to post
endered

It's my 4th time to participate this wonderful reversing feast.

Share this post


Link to post
fasya

Any hints where to look for the flag in level five(demo)? I have no clue where to look for :(

Share this post


Link to post
Extreme Coders
On 8/18/2019 at 8:45 AM, fasya said:

Any hints where to look for the flag in level five(demo)? I have no clue where to look for :(

Spoiler

With the right tool this can be solved in minutes.  You don't even need a debug or unpack it.

 

Share this post


Link to post
evandrix
Posted (edited)
2 hours ago, Extreme Coders said:
  Hide contents

With the right tool this can be solved in minutes.  You don't even need a debug or unpack it.

 

mmm... 🤔

do you mean something like https://niemand.com.ar/2019/01/01/how-to-hook-directx-11-imgui or https://github.com/Sh0ckFR/Universal-ImGui-D3D11-Hook?

like maybe use that to change the colors to reveal the flag

Edited by evandrix (see edit history)

Share this post


Link to post
evandrix
4 minutes ago, TheProxy RE said:

you need for directx 9 not 11, still possible to do without any hook

ah yes, right, i was more referring to the idea when including the links

it worked for me on win10 directx12 though

Share this post


Link to post
evandrix
Posted (edited)
6 minutes ago, Extreme Coders said:
  Hide contents

Yes something like that.

 

ok yay, awesome! i shall go try that

Edited by evandrix (see edit history)

Share this post


Link to post
Extreme Coders
8 minutes ago, evandrix said:

ok yay, awesome! i shall go try that

Spoiler

BTW, I used a different tool - to extract the 3d models and assets.

 

Share this post


Link to post
evandrix
9 minutes ago, Extreme Coders said:
  Hide contents

BTW, I used a different tool - to extract the 3d models and assets.

 

oh yeah, that's genius

Share this post


Link to post
evandrix
5 hours ago, Extreme Coders said:
  Hide contents

BTW, I used a different tool - to extract the 3d models and assets.

 

yep, i think i found/used the same tool as you

i ❤️ quick wins ^_^

Share this post


Link to post
blank

I am stuck at 6 (bmphide). I don't know if I am doing something wrong, or I just don't get it. From the exe I found that I should look at the red pixels for retrievable data (specifically, the last 3 bits of each red byte). However, when I try to apply this to the image they gave us, it fails. I wouldn't want to write too much here and spoil the fun. However, if anyone could give me a hint, I would really appreciate it.

Share this post


Link to post
kao

@blank:

Spoiler

it's not only red.. and the data are encrypted.

 

Share this post


Link to post
jameswoods

I am stuck on the second one for an overlong amount of time. Can someone point me in the right direction as I have look at this file in multiple dissemblers and hex editors but nothing stands out to me.... I feel I am missing something obvious. 

 

Share this post


Link to post
kao

@jameswoods: you can't see the message using disassembler or hex editor. You'll need to debug the challenge and decode it. 

Share this post


Link to post
0X7C9

I got to bmbhide. I can't write decrypt. And all I know. I will use is the beautiful functional JITHOOK. So I will not solve the challenge without any help. It's really very difficult. I participated for the first time.

Share this post


Link to post
Extreme Coders
42 minutes ago, 0X7C9 said:

I got to bmbhide. I can't write decrypt.

Spoiler

Its possible to brute force without writing a decryptor. But atleast you need to recover the encrypted data from the image.

 

Share this post


Link to post
ForlaxPy

is the flarebear apk broken ? Or my emulator just sux lol

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
×
×
  • Create New...