Flare On 6

September 16, 2019

35 minutes ago, muppet said:

But is the data really supposed to be jibberish when I look at what input data generated that ciphertext ?

If you're doing it right it should decrypt to well formed and valid data with a recognizable header.

September 16, 2019

Hello, again

I have a question in Mugatu task.

Can someone confirm that the URL in EXE related with POST is necessary? I am asking becasue i don't know if it is not working or is down and I am going in wrong direction. I see request to it but no response...So am doing something wrong or there is a problem with flare-on.com subdomain. Thank you for hints.

September 16, 2019

@_fuso_: there is no problem with flare-com subdomain. It was never working, and challenge can be solved without that.

September 16, 2019

Any hints for #12?

Spoiler

I've got the dlls and have a fair idea of what they do (specifically crypto).

But when i try to decipher the 7777 packets all I get is non-printable gibberish.

September 16, 2019

@bandit

Spoiler

Beside the DLLs there are also other drivers that deal with crypto.

September 17, 2019

19 hours ago, Extreme Coders said:

@scorpion77 Yes it does.

@muppet

Reveal hidden contents

The changes made to the IL are to the operands of the instructions (not the opcodes themselves). So you can use "Edit IL Instructions..." to make the necessary changes.

Thank you all who helped!! Now onto the 7th one.

September 17, 2019

On 9/2/2019 at 5:10 PM, scorpion77 said:

And finally the right tools!!! Like someone mentioned on twitter. The flag was looking straight at me Thank you folks

Hey, Which tools did you use besides ninja ripper?

September 17, 2019

4 minutes ago, Geordeaux said:

Hey, Which tools did you use besides ninja ripper?

I used blender - another hint the mesh file wont directly load in blender though

Edited September 17, 2019 by scorpion77

September 17, 2019

Guys, please remember to use "spoiler" tags..

September 17, 2019

50 minutes ago, scorpion77 said:

I used blender - another hint the mesh file wont directly load in blender though

THANK YOU! I've been trying to use 3d studio max with no success

September 17, 2019

37 minutes ago, kao said:

Guys, please remember to use "spoiler" tags..

Sorry about that

September 17, 2019

i am stuck at flare-on challenge #2

any body give any suggestion

September 18, 2019

i am stuck at flare-on challenge #2

any body give any suggestion

any help

September 18, 2019

@usman123

at what point are you stuck. If you can tell what you tried and at what point you dont know how to move forward I could give hints

September 18, 2019

@Extreme Coders:

Spoiler

Thanks. I've figured out the encryption but what i don't get is presence of both encrypted and plaintext blocks of traffic. Might still be missing something here. Any hints?

September 18, 2019

@bandit

Spoiler

All of the relevant traffic is encrypted once or more than once and sometimes compressed (if you aren't taking that into account).
The plaintext traffic in the pcap isn't of interest.

Edited September 18, 2019 by Extreme Coders
Add some useful info

September 18, 2019

21 hours ago, Geordeaux said:

THANK YOU! I've been trying to use 3d studio max with no success

Spoiler

I've figured out how to produce the .rip files but like you said I'm having trouble tryingto figure out how to load the mesh files in blender. Can I manually create the mesh with the data from the .rip?

September 18, 2019

Spoiler

I've figured out how to produce the .rip files but like you said I'm having trouble tryingto figure out how to load the mesh files in blender. Can I manually create the mesh with the data from the .rip?

September 18, 2019

@scorpion77

i want to find string in second challenge i use ollydbg. after show messagebox i enter nop and run next messegebox then encoded string found in stack like this

i don't know how decoded any suggestion

September 18, 2019

@usman23

Spoiler

What do you see when you run the exe? You get a message in the message box. Where and how did that message come from? Look a little further

September 18, 2019

@scorpion77

when i RETN 10 convert to NOP and highlightted message box instruction run then this input shown

September 18, 2019

@usman23

Spoiler

Look at the origin of the message displayed in the messagebox (the location shown as local.33). See how the message gets decoded in that location

September 18, 2019

@scorpion77

ok thanks i check on this location

September 18, 2019

Hi ,

It's me again

Spoiler

Can someone tell me what is going on with Morpheus? What should i do with his info. I tried many things but best.gif does not look good after applying his hints

I am tired with this task.

Thank you.

September 18, 2019

Spoiler

Is it realated with GIF header in Morpheus?

Edited September 18, 2019 by _fuso_

Flare On 6

Recommended Posts

Extreme Coders

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

kao

Extreme Coders

kao

Posted Images

_fuso_

kao

bandit

Extreme Coders

scorpion77

Geordeaux

scorpion77

kao

Geordeaux

scorpion77

usman23

usman23

scorpion77

bandit

Extreme Coders

Geordeaux

Geordeaux

usman23

scorpion77

usman23

scorpion77

usman23

_fuso_

_fuso_

Create an account or sign in to comment

Create an account

Sign in

Community

Search