Jump to content
Tuts 4 You

Flare-On 7


Recommended Posts

  • 2 weeks later...
Washi

Registration already open? I cannot seem to find the form.

Also I still haven't received my badge from last year :(

Link to post
Washi

Yea I did get an e-mail in late November but the tracking code was missing, so I don't even know where it went:

Screenshot_20200813_000249.png.1eed3b1a10b18fef5ad58ed1a1d9b84d.png

Tried already a few times to contact nickharbour but can't seem to get him to read my messages. At this point I don't think I'll ever receive it. Maybe this year I have more luck  😅

  • Like 1
Link to post
  • 4 weeks later...

After burning hours on challenge #2, does anybody have a hint or can confirm that I am on the right track:

After fixing the binary, it still does not "work". Taking a look at the code hows 3 interesting functions. Stuff is being manipulated by heavy pointer usage? I tried rebuild the relevant code parts but after a few iterations it crashes. Does this sound familiar to anyone or am I completely off track?

w.

Link to post
Kurapica

scanning the "garbage.exe" file shows it's packed with UPX 3.94, several fields in the "Data directories" have invalid values, and the Import directory is also missing

The Imports are missing from the .rsrc section, you can fix some stuff by hand and manipulate it to force stub to unpack UPX1, but it won't resolve the imports correctly

the dumped section contains several suspicious strings and a "covid19sucks" message, a quick look at the dumped section in IDA shows some xor functions at the main

function, I'm not a big fan of those challenges but I think kao can shed more light since he solved 9 challenges on first day :D

Link to post
deepzero

They have considerable skill placing this challenge at times where i absolutely cant spare the time to participate... :D

I just solved the first two though - little hint: Wine seems more allowing with corrupted exe files, it's relatively easy to fix it up to a point where Wine will eat it. ;)

 

Link to post
akkaldama
Spoiler

1. Used some unpacker tool to unpack this file
2.Used CFF explorer to fix the corrupted pe file
3.Run the exe and get the key

 

Here is how I solved it

 

Edited by akkaldama (see edit history)
Link to post

Im trying challenge 4. I have a decent idea of how to solve if only I had access to MS Office. But I can't run the scripts due to I lack MS Office.

Any suggestions for other ways of running the scripts ?

 

Link to post
Kurapica

you may have to wait until the end of the match, no one will be posting info during the match for the sake of honest competition.

you can find several downloads of office on the web if it's needed to solve the challenge

Good Luck

Link to post

Well. My idea of how to solve was correct. I was just lacking a copy of office. I can't see that as cheating to ask if any alternatives to pirating office exist.

Now I pirated office and I'm on to challenge #5.

Link to post

Retail copy of MS Office offers a 30 day trial before mandatory activation. That's not piracy. :)

In one of the next challenges, you'll also need pretty new build of Windows 10. Again, there are evaluation copies available.

 

Link to post

I feel pretty stupid for asking for a hint again. This time, it's ch3. Feel free to DM me if somebody wants to avoid spoilers.

I can control pretty much everything, score, highscore, obstacles, etc. I know how many points I need and I can win the game, winner screen appears but no flag is displayed. So I think there might be more "tamper" protection? Did anybody else have this problem?

Link to post
noweileen

Does anyone have any hints for 6/codeit? I deobfuscated the autoit script, but I'm not sure how to get the hash for decryption (or if this is even required)

Edit: Solved 🙂

Edited by noweileen (see edit history)
Link to post
4 hours ago, kraxgrr said:

So challenge #8 I get CoCreateInstance() fails.

Is this part of the challenge or my setup is bad ?

That's your setup. It should just run cleanly on a standard Windows 10 system.

Link to post
2 hours ago, Rurik said:

That's your setup. It should just run cleanly on a standard Windows 10 system.

Thanks. I managed to get it working by turning on "virtual machine platform". Only "WSL" was not enough.

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...