Jump to content
Tuts 4 You

Flare-On 7


Recommended Posts

ashoka_
On 10/13/2020 at 7:28 PM, Kurapica said:

Man, Flareon is for experienced reversers or at least those who are not just starting, I recommend that you start mastering the basics

and familiarize yourself with the many concepts that you may need to understand, and come back next year to play those

Flareon challenges, you will definitely score better.

After spending three days i m still stuck at 4th challenge now i understand what it mean to be a reverse engineer. May be i will not solve all(or may be even the half of them) the challenge but i still try my best till the last day. 

  • Like 3
Link to post
  • Replies 96
  • Created
  • Last Reply

Top Posters In This Topic

  • kao

    11

  • Kurapica

    10

  • kraxgrr

    9

  • ECX

    8

Top Posters In This Topic

Popular Posts

I just published my own write-ups on my GitHub, if anyone is interested https://github.com/Washi1337/ctf-writeups/tree/master/FlareOn/2020

Get your tools ready!  

After spending three days i m still stuck at 4th challenge now i understand what it mean to be a reverse engineer. May be i will not solve all(or may be even the half of them) the challenge but i stil

Posted Images

kao

@ashoka_: that is a very good attitude! :) 

Every year we get some people who are just asking for answers. Sooner or later they get the flag - but they don't learn anything in the process.
So, keep on working and learning!

  • Like 1
Link to post
Kurapica

A little hint for the 4th, I remember it was about xoring, make sure the XORing produces the correct PNG header to get the flag.

After you get the annoying MP3 file, inspect it with 010 editor to find its last frame offset, then you will see the data you will have to "decrypt" to get the flag.

I'm not sure I remember this very well, but keep trying and you will make it.

  • Like 1
Link to post

I am analyzing ch11 now.
Can you debug the obtained pefile??
I loaded it directly to the memory, or I used 0xcc to attach the debugger, but the PE file still cannot process the code.

Link to post
Extreme Coders

@petr

Spoiler

The final challenge is a lot similar to the leaked malware sources. The flag is stored in one of the values of the registry, the one that is not decryptable using the same way as for the  DLLs.
You've similar functions in the leaked sources too to store a value encrypted to the registry. Need to find out similar functions in the binaries.

 

Link to post
3 hours ago, Extreme Coders said:

@petr

  Hide contents

The final challenge is a lot similar to the leaked malware sources. The flag is stored in one of the values of the registry, the one that is not decryptable using the same way as for the  DLLs.
You've similar functions in the leaked sources too to store a value encrypted to the registry. Need to find out similar functions in the binaries.

 

@Extreme Coders yup, thanks for your response. I am exactly at the last step of decryption(s), having trouble obtaining the plaintext. I think I have the right key(s), but one of the algorithms may be wrong...

Link to post
Extreme Coders

@petr

Spoiler

The plaintext is encrypted twice before being written to the registry. One of the cipher algorithm is standard, the other is custom.
So you need two keys. One of them is easy to spot, the other is derived from some data. If that "data" is not correct, the key will also be wrong.

 

Link to post
Kurapica

in my humble opinion, some challenges were ridiculous from reverse engineering perspective.

but all in all, it was fun for those who learned new skills.

Congratulations to the winners.

Link to post
2 hours ago, Kurapica said:

in my humble opinion, some challenges were ridiculous from reverse engineering perspective.

but all in all, it was fun for those who learned new skills.

Congratulations to the winners.

What challenges do you talk about, and why ?

Congrats to the winner ! This year was fun again

Link to post
Kurapica
9 hours ago, masta said:

What challenges do you talk about, and why ?

Congrats to the winner ! This year was fun again

 

I've never played CTFs before but I was curios when kao posted about it few weeks ago.

I'm not a pro reverser like kao or those who do it as a job or as a source of income so my

experience was mostly with real life applications and protections, I expected something similar to

this field, I mean in how the challenges should be approached, problem with CTFs is that after you solve

several ones, you start to develop a pattern on how you should work with next challenges, like those "IQ"

patterns questions which are imposed by some recruiters to test your "IQ" ! , solving them is some kind of a skill

you develop just like learning a game of cards which doesn't mean you have a super IQ !

anyway practical or "real life" situations are different from what I saw

in those challenges, but I still have so much respect for the efforts of the authors who created this CTF.

 

 

 

  • Like 2
Link to post
kao

@GautamGreat: These days I have very limited free time, so I have no plans to write full solutions myself. 
Maybe I'll make an overview of other solutions and comment on how I approached that specific problem. No promises though. ;)

  • Like 2
Link to post
kao
  • 3 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...