Flare-On 8

[adicto]

1 hour ago, Washi said:

 

  Reveal hidden contents

Verify that you are using the right "source data" for the actual messages.

Thank you!!!! @Washi

[Darth Blue]

Hello i am on chall #9
Any hints are welcome

Spoiler

I have found the api-func resolver function and the exception handler function. I still didn't get what the challenge does unfortunately

 

Edited September 15, 2021 by Darth Blue
typo

[bianrycat]

Any hint for challenge #5?
I can't seem to be able to figure out even the 1st step

[adicto]

1 hour ago, bianrycat said:

Any hint for challenge #5?
I can't seem to be able to figure out even the 1st step

It’s partly an IR forensic challenge. Triage the machine. Snoop around and check artifacts that you would check if you were investigating a machine for inspection

[bianrycat]

25 minutes ago, adicto said:

It’s partly an IR forensic challenge. Triage the machine. Snoop around and check artifacts that you would check if you were investigating a machine for inspection

Thank you!

Got it now

[score1]

Hi 

Any tips for ch 4

Thanks 

[saagaraS]

On 9/15/2021 at 5:06 AM, adicto said:

Thank you!!!! @Washi

Hi! I am having the same problem with the actual larger message to process. How is it different from the others? 

[kao]

@saagaraS

Spoiler

If you mean the 10KB message, you should be able to recover at least part of it. 

But even if you can't, that message is only "nice-to-have" and challenge can be solved without it.

 

[saagaraS]

@kao

Spoiler

Not too sure if this is appropriate to be posted here or a DM is better. I am referring to the one together with the message with the PNG header

I figured it out in the end. Thanks!

Edited September 16, 2021 by saagaraS

[Remtaku]

Hi, I'm actually having a hard time understanding how to procced with challenge 8.

Spoiler

I figured out where most of the code snippets are from. The rest of the part and how the input is used doesn't make sense.

Any hints on how to move forward ?

[adicto]

Yeah im stuck on 8 as well. Of all things javascript lol. Finding new respect for it

The code just comes out as garbage

[Remtaku]

27 minutes ago, adicto said:

The code just comes out as garbage

Yeah.

 

[adicto]

for number 8, I understand what to input and how long its supposed to be. Question is how are we supposed to reverse that input to get the correct output haha. I think I'm missing a clue somewhere

[kao]

@adicto: 

Spoiler

You can make a good guess what output should look like.

 

[Oggy]

Somebody could give me a little hint #7

[Darth Blue]

@kao i am on chall #9

Spoiler

I have found the 4 string (L0ve, 5Ex ...) but i still cannot get how rsa use these as a key!

Thanks for any hint

[kao]

@Darth Blue: good job, you're almost there! I can't give you any hint without giving out a full solution.

Spoiler

There is no RSA

 

[Darth Blue]

@kaothank you i am on to it

[unionselect]

I can decrypt files in 5, but it's gibberish. Does that mean my decryption isn't good, or that I'm missing another piece. If I encrypt my own test file it decrypts without issue. Anyone willing to DM?

[kao]

@unionselect: you've done just the very first step of the challenge. Now you need to figure out the rest.

 

[unionselect]

Should I be looking in the same binary? Or back in the VM? I've found nothing in either, lol

[bohaw]

@unionselectAre all of the files gibberish? Or is at least one in readable text?

[unionselect]

3 hours ago, bohaw said:

@unionselectAre all of the files gibberish? Or is at least one in readable text?

Thanks. I noticed that a few hours ago. I'm kicking myself, because I wasted a lot of time checking the first three and giving up on them, lol.

[pepegaswiper69]

I've been stuck on chall 8 for 3 days now

Spoiler

I know that we need to input something that will decrypt the blob into executable JS code, but I can't seem to guess what that code will look like. I'm trying to search the encrypted blob for some possibilities and derive the input from them, for example some JS keywords like "function", "return" and stuffs, but the result doesn't seem to be correct.

Am I going in the wrong direction?

[kao]

@pepegaswiper69: the direction is right, just one of your assumptions is wrong.

Spoiler

3 hours ago, pepegaswiper69 said:

JS code

What symbols it may/may not contain?