Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Flare-On 12

Washi
Washi
in Reverse Engineering Articles

Featured Replies

Posted

It's that time of the year again. It seems we're starting September 26 8PM EST again with a return to Web3 and YARA as well.

Four weeks instead of six this year... I wonder what the reason for this is. 🤔

https://flare-on.com/

    • Like 5
    • Thanks 1
    • Haha 1
    • 3 weeks later...
    • Author

    Seems they screwed up time zones and released the challenges a day too early by accident. They had been up for a good amount of hours before staff finally took them down again. However, many people are already a good amount of challenges in.

    Image

    Obviously a big screw up by the organizers, but it's also telling something about the average participant playing in flare-on. It kind of means that in those ~8 hours the challenges were up, nobody of these early birds pinged the organizers that something was wrong. I doubt the organizers would not respond to such pings...

    In any case, I wonder how they will be addressing this. If they keep things as is, this year's scoreboard might not mean too much anymore.

    •
    • Confused 1

    image.png

    EDIT: my preferred solution would be:
    1) ban the "early birds" from this year's challenge;
    2) postpone Flare-On by month, and create 5 new challenges in place of the leaked ones. Just changing flags is not sufficient since the hard part is understanding the challenge, not obtaining a specific flag.

    Edited by kao

    • Like 1
    • Author

    The third option I thought of was to release the first 5 challenges for the same amount of time they have been up, and only open the remaining after that. This way people can catch up. Still not ideal for top runners of course, as they would burn through the first 5 probably in less time than they have been open, but at least it may be better than just opening everything again all at once.

    • Author

    Official statement just got in:

    •
    • Like 1

    Any hints on CH3?

    I recreated the PDF's xref table with all the right offsets, but it doesn't help. I can open the PDF in the browser but all it says is "Flare-On!". I also tried to comment out the "/Encrypt" line in the trailer, but the result is a blank page. Now I'm pretty stuck, any hints on how to proceed?

    Edited by g0lan
    Incorrectly added a 'spoiler' ection.

    5 hours ago, g0lan said:

    "/Encrypt" line in the trailer,

    That's and important line, don't just comment it out. Do something else.. :)

    any hints for 4? is it just not that deep?

    bc i ran it looking for diffs n also at the windows error reporting data

    Any hints for challenge 4? I already fixed the PE file. After running it, it creates several copies of it and opens all of them.

    2 minutes ago, iamwho said:

    Any hints for challenge 4? I already fixed the PE file. After running it, it creates several copies of it and opens all of them.

    depending on where you are, you might have to

    fix it more and run it again

    or

    fix it again and don't close all of the windows too quickly

    Does anyone have a hint for 5?

    it seems the password is limited to certain characters and those again can only appear in a certain order. but trying all possible "allowed" passwords on the decryption function doesn't seem to get me anywhere.

    Edited by iliketore

    I have problems with CH2.

    I looked at the code object and identified other code objects. Now I am able to see the prints ("Verifiying lead researcher...") etc. I dont know how to use it. I also found the use of RC4, but no material for it. There is also no output on my screen. Would be grateful for any help.

    Do you need a specific version of Python to run CH2? I tried with 3.13.7 (my default) and none of the bytecode executed. Again tried with Python 3.11 and I get "AttributeError" trying to execute the first bytecode. At this point I'm unsure whether this is part of the challenge or not.

    Any hints for ch5?

    requiring sanity check on challenge 6

    chain of demand

    i guess the correct way here is to restore seed.

    and there is only one option for seed (because of lcg design and first encrypted message). but that seed does not seem to work since lcg does not generate correct value for encrypting next message and also cannot regenerate same rsa key as given.

    unlikely that problem with an implementation, i tried both reimplementing lcg\xor and deploying bytecode on test environment (in python tho, could it be some weird bignumber endianess problem?!) with same result

    also tried to play with the rsa key generation algo but it does not seem to be vulnerable.

    what am i missing?

    Need help on CH2...

    I've been working on CH2 and successfully reversed the signature algorithm to find the username that passes authentication. The code uses the arc4 package to decrypt the final flag with RC4 encryption. I can verify the username is correct because when reversed it produces the exact target signature the code checks against, but when I try decrypting the flag using that username as the key I just get garbage. I've tried patching os.getlogin to return the correct username and running the actual script but it exits silently without output. I'm stuck figuring out what exact value gets passed as the key to the ARC4 cipher constructor. The username itself doesn't work as the key directly. Any hints on what im missing ut here would be greatly appreciated /|\

    Anyone for a nudge in the 5th flag?

    5 hours ago, TouchedBurntGrass said:

    Need help on CH2...

    I've been working on CH2 and successfully reversed the signature algorithm to find the username that passes authentication. The code uses the arc4 package to decrypt the final flag with RC4 encryption. I can verify the username is correct because when reversed it produces the exact target signature the code checks against, but when I try decrypting the flag using that username as the key I just get garbage. I've tried patching os.getlogin to return the correct username and running the actual script but it exits silently without output. I'm stuck figuring out what exact value gets passed as the key to the ARC4 cipher constructor. The username itself doesn't work as the key directly. Any hints on what im missing ut here would be greatly appreciated /|\

    You are almost ready. If it exits without output you are maybe running the wrong python version. Are you sure you have the right username? You can send me a message if you want

    4 hours ago, aka7am said:

    Anyone for a nudge in the 5th flag?

    Did you find anything? I can see that it calls file apis and also has some states initialization. Ida cant decompile the binary cause the function is too big

    54 minutes ago, iamwho said:

    Did you find anything? I can see that it calls file apis and also has some states initialization. Ida cant decompile the binary cause the function is too big

    I think I have understood the logic .. I need some help to automatically check the “state” for each step

    Edit: Dumb mistake in how I was collecting info. Done

    I've been stuck on the 5th for a few days. I know exactly what it's doing, and how, and am debugging it like turtles - all the way down. I have all the possible branches in a massive spreadsheet, but nothing stands out. There has to be a way without brute forcing and it has to be something stupidly simple...

    Edited by Rurik

    4 hours ago, Rurik said:

    I've been stuck on the 5th for a few days. I know exactly what it's doing, and how, and am debugging it like turtles - all the way down. I have all the possible branches in a massive spreadsheet, but nothing stands out. There has to be a way without brute forcing and it has to be something stupidly simple...

    Have you tried all possible combinations? Cause in my understanding only one branch should lead to flag

    Edited by aka7am

    Anyone hints/directions for 7? I am completely clueless

    15 hours ago, aka7am said:

    Have you tried all possible combinations? Cause in my understanding only one branch should lead to flag

    I've bruted almost every possible keys with 0 results. Who can indicate the correct direction for validating the last character, which would increase transactions to 16?

    Anybody hints for ch4?. Don't know where to look for. I saw the changing byte and also the two execution paths. Probably the one with jmp eax at the end needs to be taken. But I didn't see any condition that I can patch. I'm also not sure if I fixed anything in the PE, but it is running.
    I'm grateful for any hint. :)

    Extending my previous post:

    I know that it has something to do with NO_SEH but don't know what to do with this information. I'm looking for the table for hours but don't find anything useful...

    Edited by piano96

    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.