Flare-On 2017

08-09-2017 at night I just knew that flare-on started, solved two challenges and fall asleep.

1- The first challenge is quite easy to solve since the rotate is symmetric:

2 - This a little bit tricky since you will reproduce a small decryption algorithm to do reverse the encryption:

09-09-2017 after-noon, started solving challenge 3.

3 - This challenge requires you to find a byte value that is the key to decrypt an x86 code, given a simple hash function, once this code is decrypted and begin running, it will put the flare-on flag on the stack, so we must do 2 things:

  • Find the byte key:

  • Send that byte to the local server at and debug

09-09-2017 - 10-09-2017,

4 - It took me more time to figure out that the challenge uses PE files from last year flare-on challenge (2016). Generally, every PE file contain a 8-byte forming a part of the key, each file will have those bytes at offsets 0x400, 0x410, 0420 or 0x430.

The files should be put at the following folder:

Once the files put, you have to reverse the timestamp checks only for the running file, not the mapped files from last year challenges, a key.bin file will be created, the challenge will be solved then.

11-09-2017 - 14-09-2017, That pew challenge took me more time to solve, it has more tricks that you should figure out how to solve, just know the method and burn the challenge.


Popular posts from this blog

Playing with VMProtect - Sample devirtualizeme32_vmp_3.0.9_v2

RTCDbg Announcement: Progress after 6 months