Author Archives: littlefater

FLARE On Challenge (2015) #10

This challenge contains a large Windows Portable Executable File which is nearly 3.4 MB. It is usually difficult to reverse engineering such a large file. However, if you have noticed the special resource embedded into this file, things will become … Continue reading

Posted in CTF | Tagged , , , | Comments Off on FLARE On Challenge (2015) #10

FLARE On Challenge (2015) #9

This challenge contains a Windows Portable Executable file in a very small size (4,608 bytes), typically, this kind of files is written in Assembly Lagrange. If you load this file into IDA, you may notice that the file is badly … Continue reading

Posted in CTF | Tagged , , , | Comments Off on FLARE On Challenge (2015) #9

FLARE On Challenge (2015) #8

When you open this challenge directly in IDA, you may as disappointed as me, there is only a few code available at the Entry Point and they seems do nothing useful: However, if you open this file in a text editor, … Continue reading

Posted in CTF | Tagged , , , | Comments Off on FLARE On Challenge (2015) #8

FLARE On Challenge (2015) #7

This challenge is a .NET application. There are many tools to decompile a .NET application and here I use the ILSpy. A quick look at the decompile result I found that this application is probably obfuscated by SmartAssembly : There … Continue reading

Posted in CTF | Tagged , , , | Comments Off on FLARE On Challenge (2015) #7

FLARE On Challenge (2015) #6

This challenge is an Android application. There are a lot of tools can be used to analyze Android application and the JEB Decompiler is my favorite one. Let’s open this challenge in JEB and look at the Manifest file at … Continue reading

Posted in CTF | Tagged , , , | Comments Off on FLARE On Challenge (2015) #6