Tag Archives: Writeup

HELP: Flare-On 6 Challenge 12

Flare-On is Fireeye’s annual CTF which mainly focused on reverse engineering and this year (2019) is the 6th. I got a chance to finish all the challenges and the last challenge (challenge 12) is quite interesting and educational so I … Continue reading

Posted in CTF, WinDbg | Tagged , , , | 2 Comments

RCTF Crypto 100 Decode The File

File: cip_d0283b2c5b4b87423e350f8640a0001e MD5: d0283b2c5b4b87423e350f8640a0001e SHA256: 1b13fdec1c3a0da404ad53d4f9130f84ba5f3d7708650f52fb328bb7abf65ba8 If you open the file with a text editor, you can see the following content: Obviously, the data here is encoded by Base64 algorithm, let’s decode it: The above picture shows the decoded content, by searching the … Continue reading

Posted in CTF | Tagged , , | Comments Off on RCTF Crypto 100 Decode The File

FLARE On Challenge (2015) #11

This is the final challenge and it is said to be more difficult than the previous challenges. The file of this challenge named CryptoGraph, which is a 32 bit Windows Portable Executable file. Let’s analyze it in IDA at first. … Continue reading

Posted in CTF | Tagged , , , | Comments Off on FLARE On Challenge (2015) #11

FLARE On Challenge (2015) #10

This challenge contains a large Windows Portable Executable File which is nearly 3.4 MB. It is usually difficult to reverse engineering such a large file. However, if you have noticed the special resource embedded into this file, things will become … Continue reading

Posted in CTF | Tagged , , , | Comments Off on FLARE On Challenge (2015) #10

FLARE On Challenge (2015) #9

This challenge contains a Windows Portable Executable file in a very small size (4,608 bytes), typically, this kind of files is written in Assembly Lagrange. If you load this file into IDA, you may notice that the file is badly … Continue reading

Posted in CTF | Tagged , , , | Comments Off on FLARE On Challenge (2015) #9