October 17, 2017 Flare-on 2017 #7: zsud.exe This challenge is an awesome Single-user dungeon playing in the offices of Mandiant, part of the company organising Flare-on. When started, it shows some awesome ASCII art: ctf flareon4
October 17, 2017 Flare-on 2017 #6: payload.dll The file is a DLL and should be started as such. The file contains a small hint on how it should be used in a string: ctf flareon4
October 17, 2017 Flare-on 2017 #5: Pewpew boat! Pewpewboat was one of the most fun challenges so far! The executable provided is a 64-bit Linux executable (the reason for 64-bit will be apparant later), which is the game Battleship. You enter coordinates in a prompt which consist of... ctf flareon4
October 17, 2017 Flare-on 2017 #4: notepad.exe Notepad, when you open it, is just that: Windows notepad. But quick examination shows that the entrypoint of this executable is moved to near the end of the file at 0x1013a00, which is suspicious. ctf flareon4
October 17, 2017 Flare-on 2017 #3: greektome.exe This challenge spawns a listening socket that takes 4 bytes. Then; it ANDs this with 0xFF (so effectively only uses one byte) and feeds it to a function that decodes a piece of code in the executable (hence the expression... ctf flareon4