The FireEye Flare-On Challenge this year is very well done. I like the diversity of the challenges and the variety of reverse engineering skills it requires to solve for the keys. Add the awesome Flare belt buckle to the final prize lineup and it makes for an amazing CTF!
This year, I decided to challenge myself a little and try to solve the challenges in a manner other than my usual open-up-IDA-Pro-and-start-reversing routine. There are a handful of interesting new tools to play around with. Also, this is a great opportunity to experiment with concolic execution and taint analysis that I have wanting to get my hands dirty on.
Here are my walkthroughs for some selected favorite challenges on #flareon. I will populate this list as I get round to writing them.
Smashing Flare-On #2 with Concolic Testing: I leverage angr to perform efficient path exploration to discover the desired execution path.
Solving for Hashes in Flare-On #5: Using constraint solving and concolic execution, I derive the key that hashes to a desired hash string.
