Posts: 2
Threads: 0
Joined: Oct 2023
Absolute noob here. I'm following all of these steps, I know I'm not an idiot but I stg I've read every line of code in monogame1: BckgdDisplay,Button,DigitDisp,Game1, and first off the most obvious place you reference is the _lockButton_Click(). When I place a breakpoint here, and follow the path of the function, there is one line back in the Update() loop that it stores the user input in Button[]. However, I have spent two hours now stepping through the code, getting lost in the deeper NET stuff that definitely is not where I'm supposed to go. I SWEAR it seems as though I've gone every which direction in the OG dev's written code and can't find anywhere that compares those values to anything, let alone an arithmetic function comparing the values to something in an if check. I'm sorry for asking for it too be spelled out any further than you already have, but I'm bashing my head against the wall here.
(10-04-2023, 06:14 AM)notagh0st Wrote: Decompile Challenge 2 APK with jadx: https://github.com/skylot/jadx
Then look through the source code for how some of the string XML files are being used.
There's a decrypt function that takes in a bunch of parameters from the string XML file, along with an encrypted image file that exists in the APK.
Write some code to trigger the decryption method in Java.
---------------
There's another way to solve it by triggering a firebase push notification to be sent to the device, also code that can be found in the decompiled jadx code.
(10-02-2023, 04:34 PM)onecok3 Wrote: I participated in flare-on 10. would you suggest me on the X1 challenge ?
Open up the X.dll file it dnSpy. It's a .net decompiler. Look through the code functions, it's pretty small, you'll come across the logic for the flag pretty quickly. Since the lock button is what you're pressing to unlock it, look for functions that have a name like that. You'll see that the correct combination is based on an if statement for a simple math equation, something like 4 + A * B = 123. That's not the real equation obviously, but you'll see if the math adds up, then it gives you the flag. And you just need to figure out what numbers in the wheel need to be there in order for the math if statement to be true.
Posts: 2
Threads: 0
Joined: Oct 2023
Alright I found a newer version of dnSpy and it turned out that was the problem all along. Functional version:
https://github.com/dnSpyEx/dnSpy/releases
RIP the last four hours of my life.
Posts: 29
Threads: 2
Joined: Sep 2023
Posts: 1
Threads: 0
Joined: Oct 2023
(10-25-2023, 02:04 PM)testrio35489 Wrote: any one on 7th one ?
not on #7 yet...still on #3. shellcode right before Beep is broken--what am i missing?
Posts: 1
Threads: 0
Joined: Oct 2023
(10-25-2023, 02:04 PM)testrio35489 Wrote: any one on 7th one ?
I'm working on it now. I've figured out how the config file is parsed, and I have some limited code manipulation beyond that, but so far I'm only getting error messages from the Python traceback.
Have you figured anything out?
Posts: 29
Threads: 2
Joined: Sep 2023
10-27-2023, 09:33 PM
(This post was last modified: 10-27-2023, 09:34 PM by testrio35489.)
(10-27-2023, 04:51 AM)kluge Wrote: (10-25-2023, 02:04 PM)testrio35489 Wrote: any one on 7th one ?
not on #7 yet...still on #3. shellcode right before Beep is broken--what am i missing?
i think there is wrong parameter before beep
(10-27-2023, 09:01 PM)fanatico Wrote: (10-25-2023, 02:04 PM)testrio35489 Wrote: any one on 7th one ?
I'm working on it now. I've figured out how the config file is parsed, and I have some limited code manipulation beyond that, but so far I'm only getting error messages from the Python traceback.
Have you figured anything out?
PM
Posts: 234
Threads: 2
Joined: Feb 2024
Flare-On is a great challenge worked through one couple years back. Had so much fun.
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Leeching | http://breached26tezcofqla4adzyn22notfqw...an-Appeals if you feel this is incorrect.
Posts: 68
Threads: 3
Joined: Sep 2023
(03-06-2024, 06:12 AM)dense Wrote: Flare-On is a great challenge worked through one couple years back. Had so much fun.
I felt like challenge number 3 for this year was EXTREMELY hard for just the third challenge. I spent more time on that one than any other challenge I was able to complete. 4, 5, and 6 were so easy in comparison! I'm glad that they post all of their writeups to all of the challenges, they're really interesting reads. They also offer the archive of past challenges for download as well.
Posts: 234
Threads: 2
Joined: Feb 2024
(03-19-2024, 03:16 AM)notagh0st Wrote: (03-06-2024, 06:12 AM)dense Wrote: Flare-On is a great challenge worked through one couple years back. Had so much fun.
I felt like challenge number 3 for this year was EXTREMELY hard for just the third challenge. I spent more time on that one than any other challenge I was able to complete. 4, 5, and 6 were so easy in comparison! I'm glad that they post all of their writeups to all of the challenges, they're really interesting reads. They also offer the archive of past challenges for download as well.
I will have to give this year writeups a read. Been slacking.
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Leeching | http://breached26tezcofqla4adzyn22notfqw...an-Appeals if you feel this is incorrect.
Posts: 5
Threads: 0
Joined: Mar 2024
Thanks your share !
I uses some one for training RE:
pwnable.kr
reversing.kr
pwnable.tw
|
