Flare-On 9

⌈2022 Nov 17⌋



A bit about myself

I’ve reversed stuff for a while but I’ve never been too serious about it. Like many people, I started wanting to hack and/or understand how games worked, so as a kid, the first-ever tool I had contact with was Cheat Engine, but I never got any further than what a script kiddie would.

A few months ago I found out about the existence of Flare-On. At first, I was sure finishing it was impossible because even though I don’t consider myself a beginner, I also don’t see myself too far from that. Not to mention it is the first ever CTF I would play. Surprisingly though, I not only finished this year but also finished at #180 (or maybe #141? ranking was pretty weird), which is a placement I am very happy with. Until the seventh challenge, I was consistently ranked #20. My rankings fell by a lot when I got stuck in the seventh chall for two days and almooost gave up on the eight challenge, but managed to finish it in about a week.

I’m in the process of writing my writeups for this year and you can check the links below. (Implying my lazy ass can ever get to finish them since I’ve pretty much forgotten 70% of the CTF already. Remind myself from the future to write my writeups right after I finish the challenges and not over a month later!) *Me from the future: well yeah, I never really finished this nor do I plan to since it’s been so long. My notes for the 8th chall are a mess, and I don’t even know how I would begin to write a writeup for that chaos. Either way, the two challs that got me the most were the 7th and the 8th. Technically I solved the seventh one in about three hours, but I was SURE that inverting the math operations wouldn’t work so I proceeded with not even trying it for two whole days until I thought again about the possibility and finally tried it. (spoiler: it was exactly how one should’ve solved it.) If I learnt something from this, it is trusting more in my instincts.


Writeups:

  1. flaredle
  2. PixelPoker
  3. magic8ball
  4. darn_mice
  5. t8
  6. alamode
  7. to-do
  8. to-do
  9. to-do
  10. to-do
  11. to-do


My favorite challenge was the 9th one, mostly because I’ve never gotten myself into studying in-depth encryption and the challenge finally made me do it. It’s also the reason I’m reading the book Serious Cryptography, so hey, I might’ve found a subject I really like too :)

Now even though I like C# and it’s one of my main languages, I still couldn’t help but dislike the 8th challenge. I appreciate the technology behind it, and I find the obfuscation interesting, but I lowkey think I now have PTSD from spending 16h a day for almost a week on that. The way the communication with the C2 of the backdoor was coded is something that I really enjoyed though. Simple but surprisingly brilliant!



Overall I loved the CTF and I’m very thankful for the experience. The knowledge I got is immeasurable and it pointed toward a lot of subjects I noticed I’m lacking. I didn’t have any difficulty in reversing the native binaries, but #7, #8, and #9 showed me I have a looooot of stuff to learn! Thank you to Mandiant and all the Challenges Authors and I hope to play the next year as well!