12 November 2022

Flare-On 9 - The Worst Writeups

Since its inaugural year I have been a participant in the FireEye / Mandiant Flare-On challenges produced by FLARE, the FireEye Labs Advanced Reverse Engineering. FLARE is one of the industry's most accomplished team of reverse engineers and they have created an annual CTF/ that focuses on reverse engineering challenges, many of which are rooted in real life attacks and incident responses.

I have blogged about FLARE challenges in the past and many readers have noticed that my write-ups tend to steer towards the unexpected solutions. The fun, unconventional, and sometimes offensive solutions to the reader. After all, this is a time to have fun and play with challenges that I do not see on a regular basis. Much of my this originates from my prior experience in a reverse engineering team that focused on intrusions from nation state attacks. Our metrics were on how quick we can provide answers, not how in depth or concise we could be. So my immediate goal is on speed, identifying short cuts, and exploiting every advantage I can find. And then putting the proper methodology into tech debt.

And so, with the completion of Flare-On 9 (2022 edition) I have highlighted my own horrible solutions to a few of the challenges.