tag:blogger.com,1999:blog-8932940317431555433.post4063642103001643042..comments2020-01-17T10:08:48.133-05:00Comments on Ghetto Forensics: Solving the 2015 FLARE On ChallengesBrian Baskinhttp://www.blogger.com/profile/06612606264670329434noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-8932940317431555433.post-60578870213274132022015-09-21T19:06:25.448-04:002015-09-21T19:06:25.448-04:00That does make sense. It helped to work backwards ...That does make sense. It helped to work backwards from the final tables. If debugged it would be quick obvious, but being ARM made that the challenge :)<br /><br />I did receive my prize, updated the post to include that at the end.Brian Baskinhttps://www.blogger.com/profile/06612606264670329434noreply@blogger.comtag:blogger.com,1999:blog-8932940317431555433.post-34684223158616146452015-09-18T20:57:03.376-04:002015-09-18T20:57:03.376-04:00Heh, no problem!
As for #6:
what it does is loop ...Heh, no problem!<br /><br />As for #6:<br />what it does is loop over all the primes and check if the current group of 2 characters is divisible by that prime, then log it to the table. Using that table, we see that prime 0 is divided 3 times, and primes 6 and 36 are divided once (so if the algorithm is dividing, we do the opposite, multiplying, to reverse the process). prime 0 = 2, prime 6 = 17, prime 36 = 157. Therefore: (1 * 2 * 2 * 2) * (1 * 17) * (1 * 157) == 0x5368. We now have that, so we split it like: 0x53, 0x68, and converting it to ASCII gives us "Sh", which is the first two characters from "Shold_have_[...]@flare-on.com".<br /><br />You don't really understand something till you're able to teach it to your grandma, so please tell me if my "quick teach" is good enough :)<br /><br />P.S. Have you received your prize yet?AcidShoutnoreply@blogger.comtag:blogger.com,1999:blog-8932940317431555433.post-22930375744210295982015-09-18T13:34:54.299-04:002015-09-18T13:34:54.299-04:00Thanks!
#6: I think I finally got an understandin...Thanks!<br /><br />#6: I think I finally got an understanding in the last week, and that was actually thanks to your write-up. Even when writing this up I tried from scratch to go at it, and got lost again. Your quote definitely helped, though: "I got the number X, and I divided it N times by the prime P"<br /><br />#11: I saw afterward, but not during my analysis. I knew it was doing bit counting in that routine with some 'extras'. However, when I fully went through that function it was before I knew what that DWORD of data meant. I assumed it was just part of the passed data. After finishing the cmdline arg I should've gone back to the second half and re-analyzed these functions dynamically to see what each variable did. with the correct argument. I probably would have gotten to that if brute forcing didn't work as quick, but it did :)<br /><br />Thanks!Brian Baskinhttps://www.blogger.com/profile/06612606264670329434noreply@blogger.comtag:blogger.com,1999:blog-8932940317431555433.post-66823082864088725272015-09-18T10:38:56.842-04:002015-09-18T10:38:56.842-04:00Oh, so you added a link to my writeup, sweet! (I&#...Oh, so you added a link to my writeup, sweet! (I'm AcidShout)<br /><br />I added you too. Nice writeup.<br /><br />I just got two things to say:<br />1) On #6, did you finally understand the algorithm? As in, can you make a solution that's not brute-force?<br />2) On #11, did you see the function that had a hint on how many rounds the algorithm should do?<br /><br />Cheers!AcidShoutnoreply@blogger.com