Never even heard of it until a friend of mine told me they’re working for FireEye (none of the fun stuff though). Looking up their blogs, I found they ran a yearly FLARE-ON challenge. So I thought I’d give it a check out.

http://2016.flare-on.com/ – if anyone wants to participate!

Found it pretty much 2 days ago, not sure what to expect. I registered and took on Challenge 1. Seemed simple enough – but I had to refresh all my tools. Had to set up a new VM environment for this, as well as doing work in between. I will try not to spoiler too much

Solved Challenge 1: challenge1 (~couple of hours)
* Simple tracing, basic code structures. Basic obfuscation. Easy start. Some tricky variation on an encoding
* Wrote a quick PHP script to decrypt the obfuscated answer.

Solved Challenge 2: DudeLocker (~couple of hours)
* Basic intro to Ransom/Crypto type stuff.
* A trap to bypass or two
* Was a pain cos I didn’t want to code up a “decoder” (was spending a lot of time trying to figure out how to ‘get’ the answer without investing in coding).
* Solution: Hacked supplied binary to get the ‘answer’

Challenge 3 : unknown
* Just downloaded the binary now. About to look at it between work 😉