Posted on November 3, 2016
17 minutes (3578 words)
A tour in the depths of the SmokeStack level of the third Flare On Challenge from FireEye. The article also covers the internals of the virtual machine used by the binary, presenting a simple command line disassembler written in C++.
This is the writeup for another challenge from the VolgaCTF 2016 Quals; the task consists in analyzing a binary executable that encrypts files and find a way to recover the clear text from an encoded file. The article also includes a working implementation for a compatible encoder and decoder written in C++.