Thank you to everyone who tried to solve our FortiChallenge 2k11!

We’ve had way more participants than expected, and two winners :

1. Shirley Chen
2. Nagy Ferenc László

Shirley and Nagy found the secret sentence, without even using the hints.

A special mention for another participant (StalkR) who tried to solve it in the wake of Insomni’Hack 2011, and managed to reach the md5 collision step.

Stay tuned for the official solution!

– the Reverse naM

Any progress on our FortiChallenge 2k11? After the first clue, here is the second.

Just a reminder that the first hint is meant to help you to find the good way with hashes.

Don’t miss the modification, Crypto Girl hates MD5 for this reason !

By the way, challenge’s submission deadline is extended to Nov 13th, 2011.

–

The Reverse naM

Stuck on our FortiChallenge 2k11? Here’s a first hint!

Translations:

La fin est encore loin surtout quand on est sur le mauvais chemin !
Wrong track, go back!

La fin est proche, l’anneau est inclus.
Dawn is close, search for the ring.

Mon precieux
My precious

Hint:

-6D01BAE018694CDB446DC7EADBA08BE497A8CBE78BCFE91478AB120B4400E357
-ad23ebc59b720eac0979ead3176de3331ddaa1356466ecc8e8c9fb82f62a6dca
-BCA85F09D8D174844C5D5B80095E6EF595181AAB0CABA9144324418B9F291645
-3EE90318AA2881118B8C09A777D52129E61760CCAE1EF679C744A25E9EB50789
-5868049FE51A60811D2C75C3B8896B956EE42114C568DE47531E436CEA2E0F77

– the Reverse naM

Hello all,

At Insomni’Hack 2011, we created a challenge dedicated to static reversing of Symbian executables (using SDK S60 Ed3 FP1). Sadly, nobody found the full solution, so we finally decided to put it online for you to try, until November 1st, 2011. We will then post the winner’s solution on this blog, along with the ‘official’ solution. To help you out – if needed – this post will be updated with a hint in a few days.

Challenge prize? the winner (first good solution) receives … fame and glory :)) i.e. nothing besides marketing goodies, if desired :D

Challenge steps:

• retrieve the archive here

sha256 => B74D50104499C35EE9544A77A0DD491646991CD2B3780A7571377152A5F65BD0
P@55 => *Dneige

No  username. 7z archive contains an IDA disassembly, an executable, some snapshots and a readme

• find the secret sentence

• send us an e-mail at FORTIChallenge@fortinet.com with the secret sentence and explain the solution you used.

That’s all for today, happy RE !

– the Reverse naM

Update Oct 21 2011: Hint #1

Update Nov 3 2011: Hint #2

Update Nov 15 2011: Results

Last week we attended Insomni’Hack 2011, where our Crypto Girl (Axelle Apvrille) presented  on mobile phone threats.
Debriefing of the conference  may be found here and there. Both blog authors highlighted the main goal of Axelle’s talk, which was to raise awareness about existing threats on smartphones.

Mobile phones had already been targeted for a long time (by application sending sms for instance) but since recently (approximately one year) it has been hit by more advanced attacks – probably with the help of cybercriminal organizations.

Their goal is to earn money quickly and for this purpose, they develop a botnet-like infrastructure much like in the PC world, the goal being to dispose of an army of zombie phones. The examples of this trend are Android/Geinimi and Android/DroidDream with their standard features:

• Trojan
• C&C
• Silent install
• …

With such botnets at disposal, cybercriminals can potentially sell ‘underground’ services like sms spam, silent application install (pay-per-install), ‘click jacking’, Black SEO and  other ‘non ethical’ lucrative business. Of course `Extra charges` will end up on the infected user’s monthly bill :( .

On my side I designed and implemented a challenge for the competition. It is based on Symbian OS and the main goal is to practice some ‘static reversing’ on the sample.

This will allow you to extract a secret sentence.
At this time (waiting confirmation from SCRT.CH), it seems that nobody has solved the challenge during the event (6PM to 1AM).

From my point of view I think this is due to several factors:

1. It is difficult to understand the SIS file format or ARM instructions without some help (internet not available during the challenge to the staff’s great displeasure)
2. No specific tools was provided like a sis file explorer or extractor (my fault)
3. I am a ‘n00b’ of challenge writing, so probably I used to much stages/steps for the time that the challengers had
4. Already more than 30 challenges available

Everything will be (un)confirmed by the feedback of competitors (don’t hesitate to post ‘useful’ comments on it).

Some solutions of challenges from Junod itself and other competitors (severals challenges here, the GPGPU reverse and the reverse 2)

– the Reverse naM