Poly

I’ve had some feedback about an issue with the code that I think its fair to warn about as it was not intended for people to waste time in that way :slight_smile:

So, without giving too much away. I didnt have access to the correct CPU during development, and thus I made heavy use of qemu (and suggest you do too ;)). This is because there are cases where qemu is more generous in what it accepts as valid than the actual hardware so you could run into odd problems.

That is all.

Good luck to those still trying to solve it & congrats to those that have !

@job0 I tried to run it but I received fake flags → how to debug it? (I tried gdb-multiarch but get some errors…)

Type your comment> @KullPid said:

@job0 I tried to run it but I received fake flags → how to debug it? (I tried gdb-multiarch but get some errors…)

gdb-multiarch doesn’t seem to work very well for this; I just ran the program with the QEMU userland emulator and attached GDB to it. Kind of inconvenient, but it worked for me. (Feel free to remove if this is a spoiler.)

Anyone can DM me for hints plz ? I’m totally stuck ^^

Type your comment> @Chainmanner said:

Type your comment> @KullPid said:

@job0 I tried to run it but I received fake flags → how to debug it? (I tried gdb-multiarch but get some errors…)

gdb-multiarch doesn’t seem to work very well for this; I just ran the program with the QEMU userland emulator and attached GDB to it. Kind of inconvenient, but it worked for me. (Feel free to remove if this is a spoiler.)

I switched to use Cutter (opensource from radare) combine qemu-aarch64_be-static.
Now, I stucking to bypass ptrace … This challenge really fancy…

This challenge is a beauty. A hair-pulling beauty… Thanks job0 :slight_smile:

I really need some help on this. I managed to run the code and understand what is happening. I reversed almost every line of the code and cannot find out how to find out the important hash value. I do notice another hash value, but according my knowledge of the hash algorithm, we cannot learn any useful information from it. I am not sure whether I am supposed to brute-force it but it looks quite challenging. DMs are welcomed! Please save me from the endless headache!

Running with Qemu userland is getting a segfault upon providing any input to the application. Is this part of the challenge or related to my emulation environment? Want to make sure my environment is set up before diving into the madness that will be this challenge…

Hello everyone! Can anybody tell me how many false flags are in this challengue? i only find bad paths… :neutral:

Type your comment> @afernandezca said:

Hello everyone! Can anybody tell me how many false flags are in this challengue? i only find bad paths… :neutral:

i think i’ve got 7 so far :stuck_out_tongue:

Type your comment> @0x41 said:

Type your comment> @afernandezca said:

Hello everyone! Can anybody tell me how many false flags are in this challengue? i only find bad paths… :neutral:

i think i’ve got 7 so far :stuck_out_tongue:

yes! i’ve found 7 as well.

Anybody knows if ptrace takes an important role in this challengue?

I know I’m a little late to the party on this one, but is anyone actively working on Poly?

ARM challenges are always an uphill battle for me as I’ve yet to take the time to learn the assembly. Looking for general advice rather than direct hints/spoilers.

Having tried all the obvious (and not so obvious) candidates, I still couldn’t find the final key in another flow of the program.
I’m not sure what I’m missing here. A nudge would be much appreciated.

When people talk about false flags, I’m hoping these aren’t conforming to the actual flag standard: HTB{} ?
I’m all for funny encrypted messages, but fooling people into believing they found the flag will likely lead to dislikes.
Apart from that, the challenge looks quite clever so far :slight_smile:

I finally got the correct flag after several attempts. This is one of the most difficult challenges I’ve done. Congratulations, Job0, but you should be in a jail. :slight_smile:

PS: send me a MD if you need some guidance to resolve this challenge.

Hi guys! I’m totally stuck inside “camouflage”. I found hijacked flow but I couldn’t figure out what I should do next. Please get me some clue in DM. Thanks in advance !

got to the start? what that means

Hello! Can you give me a hint in DM? I found hash in camouflage, but don’t understand how crack it. Thank you