Type

Crowdsourced TIA frontend client binary reverse engineering effort

Status

The Challenge is over.

Description

Running assets is always difficult, however this year has been excruciating for t2. We lost one of our most prized and well placed deep cover operatives in a foreign three letter agency. Shortly after the CFP, communications stopped and we have to assume his/her new assignment is a permanent placement at a black site somewhere in Eastern Europe.

Luckily for us, the person was able to exfiltrate a key piece of an intelligence analysis system before disappearing. In order to turn the tables and go for the pride-and-ego down, our intention is to burn this capability once and for all.

Y-LOCKPOINT is designed for searching and analyzing compromised computer systems. Despite the OPSEC failures, which allowed us to gain access to front-end application, the binary is well-protected – preliminary analysis indicates emphasis on multi-layer protection and resistance to analysis.

Your mission, should you choose to accept it, is to participate in the crowdsourced reverse engineering effort of the acquired front-end binary.

The Challenge will be released on 2014-09-13 10:00 EEST.

Operational information

The first person to enter all correct SHA1s will win a free ticket to t2’14 conference. In addition to this, the creators of the Challenge will select another winner among the next ten correct answers. The criteria for the other selection is the elegance of the answer. In short, you can win with both speed and style. Either way the solution must include a detailed description of methods and tools used.

If you don’t know what is the definition of elegance – please check out the winning write-ups from previous years.

Rules of the Challenge

  1. Anybody can participate, excluding the organizers and employees of the companies that made the challenge.
  2. The answer must have a detailed description of the methods and tools used.
  3. It is not allowed to publish the solution on public forums before the challenge is over.
  4. It is not allowed to modify or redistribute the challenge files.
  5. All rights are reserved.

Filename: ylockpoint-final.zip
Filesize: 19 343 984 bytes
MD5: 4f3415ba4e627dcfcc140185d92a19e2

Authors

Ideas and implementation: Timo Teräs, Tomi Tuominen

Leave a Reply