HACKVent 2014 - Day 11 writeup
I’ve sign up for the Hackvent event made by the guys from www.hacking-lab.com, which is a advent-like hacking competition. Every day there is a new challenge posted at midnight which has a to solved at best in the same day, the challenge becoming increasingly more difficult every week completed. The aim in every puzzle is to find either a qr-encoded x-mas ball with lead to the validation code, or a secret human-readable string which gives you the former ball when feeding into a validator (the “Ball-O-Matic”).
Hex-Ray vision Part :
For the Day 11 Hackvent challenge, we were given the following instructions :
The “Good Old Times” title suggest some kind of nostalgia among hackers/dev, so I have to look for an ancient something, whether it’ an OS, a filesystem, a processor, a programing language, etc. There is also a .exe file to be downloaded. When run, it output a popup :
Since I can’t run it natively (WinXp/Win7/Win8.1) I might as look at it’s innards. It’s always useful to look at file signature in order to see if a file wouldn’t lie about it’s real nature. You can find here a list of the most common magic strings . A Windows executable file should begin by the magic string “PE” - for portable executable.
Before the PE header, there is another one : ‘MZ’, the magic string for DOS-executable. There is also another readable string present: “Keep on trying till you run out of cake!”. Let’s fire up the DOSBox.
Only 90’s kids will recognize this OS Part :
I’ve nothing much to say : I got directly the solution, which is
I'm Still Alive