Sorry, We are not Recruiting!

We are not actively recruiting at this time. We may have spots open after CSAW.

(updated: 3/22/2018)

Wednesday, September 25, 2013

CSAW 2013 Qualifier

We solved 16 out of 40 challenges, achieving 1350 of 8200 points, and ranked 397 of 1383 teams.

Minus a few frustrating times when Recon challenges were either not working, or were messed with by other teams, we found this competition pretty enjoyable. Thursday Night we tried tackling the moderate difficulty challenges (level 300). Friday we took off. Saturday was mostly spent going all over the board taking notes and feeling out the easier challenges. Sunday was our serious push.

Before this I hadn't reversed engineered a program in about a decade, so this was a great opportunity to jump back into it. It was the first time I had seriously used Ida Pro. At first I was afraid that Ida Pro would alter the way I reverse engineer. However I found instead that it not only worked with me, but by being able to rename variables and check references that it made my process extremely faster.

I had swiftly knocked out csaw2013reversing1.exe and csaw2013reversing2.exe, but in my manual decompiling of crackme, I had failed to note that the hash code skipped every other byte. That small oversight costed me 300 points. Yes, I learned too late that Ida Pro will also decompile for me. That feature and learning to script xor decryption (yes, I did that by hand as well) would have made me go even faster, giving me time to look at other categories.

About Crimson Agents

Formed in 2013, Crimson Agents is a DC based recreational security team that competes in various computer security wargames and hacker jeopardy contests. Our team comprised of various professionals seeking to practice and enhance our skills in penetration testing, vulnerability development, computer network defense, forensics, and reverse engineering. In addition to exploitation based CTFs, we also compete in Wireless CTFs with several members who focus solely in this domain. Our sister team Threat Inc focuses on defensive exercises such as malware analysis, forensics, honeypots, and network captures. We reuse what we learn from our "Blue Team" research to make our "Red Team" operations more effective and vice-versa.