Didier Stevens

Tuesday 31 July 2007

F-Secure Reverse Engineering Challenge 2007

Filed under: Reverse Engineering — Didier Stevens @ 19:08

Be ready to compete in the F-Secure Reverse Engineering Challenge (http://www.khallenge.com) this Friday. I expected the challenge to start on Thursday like last year, so now I have a scheduling conflict!

It looks like the challenge is organized like last year: go to the website and download the first challenge. Start the program, and provide the correct password (this is where reversing skills come in handy). You’ll be given an e-mail address in exchange for the correct password (a wrong password yields no e-mail address).


Send an e-mail to the address and you’ll get an URL in reply. Download the second challenge and repeat the process. And finally: download the third challenge and repeat the process.

Don’t forget my tools to help you with this challenge:

Now honestly, I don’t expect Challenger to be of any help, except with a dictionary attack on the first challenge. Last year, the passwords for the second and third challenge were so long that brute-forcing was no option.

Think it’s too difficult for you? Think again, this movie (YouTube) shows how easy the first level of last year’s challenge was, XviD hires here.


  1. Who did the first level in just one minute? Currently even 10 solved level 2.

    Comment by Gunter — Thursday 2 August 2007 @ 12:01

  2. So it did start on Thursday! I was working, so no time for playing.

    But now I solved level 1 and level 2. Is there a reader that speaks Polish?

    If you want to have a go at level 1, use OllyDbg. Don’t know how? Have a look here:

    Comment by Didier Stevens — Thursday 2 August 2007 @ 20:02

RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.