BeLE - Hardwear.io CTF 2022 The challenge is named “BeLE” and says there are several BLE devices + provides a Bluetooth PCAP file. PCAP file The PCAP file is small with only 5 packets. The first packet is a BLE Read Request to read the BLE characteristic with handle 0x2a 02 10 00 07 00 03 00 04 00 0a 2a 00 The second packet is a BLE Read Response. The characteristic has value f3 dd 42 04 de ed c3 fc 1 2 0000 02 10 20 0d 00 09 00 04 00 0b f3 dd 42 04 de ed 0010 c3 fc The third packet is a BLE Write Command on handle 0x48.

Pycoin - Hack.lu 2021 This is what we know: 1 2 3 4 5 6 7 PYCOIN Sold: 92 times Type: rev Risk: Low Seller: tunn3l A friend gave me this and he says he can not reverse this... but this is just python? and we get a .pyc file and a hint flag[5] == "5" . I unfortunately did not solve this challenge on time for the CTF but found it interesting (I got stuck trying to disassemble with dis and did not know xdis did the work).

Draw APK - THCon 2021 14 solves 249 points First steps As the challenge creator tells me this app is “based on a Trojan Horse” and it is “not recommended to install it on a real smartphone”, even if there is actually “no malicious payload”, I am very reluctant at first to test the app, even in an emulator. So, I start off with my favorite static analysis combination: DroidLysis and JEB.