[SSTIC 2021] Solving the 5-Part SSTIC Challenge
tl;dr: I solved the annual SSTIC Challenge solo, an epic 5-part challenge involving USB protocol forensics, Windows binary exploitation, whitebox cryptography, reversing an unknown instruction set, and Linux kernel exploitation, in the span of 75 hours. Read on to learn all of the gory details!
All of the files used in this writeup may be found on the accompanying GitHub repository: https://github.com/nneonneo/sstic-2021.
This was my first time participating in the SSTIC challenge. I had great fun with it and learned quite a lot over the course of the challenge! Luckily, with the Easter long weekend, I was able to spend three full days on this, starting Friday April 2 around 11 pm local time, and finishing just under 75 hours later around 2 am on Tuesday April 6 (local time). Yes, I did sleep for a bit too đ A brief timeline of my challenge experience (in my timezone, GMT-6); a complete timeline is given in the Timeline section:
The SSTIC challenge has been run annually since 2009 by the French “Symposium sur la sĂ©curitĂ© des technologies de l’information et des communications” (SSTIC), and has historically been in French. Thankfully the organizers made it available in English this year, enabling me to compete – my French is terrible :).
