For this years Binary Golf Grand Prix I started off by learning to fuzz properly, use a debugger properly, and various tooling. The objective was originally to hit all of the bonus points: +1024 pts, if you submit a writeup about your process and details about the crash +1024 pts, if the program counter is all 3’s when the program crashes +2048 pts, if you hijack execution and print or return “3” +4096 pts, if you author a patch for your bug which is merged before the end of the competition Well, life happens, and I ended up using the majority of my 2 week break from work doing more important things like taking care of my sick infant son (He’s doing much better now).

The 3rd Annual Binary Golf Grand Prix (BGGP3) is to find the smallest file which will crash a specific program. https://tmpout.sh/bggp/3/ This blog is stream of consciousness for finding tooling and crashes. A formal writeup for the crash I want to submit will come at a later date.

Where we last left off, I had done an initial reverse engineering pass of Windows Update Delivery Optimization see: DOing Harm. I got familiar with the protocol, how peer discovery works, etc… but mainly only looked at the first handshake as that was most interesting to me at the time.

There’s this thing called Windows Delivery Optimization which allows “you to get Windows updates and Microsoft Store apps from sources in addition to Microsoft, like other PCs on your local network, or PCs on the internet that are downloading the same files.

Where last I left off in Adventures in Bluetooth: Part 1, I was originally attempting to flash custom firmware to a Fitbit Charge 2 smartwatch and ended up taking a quite large side-quest. Let’s see how far I can make it towards the objective this time!