Advent of Cyber 2022 - Day 10 | AtomicMaya's Blog

atomicmaya

maya's blog at the end of the universe.

~$ Advent of Cyber 2022 - Day 10

Posted on Dec. 10th, 2022. | Est. reading time: 2 minutes

Author:

Unknown

Category:

Red Team: Hack a Game

Link:

Question 1

What is the Guard's flag?

First we prompt the guard.

Screenshot of one of the game's input modals.

Pick a number, any number!

We then search any register that was equal to the number provided.

Screenshot of the memory search system.

I too, have used CheatEngine back in the days.

Once we have the register we bookmark it.

Screenshot of a newly bookmarked register.

At least we won't be looking for that agin.

We re-prompt the guard, check the value in the register, throw as-is in python, and it spits out the decimal version.

Screenshot of Python converting an integer.

If it works, it ain't stupid.

We enter this version:

Screenshot of one of the game's input modals.

lucky guess!

The guard lets us through.

Screenshot of an in-game NPC interaction.

Yup, I'm a witch... you got me!

We interact again to obtain the flag:

Screenshot of an in-game NPC interaction.

Sure you aren't!

Answer: THM{5_star_Fl4gzzz}

Question 2

What is the Yeti's flag?

This time around we just look at decreasing registers.

A screenshot of register search.

That's a lotta registers.

Once we iterate, we have an arbitrarily small amount of registers.

A screenshot of register search.

That's considerably less registers.

We freeze it at 100.

A screenshot of register search.

TADAAAA, I AM IMMORTAL!!

We survive.

Screenshot of the game.

And now we talk to the Yeti.

The Yeti gives us the flag:

Screenshot of an in-game NPC interaction.

Answer: THM{yetiyetiyetiflagflagflag}

Return to the Index