binhex.ninja logo


./RE

CONNECT

𝕏

in

5th April, 2024

Zero Days CTF (2024) RE - 3

This challenge involves navigating a compressed archive frequently utilized for software distribution and file archiving in Unix-like environments. The archive's dual compression method reduces file size effectively. Participants are tasked with exploring the archive's contents to gain insights, emphasizing asset analysis over immediate reverse engineering.
ctf image
Download Challenge

The third challenge is titled ‘ZeroDaysGame.tar.gz'.

2024 04 05_18h09_11

Figure 1: Depicts the third file, named ‘ZeroDaysGame.tar.gz

As evident from the file name, the game is contained within a tar.gz archive. The ".tar.gz" extension denotes a compressed archive that employs two compression methods. The ".tar" component signifies an uncompressed archive, often referred to as a "tarball," capable of bundling multiple files and directories while maintaining their hierarchical structure. Concurrently, the ".gz" component indicates compression using the gzip algorithm, resulting in reduced file size. This format is commonly utilized for packaging software distributions and archiving files in Unix-like environments.

The file must be uncompressed to access its contents. After initial extraction using 7-Zip, the .tar file is obtained.

2024 04 05_18h21_21

Figure 2: Illustrates the contents of the .tar.gz archive after the initial extraction

Another extraction step using 7-Zip is needed to access the folder and file contents within the tarball.

2024 04 05_18h30_18

Figure 3: Illustrates the contents of the .tar archive after extraction

2024 04 05_18h21_21%20%281%29

Figure 4: Displays the contents of the extracted folder

Upon inspecting the files, it is evident that the term "Unity" appears multiple times, suggesting that the game is developed using the Unity engine.

2024 04 05_18h21_21%20%282%29

Figure 5: Highlights the occurrence of the word "Unity" multiple times within the filenames in the folder

The Unity engine is a widely-used cross-platform game development platform. It allows developers to create interactive 2D, 3D, virtual reality, and augmented reality experiences for various platforms including desktop, mobile, consoles, and web. Unity provides a comprehensive suite of tools for game development, including a powerful rendering engine, physics engine, animation system, and scripting capabilities using C#. It is known for its accessibility, flexibility, and extensive asset store, making it a popular choice for indie developers and large game studios alike.

Prioritizing efficiency, it is advisable to forego immediate attempts at reverse-engineering the game. Instead, a more beneficial approach involves examining the game's assets to determine if the developer stored the flag within them.

AssetStudio, available here, serves as a tool for exploring, extracting, and exporting assets and asset bundles.

After downloading, the application is extracted and executed.

2024 04 05_18h21_21%20%2814%29

Figure 6: Illustrates the interface of AssetStudioGUI

To load the game folder, utilize the "Load Folder" option under the "File" menu.

2024 04 05_18h21_21%20%2815%29

Figure 7: Depicts the "Load Folder" option within AssetStudioGUI

Upon loading the game folder, navigate to the "Asset List" tab. Multiple assets are visible, including one named "Text".

2024 04 05_23h18_24%20%281%29

Figure 8: Illustrates the “Asset List” tab and highlights the “Text” asset

By clicking on the "Text" asset and rotating it in the correct direction within the preview window, the flag is revealed.

2024 04 05_23h18_24%20%282%29

Figure 9: Depicts the flag within the AssetStudioGUI interface

The flag revealed is as follows - 

Flag - ZeroDays{n0_Skill_Issu3_h3r3}
Support This Blog
contact
logo
COPYRIGHT
Custom HTML here.