ZeroDays CTF 2024 RE - 3
The third challenge is titled ‘ZeroDaysGame.tar.gz'.
Figure 1: Depicts the third file, named ‘ZeroDaysGame.tar.gz’
As evident from the file name, the game is contained within a tar.gz archive. The ".tar.gz" extension denotes a compressed archive that employs two compression methods. The ".tar" component signifies an uncompressed archive, often referred to as a "tarball," capable of bundling multiple files and directories while maintaining their hierarchical structure. Concurrently, the ".gz" component indicates compression using the gzip algorithm, resulting in reduced file size. This format is commonly utilized for packaging software distributions and archiving files in Unix-like environments.
The file must be uncompressed to access its contents. After initial extraction using 7-Zip, the .tar file is obtained.
Figure 2: Illustrates the contents of the .tar.gz archive after the initial extraction
Another extraction step using 7-Zip is needed to access the folder and file contents within the tarball.
Figure 3: Illustrates the contents of the .tar archive after extraction
Figure 4: Displays the contents of the extracted folder
Upon inspecting the files, it is evident that the term "Unity" appears multiple times, suggesting that the game is developed using the Unity engine.
Figure 5: Highlights the occurrence of the word "Unity" multiple times within the filenames in the folder
The Unity engine is a widely-used cross-platform game development platform. It allows developers to create interactive 2D, 3D, virtual reality, and augmented reality experiences for various platforms including desktop, mobile, consoles, and web. Unity provides a comprehensive suite of tools for game development, including a powerful rendering engine, physics engine, animation system, and scripting capabilities using C#. It is known for its accessibility, flexibility, and extensive asset store, making it a popular choice for indie developers and large game studios alike.
Prioritizing efficiency, it is advisable to forego immediate attempts at reverse-engineering the game. Instead, a more beneficial approach involves examining the game's assets to determine if the developer stored the flag within them.
AssetStudio, available here, serves as a tool for exploring, extracting, and exporting assets and asset bundles.
After downloading, the application is extracted and executed.
Figure 6: Illustrates the interface of AssetStudioGUI
To load the game folder, utilize the "Load Folder" option under the "File" menu.
Figure 7: Depicts the "Load Folder" option within AssetStudioGUI
Upon loading the game folder, navigate to the "Asset List" tab. Multiple assets are visible, including one named "Text".
Figure 8: Illustrates the “Asset List” tab and highlights the “Text” asset
By clicking on the "Text" asset and rotating it in the correct direction within the preview window, the flag is revealed.
Figure 9: Depicts the flag within the AssetStudioGUI interface
The flag revealed is as follows -
Flag - ZeroDays{n0_Skill_Issu3_h3r3}