Introduction
I’ve been pretty busy lately. So today I’m just doing a very short little challenge room, The Game.
There was a neat little game hacking room during the 2024 Advent of Cyber event. It was a pretty good teaching moment for memory overflows and exploitation.
This is just a beginner/easy room. So it might not be as exciting, but I’m still happy to keep my streaks up and continue a bit of red-teaming. Let’s see what this challenge room entails!
The Challenge
Cipher has gone dark, but intel reveals he’s hiding critical secrets inside Tetris, a popular video game. Hack it and uncover the encrypted data buried in its code.
Tetris is alwas fun. I love a bit of tetris…
Unfortunately for me, I’m not running windows. The files we’re given for this challenge are:
> ls
__MACOSX/ Tetrix.exe Tetrix.exe-1741979048280.zip
I won’t be able to run this on my device, but that’s okay. strings
is a pretty useful tool that, unsurprisingly, pulls strings from the input file. I unzipped the file (I actually did this before) and ran strings
on the file. Then I got a big long list of strings. Here’s just a small sample:
version
RSRC
GDSCd
I=0M
5<)Z
6'yy
y0kV
8%$C
XOSx
MDrF3
RSRC
PackedScene
resource_local_to_scene
resource_name
custom_solver_bias
size
script
_bundled
Script
res://blocks/T.gd
Texture2D
res://assets/block.png
local://1
local://PackedScene_6uh5h
There were over 1000 lines of this. As you can see they are (mainly) human readable strings.
Luckily for us we know that the format of the flag should start with THM{
. We can pipe the output of strings
to grep
and find our flag this way:
> strings Tetrix.exe | grep "THM{"
THM{****************}
Awesome! That was surprisingly easy.
Conclusion
Like I said this was a pretty easy and simple room. It would have been nice to have played the Tetris clone but alas, we can always dream.
This challenge room was under the ‘5 minute hacks’ section. It took me longer to write this post then it did to complete the challenge, so that’s a plus!
Once again another fun challenge room. That’s it for now!