21
May
2012

BaltCTF 2012 – North America300

Snake
Everybody love’s games. Just get 10000 points
https://www.dropbox.com/s/yy9jy7k2ey9alrv/ppc300.zip

Although we didn’t solve it during the CTF, here is our one-byte solution.

Use your favorite hexeditor and change the following value:

00100110h: F4 01 00 00 69 FF 00 00 00 69 01 00 00 00 69    ; ô...iÿ...i....i

into:

00100110h: F4 01 00 00 69 FF 00 00 00 69 65 00 00 00 69    ; ô...iÿ...i....i

Run again and watch the titlebar.
Key: 4d2c56576f2c56576f2c56576f1115546f4b2c5450546f4b2c56506f4b

{3 Responses to “BaltCTF 2012 – North America300”}

  1. Nice one, but how did you know it is that certain byte you need to change?

    • All vars defined can be found in hex starting with 69. We first changed the score value, so we would match 10.000, but that didn’t help much. Then we noticed the hex value 69 65, so something was probably matched against 101, we changed that to a lower value and got a key, but apparently this was the wrong key. We noticed that the 101 was used to calculate the key, so we needed to change the original value which is matched against 101, which should be 1 (101 – 10.000/100). So we searched for 69 01 in hex and found this byte.

      admin
  2. Thanks for detailed explanation!