{"id":1686,"date":"2024-03-08T17:29:40","date_gmt":"2024-03-08T08:29:40","guid":{"rendered":"https:\/\/h4ck.kr\/?p=1686"},"modified":"2024-05-20T13:26:50","modified_gmt":"2024-05-20T04:26:50","slug":"1686","status":"publish","type":"post","link":"https:\/\/h4ck.kr\/?p=1686","title":{"rendered":"osu!gaming CTF 2024 – reverse\/ecs!catch"},"content":{"rendered":"\n
\"\"<\/figure>\n\n\n\n

Description<\/h2>\n\n\n\n

During his sophomore year of high school, enscribe made a really bad osu!catch clone for his final project in his Exploring Computer Science class. It was his first time on Unity, but it has some charm to it!<\/p>\n\n\n\n

Receive an SS (with maximum score) on “Bakamitai”, the hardest map, to receive the flag. Shouldn’t be too difficult, right?<\/p>\n\n\n\n

Note: An SS is not enough! The remote has additional checks for specific scoring (the maximum score if SS’ed “legitimately”).<\/p>\n\n\n\n

Note: This executable is built for x86 Windows.<\/p>\n\n\n\n

Bakamitai \uc2a4\ud14c\uc774\uc9c0\uc5d0\uc11c SS \ub7ad\ud06c, \uc62c\ud074\uc744 \ubc1b\uc73c\uba74 \ud50c\ub798\uadf8\ub97c \ud68d\ub4dd\ud560 \uc218 \uc788\ub2e4.<\/p>\n\n\n\n

\n\n\n\n

Decompiled-src<\/h2>\n\n\n\n

Mono\ub85c \ube4c\ub4dc\ub418\uc5c8\uae30 \ub54c\ubb38\uc5d0
Assembly-CSharp.dll \ud30c\uc77c\uc744 dnSpy \ud234\ub85c \uc27d\uac8c \ub514\ucef4\ud30c\uc77c\ud558\uace0 \uc18c\uc2a4\ucf54\ub4dc\ub97c \uc218\uc815\ud560 \uc218 \uc788\uc5c8\ub2e4.<\/p>\n\n\n\n

GameManager<\/h2>\n\n\n\n
\n
\n
public IEnumerator SendGameResults(GameResults results) {\n    string json = JsonUtility.ToJson(results);\n    UnityWebRequest request = this.CreateGameResultsRequest(json);\n    yield return request.SendWebRequest();\n    Debug.Log(request.result);\n    if (request.result == UnityWebRequest.Result.Success) {\n        Debug.Log(\"Results sent successfully!\");\n        Debug.Log(\"Server response: \" + request.downloadHandler.text);\n        if (request.downloadHandler.text.Contains(\"osu{\")) {\n            this.resultsScoreText.text = request.downloadHandler.text;\n        }\n    } else {\n        Debug.LogError(\"Failed to send results: \" + request.error);\n    }\n    yield break;\n}\n\n\/\/ Token: 0x060003F5 RID: 1013 RVA: 0x000165F0 File Offset: 0x000147F0\nprivate UnityWebRequest CreateGameResultsRequest(string json) {\n    byte[] bytes = Encoding.UTF8.GetBytes(json);\n    UnityWebRequest unityWebRequest =\n        new UnityWebRequest(\"https:\/\/ecs-catch.web.osugaming.lol\", \"POST\");\n    unityWebRequest.uploadHandler = new UploadHandlerRaw(bytes);\n    unityWebRequest.downloadHandler = new DownloadHandlerBuffer();\n    unityWebRequest.SetRequestHeader(\"Content-Type\", \"application\/json\");\n    return unityWebRequest;\n}<\/pre>\n<\/div>\n<\/div>\n\n\n\n
\uac8c\uc784\uc744 \ud074\ub9ac\uc5b4\ud558\uba74 \uadf8 \uacb0\uacfc\ub97c \uc11c\ubc84\ub85c \uc804\uc1a1\ud574\uc11c flag\ub97c \ud68d\ub4dd\ud558\ub294 \uac83\uc744 \ubcf4\uc778\ub2e4.<\/p>\n\n\n\n
Solution<\/h2>\n\n\n\n
CharacterController2D<\/h3>\n\n\n\n
\n
\n
private void Flip()\n\t{\n\t\tthis.m_FacingRight = !this.m_FacingRight;\n\t\tVector3 localScale = base.transform.localScale;\n\t\tlocalScale.x *= -100f;\n\t\tbase.transform.localScale = localScale;\n\t}<\/pre>\n<\/div>\n<\/div>\n\n\n\n
\uc6d0\ub798\ub294 localScale.x *= -1f;<\/code> \ucf54\ub4dc\uc774\uc9c0\ub9cc -100\uc744 \uacf1\ud558\uac8c\ub054 \uc218\uc815\ud574\uc11c 
\ub108\ube44\ub97c \uae38\uac8c\ud574\uc11c \ubaa8\ub4e0 \ub178\ud2b8\ub97c \ub2e4 \ubc1b\uc544\uba39\uc744 \uc218 \uc788\ub3c4\ub85d \uc218\uc815\ud558\uc600\ub2e4.<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\"\"<\/figure>\n\n\n\n
FLAG<\/h2>\n\n\n\n
osu{h0pefu11y_th1s_4ss1gnm3nt_g3ts_m3_an_A}<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"
Description During his sophomore year of high school, enscribe made a really bad osu!catch clone for his final project in his Exploring Computer Science class. It was his first time on Unity, but it has some charm to it! Receive an SS (with maximum score) on “Bakamitai”, the hardest map, to receive the flag. Shouldn’t… \ub354 \ubcf4\uae30 »osu!gaming CTF 2024 – reverse\/ecs!catch<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","footnotes":""},"categories":[19],"tags":[24],"class_list":["post-1686","post","type-post","status-publish","format-standard","hentry","category-ctf-private","tag-reversing"],"_links":{"self":[{"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/posts\/1686","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/h4ck.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1686"}],"version-history":[{"count":3,"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/posts\/1686\/revisions"}],"predecessor-version":[{"id":1695,"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/posts\/1686\/revisions\/1695"}],"wp:attachment":[{"href":"https:\/\/h4ck.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1686"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/h4ck.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1686"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/h4ck.kr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1686"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}