imaginaryCTF

Roblox rrreversing [100 pts]

Roblox added a new anticheat recently to ban all such hacks! Surely that can hide my flagchecker! Note: you do not need any Roblox cheats or exploits to solve this challenge.

Attachments: https://www.roblox.com/games/80287701254224/flag-checker-goes-brrrrrrr

Author: lolmenow

Find the challenge @ imaginaryCTF and solve it!

Solution

Going on the webpage, we can see a message on the game saying “This experience’s source can be copied.” Copy this experience (or download the place) and open it in Roblox Studio. From here, the main script is located in StarterGui > LocalScript. Opening it, we see obfuscated LUA code, however digging into it, we see a strange v26 variable which does many math operations. This is very suspicious! So, reversing these math operations gets us a string of numbers which are in decimal. Decode from decimal to get the flag.

Py script to reverse math operations & get flag: https://cybersharing.net/s/0b4147ee0392b1b4a4bc5f58eb72543d

____

17 September 2024

Tags: rev

Share this writeup: