#rev

I do believe Harry stayed up many nights to write this

#first-bloods message

nice, thanks harry for cool chall

i should learn to use the quote thing

very oars

R u winning son?

No papa

you know

i think the DRS should learn how to standardize their instructions

imma sue them on that too

:(

sovereign immunity

i gave up on taxes

😢

health ctf

mfw all but one part of flagle and cant get that last part

Exactly

dicecraft is pain

This feeling when you find out your final mistake in Form B and it finally spits out the first char

👀

same

Finally Form B done

What the HECK is taxes? 🙃 it’s annoying and addicting at the same time, i can’t seem to stop working on it

Same

It's also unsolvable

Iterating a trillion times seems to much for a tax form, yeah

flag format for dicecraft?

dice{}

see faq in #rules

What is the flag format?

dice{...} (regex: dice\{[!-z|~]+\})

thx

i got the flag of flagle but its not showing correct

any admin for help

please

the challange is also saying that the flag is correct but

fantastic taxes

anyone available for hyperlink? I opened a ticket but no answers

patience please

awake now, looking at complaints for taxes...

I hope the frustration you feel embodies the way you feel doing real taxes

no worries, people complain about taxes all the time

I just want you to know I glanced at that chal at 3am because I got curious and it was absolutely hilarious. It's still kinda funny at 11am 🙂 Grade A theme meme lol
Now, I haven't actually started yet, I need to text my family the emoji for my flagle solution before I can start there and I haven't found it yet 😉

I agree, this challenge is hilarious, until you dig a bit deeper 🤣 Our write-up will be legendary

The first two parts were fun...

exactly, then the reality striked back

can confirm

lmao

thats meme is speed

If you think DG6 is bad, wait until you see DG7

Would have been great if the chal would have been split into 2 seperated challs (A and B as one and C and D as one xD)

in retrospect this might have been a good idea

DG6 and DG7 are madness

well DG6 is already unsolvable, DG7 straight up takes you to another dimension

🤡

no one will be on fishing 😄

Also, after solving B and implementing C (which takes years to solve so the solution is of course wrong) you are so burnt out that you wont be able to do D xD

I’m burnt out after solving A and B already xD

wondering if anyone coded A and B manually

I wasnt able to fall asleep yesterday as I was thinking about solutions for B (which helped of course) but I dont think I can replicate that tonight with C and D

Taxes is absolutely doing me over. Got the first half but the 3rd quarter is just not happening

Much like real taxes

Maybe change the chal so that we only need to first two parts? 😄

C always gives back the same value in the end for me which is not what is expected. I have each and every line as the challenge has asked but still no go

C and D are believed to be broken at the moment

That would make sense ha - can an admin/mod confirm?

C has known error, pushing fix really soon... standby

it's hard to justify effectively doubling the point value for this problem mid-competition

Yeah true

Maybe add another challenge that gives half the points for half the flag?

haha

same effect though

see announcement re DG4-C/DG6

Damn the update doesnt help at all

"DG6 is correct" => ok, see you in 2 hours for the 1000 billion iteration to finish 😂

anyone working on taxes: if you've solved or made significant progress on DG4-D/DG7, can you dm me?

2 hours?

I calculated that it takes 950 Days to complete

Skill issue

Get TurboTax

TurboDice

imagine the typo was missing a 0

20h, still ok, there is room for that by the end of the challenge XD

I still have ideas about dg6, but none is working 😦

kinda like taxes, when you want to evade stuff, it doesn't work like you want

I think the updated number is still incorrect

Still unsure how I ended up solving typed

Fucking turing complete type systems man

🔥 nice job

🔥

:^)

rust or bust

welp, i give up on quantum xd

noooooo

Havent looked at the quantum is it fun (definition: Painful)?

im sure ireland had loads of fun during creation

it's the easiest of all the quantum revs
you only need to analyze 3 different gates

2M lines of qasm 🙃

p sure last year's challenges had like 30 gigs of qasm

btw fun fact, while making typed, I segfaulted rustc about 30 times

there's irony somewhere here

are you actually from ireland

how did you guess

wasnt sure if it was a joke 🤣

😮

you're not rbx nah?

actually ireland is every person from ireland

exactly

its in the name

i didnt know there was someone from ireland in dicegang

I think ireland lives in the us now though so

we are a multinational organization

lmao im just dying in the hadmard gates followed by cx
like wat so its a 50% percent chance that the cx is triggered no definite reverse

or international organization

ahhhhhh ireland 1000iq

im from ireland too btw hence the interest

🙂

I feel like the active members in dice all either live in the us or uk

lmao after this I am opening a ticket just to talk quantum with ireland 👀

larry?

oh right

a single canadian

:pepega:

I live in pandaland

i thought we all live in diceland

There was a short while I converted all the t's into s's then tried canceling out but sad no effect

since ireland over 1000iq

D:

the entire chat just died

i do wonder how to get such decompositions into t-gate, H, Cnot tbf

thats the fun things

well done to Zer0Tolerance!

Can the solver please DM me their solution?

see imo people are overreacting its the same procedure repeated (minus the cx gates ofc ireland had to use those ): )

theoretically, there's the solovay kitaev theorem.
but while that provides a poly time algo, it's v slow in practice

like several months slow I tried doing smthng like that ages ago D:

ooof

maybe im not efficient tho

lmao I built a theoretical solve script but its to slow I think D:

And prob doesnt even work D:

me for every programming assignment

🤪

hehehe you say that but its still running

im assuming its not that easy D:

isnt the limit with some qiskit backends (simulator) like 32 ?

2048793 gates/spaces yep this is gonna get my ibmq account banned

for some

👀

Me over here trying to copy a few (hundred) lines to see quantum stuff
My computer just crashing

Ireland with pschyological fear, ik how to optimize the code but then ireland prob made it so you cant

damn i wanted the 🩸 for the taxes

(insert I was here first meme)

btw @oblique zephyr what does CA stand for in taxes? Certificate Authority?

Chartered Accountants ig

can't be too obvious with hints ;p

any hints on flagle?

got all the parts except 4

Please do not ask for hints from competing teams.

If you wish to speak to an org or the challenge author, open a ticket.

jyu give every answer

However, we are not providing any hints for flagle (or most anything else that has already been solved) and would encourage you to try your best and learn independently.

mm...no

yes

this is a threat

ono

!bean @fringe portal threatening admin

✅ hyper#4353 (313105201311645710) was beaned. Reason: threatening admin

!bean @round terrace not giving every flag answers

✅ jyu#7186 (476169212717563912) was beaned. Reason: not giving every flag answers

man got beaned

!bean @carmine rover

✅ Platinum#3042 (317418749273833473) was beaned. Reason: No reason given.

!bean @fringe portal

✅ hyper#4353 (313105201311645710) was beaned. Reason: No reason given.

!bean @slow reef eating bagels without convent

✅ Quasar#0147 (767776595099385876) was beaned. Reason: eating bagels without convent

convent?

nice

consent

convent vs covenant

how do I become org

#team-search message

Waiting patiently for code results

is actually nice

are you still working on quantum?

yes

🙂

@round terrace how do I become org

I modded it slightly to irelands suggestions ¯_(ツ)_/¯

maybe it work

maybenot

prob not

#team-search message

I already sent mine

pls accept me

See the plan is hyper

Get job at PB

sell jyu pb secrets

ez win

Oh wait I just realized I was running the not optimized version 👀

lmaoooooo

🤡

hmm so jyu if a PB developer wanted you join dice would you let them
(this is a sarcastic joke obv not its PB no one likes it (the no one likes it part is also a joke))

defensive countermeasures and forensics can be found on Google

yes

Hmm is it worth further optimizing in life

I estimate 4 minutes of run time is that too much

oh well

taxes solved (guessed), i think DG7 is still wrong

:notlikeduck:

😮

pls make a ticket so harry can review

solvable wrong > unsolvable wrong

Could the latest set of changes to taxes be published? Extracting the questions from the pdfs took quite some time...

did you do it manually

No

But my OCR was not very accurate

So I ended up having to go through a lot of it myself as well

there are better solutions

I really wanna see writeups for that monstrosity, I ... don't think I have the willpower to stare at any more tax forms 😛

Did y'all have issues registering DiceGang with the IRS and this was your payback? 😄

(Neat chal concept, it's fantastic)

maybe harry was inspired by the llc formation

The best CTF challenges start with "wait what if we do X, that'd be insane". "oh wait, maybe we actually can do it" ... <does it>

dicecraft was the same way

i think

This was me coming up with sober-bishop

wait

this was

ignore the date

on 1/28

he speedran

it isn't there

LMAO

you think 1 week is a speedrun?

amateur

well he didn't start right away obviously

harry wrote the whole thing on the last day

Dicecraft 1 week is speedrun

:pepega:

anyway now you know why he was asleep so long

Wat

It's not a real challenge if it wasn't started 8 hours before

lmaooooooo

he went on a 30 hour no sleep grind before ctf start

too bad he was foiled by windows

a tale as old as time

lmaooo

pls do tell

my code is still loading D:

what

he wrote the code

compiling and running on windows was pepega

oh

windows moment

what else is there to tell

see

windows is garbage

¯_(ツ)_/¯

March to Jan - Chill
Jan and Early Feb - WAIT DICE CTF IS COMING CHALLENGES NOWW

Hello can I talk to an admin for flagle please ?

#create-ticket

thx I haven't seen it

😎

rookjie

did you write yours in an hour?

im being brainwashed by the names in typed

Same bro 0-0

I don't get C /DG6 at all - I think I'm done here 🙂 for taxes

why no music on dicecraft 😦

also props for making a macos version!

i spend 12 hours writing a rust template compiler

and it doesn't work

For taxes I put each line in a script for each form. A and B worked through apparently sheer luck as the same doesn't for for C And D

hyperlink is making my head spin, heh

!bean @grand crater GLHF, its not that hard just very easier to overthink and get confused

✅ FireFly#9973 (134368240016031744) was beaned. Reason: GLHF, its not that hard just very easier to overthink and get confused

...I simplified and I think I can get the flag now, but I still don't understand how this actually works, lol.. will have to read writeups afterwards I guess

oh that's silly, figured out what I missed in my analysis and of course it's always the dumbest mistakes that get you

!bean @grand crater congrats on getting through that, CTF's aren't won by the teams that get the most correct, but the teams who make the fewest dumb errors

✅ FireFly#9973 (134368240016031744) was beaned. Reason: congrats on getting through that, CTF's aren't won by the teams that get the most correct, but the teams who make the fewest dumb errors

Can I ask for challenge description clarification in here or is that :ban:

Uh...

I would say ticket, but I just woke up to see that nobody else is dealing with tickets and there's a bunch

One sec ill dm you it since its just me being dumb and not understanding smthng simple

Trying to solve the hyperlink chall makes me think I'm fool

😕 taxes 4-C and -D suck 😦

taxes suck, DRS or IRS

I'm probably in the minority here but I really liked taxes lol, esp C & D

but my brain works in weird ways

same :/

not here - just didn't click for me at all despite doing (A) and (B) pretty quickly

I liked C and D, it's just a shame they were initially broken (I chose to spend 4 hours formally verifying that it's unsolvable before deciding to open a ticket, quite worthwhile though)

oh.. yeah, understandable. I was lucky to get the announcement before I reached the point where it would've affected me

Hi, I am MrJ and I still have no clue. The sooner these writeups happen the better.

hmm, I could work on that after dinner, could do a writeup for taxes.. I've given up on getting anything more done on the challenges at this point anyhow

What better writeup than the actual filled in tax forms (all trillion of them)

I mean if you have the correct flag then filling it out should be a breeze

Look its a noodles person from cypat discord (/j)

cypat epic

I should just leave cypat server

no

nooooo rainbow will most likely ban half the server responsible

I think Matt will ban y'all for low score anyway

Matt will ban the server owner?

see im not in that team so HAHAHAHAHAA

jyu if you can find my team DO NOT leek

you are now

wat

Thats illegal

im alr in a team

yes

we kicked you off that other team

you will go down with us now

have a good day

👀one hour left until I realize that the answer has been infront of me all along and rage

@ jyu cypat based sys hardening chall?

q ua sar

no

oof

ok then

we do not touch this territory

it is forbidden

wat why

q
qu
qua
quas
quasa
quasar
quasa
quas
qua
qu
q

what

^

We do not enter sys hardening ctf

whhy

cyberpatriot not based

lmaooooo

ok then

Too guessy

oh

you should put heap pwn in nats

never ever ever

sorry

Lmaooooo okok

actually more than fine dice sys hardening would be harder than nats

cypat kinda on its way out doe

as famous cypat kingpin christo has said, people do cyberpatriot and 95% don’t know what a docker is

So sad

LMAooo that cant be accurate

oh well

how about perfect blue supportive challenge

pepsipu do you know what a docker is

docker?? Is that like a ship thing

do you know what a docker is

yes actually

yes

^

Omg they know

impossible

AZ how are you doing

Docker is no longer a hidden secret

I am confident I will fail quantum

giving up after waiting for coppersmith

same D:

I'm interested to find out how they generated the pdf for taxes 👀

I’ll release the tooling after the ctf

that's great challenge

i like it

not if you are the first to start realizing it's unsolvable😢

😔

dicecraft kill me

universal kill me

typed kill me

ahh i just need a few more minutes

3min

can't wait to see the solution for taxes

I let Ireland defeat me this year for universal, but I’ll be back next year :3

sameee

it's not very hard, basically extraction to z3 and solve

oh ctf is over now

pogu

GG

GG

Breach was evil and fun, rop inside the VM trying to work it out, I feel I came close but needed sleep

GG

GG

I've heard of z3, not really sure how it works tho....

imaging a CAS calculator but on bytes

You are kidding right ?

JUST RUNNING IT WOULD HAVE WORKED ?

unintended, but yes

(For universal)

AAAAAAAAAA

But yea, intended solution was roughly what I tried, but seems like I got tricked by the QFT a bit

from qiskit import QuantumCircuit, Aer, execute
simulator = Aer.get_backend('aer_simulator')
qc = QuantumCircuit.from_qasm_file("converted_circuit.qasm")
qubits = list(range(256))
qc.measure(qubits, qubits)
job = execute(qc, simulator)
result = job.result()
print(result.get_counts())

num_chars = 256 // 8
x = list(result.get_counts().keys())[0]
f = int(x, 2).to_bytes(num_chars, "little")
print(f)

i have no clue how it works

i thought it would take 2^256 memory

but qiskit has some fancy simulator that makes it work with like 3 gigs

(this was 100% unintended btw -- my solution is entirely static analysis)

yeah breach was fun

😢

Qiskit is just magic

But yea, fun challenge. I tried to isolate the adding component and then ran it though qiskit in the hope of getting the phase

But I was unsuccessful with that

breach was a terrible experience for me, gdb sucks

What was the intended solution for the cellular automaton part oft taxes? We implelemted it on a zynq7000 FPGA and got 1Ghz executions, so the whole thing just took a few minutes to run :D but I feel this was a bit overkill and we likely could have thought about the automaton some more and fast forward it or something?

regarding taxes dg6, I ended up computing the whole 1000 billion iterations by simplifying things + code in c++ (40 minutes computation), which I doubt was the intended way (well, it might actually be 😅 )
I was unable to find a repeating pattern to avoid computing the whole stuff. What did you guys do?

the cellular automata was rule 30 (https://en.wikipedia.org/wiki/Rule_30) but on a circle

lmao that's sick

We had it as rule86

yeah that's the same one just flipped I think

oh that's part C?

I just implemented it in C once I'd reversed enough to follow the logic; running it took ~30 min on my laptop

also implemented it in c

as val = (val | ror(val, 1)) ^ rol(val, 1)

but split into two 64 bit integers

using xmm simd im able to get to 20 min

but i did it three times because i thought i was wrong

my x86-fu isn't so strong, but I just used __uint128_t

unsigned __int128 _dg6 (unsigned __int128 number)
{
    return ~(~(rightRotate(number) | number) ^ leftRotate(number));
}

unsigned __int128 dg6 (unsigned __int128 number, long int cnt)
{
    for (long int i = 0; i < cnt; ++i)
    {
        number = _dg6(number);
    }

    return number;
}

what was the final value that you got from dg6? i ran everything the same way but couldn't seem go get the right output

here's the interm results

Final value: 0b01010110000001010100001001110011000011001110000111101001111111110000001010100010011010101101000110111100000010100001010111011100

I printed out the last 5 loop iterations since I was worried I'd have an off-by-one and loop too far, heh

can anyone send typed flag? i wanna check if my typechecker is correct

source for dicecraft https://github.com/hgarrereyn/dicecraft

This is how far I got on breach dumping it, also got other output with a bunch of the ROPs dumped but didn't solve it

this is super cool! is this graphviz?

yep, graphviz, I'll grab the script and share it

The script used to create it can be seen here https://gist.github.com/ReDucTor/43c75d169df909e497865825df2c8221 attempt2.py is the one used to solve it, attempt1.py is one which attempts do simulate the VM and also dump the ROPs

some gdb scripts for breach. Allows you to have somewhat nice debugging, i.e. step, breakpoints, continue, memdump. Also integrates with gef to give context panes

want me to DM the flag to you, or just post it here?

post it here doesn't violate rules right, my dm is open as well, thanks

this is so cool! I'm totally gonna steal this code for future ctf's ;p

dice{l1sp_insid3_rus7_9afh1n23}

haha feel free to, not sure it really paid of in the end

also code is really bad

So what was cable about? I solved it pretty quickly by bruteforcing the flag bit by bit and looking at how the map thing changed in memory but I have no idea what it represents, I did very little reversing

thanks btw, how fast did your calculate the string out, the script runtime, not including the analysis

uh, I was lazy and just solved the system of equations with pen and paper (once I reversed the logic behind the "program")
took me 20...30 minutes I guess

oh ok thanks

btw is the author of typed is reading this, I want to say thanks
this is my favorite chall of this CTF

very nice, I might try this method the next time I work on a similar challenge

you know what i want to say to harry

😨

I gave up reversing the logic at some point and re-implemented the lisp to a z3 lifter 😂

@sly quartz 🙂

i implemented a full-fledge rust type checker 🤣

lolwut

too cool

I mean, essentially, just putting the z3 on top to satisfy it

though very ad-hoc and ugly 😄

couldn't figure out how to convert type relation to logical relation

it feels more like a set theory instead of logic so that's why i didn't use z3

:D

while doing it i also tried gradient descent, which almost work🤣

https://en.wikipedia.org/wiki/Wireworld

I was originally going to make a much more complicated lisp program

but then I realized that I hate lisp and rustc hates me

so I settled with this

oh yeah... the thing that messed up by analysis of hyperlink some hours back was I was too focused on going from start to target that I forgot the provided app.py uses target only as a bitmask and ANDs with it, not a direct == comparison... so I was thinking each 4-chunk of state was to go from 8 to 1, and couldn't see how that was possible with the state transitions

oh uh

now that dicectf is over

...oooohhhh

I should probably report that segfault I found

compiling this makes rustc segfault

oh sorry 😭

i think a tester missed that too

it basically simulates a few nondeterministic finite automatons in parallel so it only requires that some of the states get reached

looks nice... too bad it was cheesable 😂

it was a really fun challenge to analyse though :p

lol thanks

did you figure out what the state machines did

yeah, i was trying to make something bigger but I had a lot of timing issues

the electrons would not meet properly

can you send this, sounds kinda cool

Yes, the code is fugly 😄

also btw the challenge description is a reference to https://aphyr.com/posts/342-typing-the-technical-interview

not quite, no, but I noticed they all had the same structure and only pertain different letters. what did they do?

“Wait, hang on,” Criss interrupts. “Shouldn’t you… shouldn’t there be type declarations here? At least on our functions?”

You smile kindly. “Haskell is a dynamically-typed, interpreted language.”

Criss appears to have swallowed a frog.

basically, the first state machine checked that the flag was the right length (you might have seen the binary number get shorter and shorter)
the next ones checked for series of three letters to be in the flag. eg checking that dic, ice, ce{, etc. existed

oh I see

How were you supposed to solve taxes? Using pdfPlumber or smth?

I can't reproduce this now, but I got an ICE when I was trying to rename some variables

lmao is this a parser combinator in python

this looks disturbingly like the shitty parser combinator I made in js a year ago

I needed to parse shit, didn't want to get bogged down in flaky string-handling, so I just googled for some library

it worked reasonably okay

using generators as discount monads

I used poppler's pdftotext -raw to get something workable that was easy to hack up a parser for

I see

My annoyance with the parser combinator would be optional whitespace/token separators, if I actually had cared about those 😄

wow your code is really something

although my original code is also fugly af

so I should shut up

i only used pdftotext to extract opcodes from DG4D, rest i just read/interpreted manually

Yeah, trying to keep it close to the original type stuff just to avoid bugs by faulty interpretation of what it means 😄

and the weird proper vs improper lists were sometimes tricky too 🙂

any have taxes writeup?

I have had so many internal crises

while writing this challenge

I'd impl a thing then rustc would start segfaulting

and I'd be like "oh no please don't make me scrap this chall"

I have one for A-C currently, I should finish it for D too...

luckily I made it all the way to the end without rustc crapping its pants 👍

it's... kind of verbose though

wow this is

super high effort

I just broke in the vm

and ran this every time

to get a traced disassembly

was incredibly slow

took ~10 minutes to get to the input processing

yeah same the above is also very slow

not entirely sure why though

imo shouldn't be too bad

cause there are like

~100k iters to get to input processing

and it has to spawn python interpreter

every single instruction

oh really? (I didnt to much of the rev)

ah and so gdb spawns a new interpretery everytime?

I would have expected it to reuse it?

at least the way I did it gdb spawns a new interpreter

idk about yours

I mean looking at gdb source code, I would not be surprised lmao

ohh greats, when you finish you think on share please? hahah i have DG6

yep, sure

D is a stack machine

the first two bit is opcode, following is imm

program text is in Field A and stack is on Field B

but the program actually misses a pop stack after each letter

so it's unsolvable lmao

breach source: https://github.com/hgarrereyn/dicectf2022-breach

https://gist.github.com/FireyFly/d0fd7db70c9777e930a7fa2bff9f0a7a -- I didn't proofread it and it's a bit... verbose and longform, but eh, there you go :p

Thanks, makes me wish I had spent a few more hours on the chal 🙂

Good writeup!

Thanks!

what is the intended solution for hyperlink?

it had something to do with matrices?

@heavy drum

basically, each link is a list of integers

this can be interpreted as a matrix of bits

if you look at these bits, you might notice that the matrix is very sparse

it only has entries on the diagonal

this is because it's actually a bunch of block matrices along the diagonal

the "linking" operation is actually just matrix multiplication where * is & and + is |

the big idea is that it simulates the operation of a nondeterministic state machine on the input

and the current integer is the state

but did people actually solve it in that way?

most people did some sort of "side channel"

I bruteforced my way back from the end

and guessed the first part of the flag

interesting

got until the word thing_

ah

but actually to go from h to t it took a full day

wow

can you share a solver?

there isn't really a """solver"""

the easiest way is to figure out what the state machine is doing

and use that to recover the flag

specifically, it actually simulates a bunch of state machines at the same time

one of them checks for the flag length, and the others check for sequences of 3 chars in the flag

eg "is dic in the flag" and "is ice in the flag" and "is ce{ in the flag"

once you get those sequences of three characters it's really easy to arrange them into the flag

the characters are supposed to be the states?

mm not quite

It sounds very complex that I think if the flag was a little longer with more characters it wouldn't be solved at all

the current states are held in the integer (start is initial states and target is accept states)

the characters are the symbols transitioning between states (regardless of if you treat it as one big automaton or 32x 16-state ones)

lol i actually wanted other techniques to work so it was more friendly to intermediate players

oh my god

that explains some weird behavior in my script

while bruteforcing "some characters" gave more options than others

they were the one repeated more than once

and that basically means they can go to multiple states

yes it was nondeterministic

basically, a nondeterministic state machine is one where each state can go to many different states and it will branch

Yes

and whether it accepts just depends on whether a branch accepts

and it can go back if it was of no success

not "go back"

take another branch

awesome challenge, thanks 😄

here's what it might have looked like (i dont remember)

https://up.firefly.nu/tmp/graph.d.svg I ended up plotting one of the sub-automatons like this, but was focusing on the wrong node as the accepting state, whoops :p

(I think I also might've gotten some states wrong in that graph, I don't remember now)

lol

I kind of stopped with that track when people said I was overthinking it, and after not seeing how to reach 1 from 8 :p

oop

what about dicecraft

is anyone who has typed write up??

where can i find the flag-checker.wasm file for fragle guys?

https://flagle.mc.ax/flag-checker.wasm

There's actually no challenge called fragle so there is no .wasm file

bruh flagle kinda lame, it only has 1 word smh

do the devs plan on adding more words to it

considering the ctf is over, uh, no...

did the devs intend the game to only be playable once? 🤨

flagle refreshes the word every ctf day

!quote 805962713133875211-939629636546068501

@true finch thanks for cleaning up my mess

@tidal flax

that's someone else's solve script for typed

there's also some stuff in the official author writeups

haha, we had exactly the same WTF1/WTF2 names for the two sets of constraints

😄

@oblique zephyr could it be that the constants in dicecraft were wrong in the level? We had the same exact mismatches in our flag from z3 as https://github.com/IrisSec/irissec.github.io/blob/master/_posts/2022-02-07-dicecraft.md

and we double checked our constants from the game

yep I double checked too, think there's just a mistake in the terminals in the map

was wondering what minehraft was at first

hmm that's strange, I generated a "solved" version of the map as well so I know the correct flag should also work

does z3 give multiple solutions?

I thought it would be unique but I could have made a mistake there

in my testing it didn't

but I can double check later

this is an awesome writeup btw!

how did you generate those isometric overhead views?

i changed the perspective camera to an orthographic one

and removed the fog from the shader

oh that's awesome!

I was curious how hard opengl code would be to patch

I recompiled the source code from your repo

thankfully you posted it before writeups were due, some ctfs wait until after writeups are due to post source for whatever reason

maybe I messed up my scripting, but no, z3 does not give multiple solutions:

Oh I found our error

we transcribed two b's into two 6'

ah that makes sense

omg is this a markov chain diagram

looks like a graph to me...

nvm im pepega

it's a finite state automaton

For those who are interested, we're going live on Twitch to explain how we solved the Taxes reverse challenge. Live is in french. Feel free to join us 🙂 https://www.twitch.tv/dysnome
The VOD will be available later on YouTube

https://github.com/ReDucTor/dice-ctf-2022-breach-writeup/
Write-up of solving breach

!clean user 821232024064753724

✅ Deleted 1 message!

damn, ABU getting us all the nitro