gamepwnmedium

SokobanHTB

hackthebox

Task: Extract the flag from an intentionally unsolvable SFML Sokoban game binary. Solution: Reverse engineer the binary to find TEA-encrypted ciphertext in .rdata, derive the 4-integer decryption key from X-mark target pixel positions on the game grid (using tile size and offset formulas), and decrypt with standard TEA 32-round decryption.

$ ls tags/ techniques/

game_hacking reverse_engineering pe64 tea_cipher sfml sokoban

tea_decryptionkey_derivation_from_game_statestatic_reversing

Analysis

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

$ python3 exploit.py --target 192.168.1.1 --port 8080
[*] Connecting to target...
[+] Shell obtained!

Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

🔒

Permission denied (requires tier.pro)

Sign in to access full writeups

Create a free account with GitHub, then upgrade to Pro.

$ssh [email protected]