-
Notifications
You must be signed in to change notification settings - Fork 0
Kyushu Security Conference 2017 Intro of GameSec
https://www.slideshare.net/linecorp/cedec2017-line
Exercises: A is a practice for Windows.
Download the game from the following URL. https://1drv.ms/u/s!ApYX-BnkUapSgn5WJXimDkruijNl
Install dnSpy on your computer. https://github.com/0xd4d/dnSpy https://ci.appveyor.com/project/0xd4d/dnspy/branch/master/artifacts
Find the method to process player's damage and death by reversing/analyzing an algorithm of the game downloaded in A-1.
Hint: Assembly-CSharp.dll/BlueIce/PlayerHealth
Modify the game file(downloaded in A-1) that a player never die against attack of penguin(enemy). After that, check the game file if the modification has been applied by playing it.
Find other cheat.
Decrypt this game's DLL. https://1drv.ms/u/s!ApYX-BnkUapSgwysIzWYT-5FTvm-
Exercises: B is a practice for Mac.
Download the app from the following URL. https://1drv.ms/u/s!ApYX-BnkUapSgw3q5Whm9hkAglv1
Install Hopper on your computer: https://www.hopperapp.com/
Count up to 200,000,000 on the app(downloaded in B-1).
Hint: $ objdump -d HelloWorld-desktop > disassemble_code
Hint: _ZN10HelloWorld12onTouchBeganEPN7cocos2d5TouchEPNS0_5EventE:
Hack the score of this app on Web Site. You can check your score from the following URL, if it is in top10. https://cedec.seccon.jp/cedec2017/
What is the maximum score that can be registered on this site(URL of B-3)?
Achieve over 1000 combo in this game. http://cedec.seccon.jp/camp2017/ http://www.challenge3.shop/ https://1drv.ms/u/s!ApYX-BnkUapSgwbhEQQ0Z0Sq0rzc