I began participating in CTF competitions in August 2023. SekaiCTF 2023 was the first contest I took part in.
EDIT: Official writeups have been released after I wrote these ones - https://github.com/project-sekai-ctf/sekaictf-2023
https://azusawa.world/#/2023/03/02
Author: enscribe
❖ Note
The website only contains the challenge description, and is not needed to solve the challenge.
https://storage.googleapis.com/sekaictf-2023/azusawa/dist.zip
As mentioned in the note, https://azusawa.world/#/2023/03/02 doesn't provide any meaningful solution to the problem.
If you unarchive the dist.zip file, you'll come across Asusawa's Gacha World.exe, which appears to have been built using Unity.
If you execute the .exe file on a Windows computer, you'll be greeted with an Otaku game screen 😅. Clicking on the ガチャ詳細 (Gacha; lot detail) button will display a message in Japanese indicating that you will obtain an ultra-rare character after the 1,000,000th Gacha pickup.
While you own only 100 crystals, you need to attempt the Gacha 1,000,000 times.
https://github.com/imadr/Unity-game-hacking
It shows Assembly-CSharp.dll contains compiled C# files. The file is found in dist/Asusawa's Gacha World_Data/Managed/Assembly-CSharp.dll.
You have the option to decompile it using ILSpy. Upon decompilation, you will be able to access the source code. From this decompiled source code, you'll observe that the Gacha logic is situated within an HTTP server, and the game communicates with this server by sending HTTP requests.
The request format is in JSON and it needs to include three fields:
