Troy Lopez

DAMCTF Author Writeup - breach Protocol

hack the mainframe, choom. eddies for days.

Challenge Description:

This challenge was inspired by the hacking minigame in Cyberpunk 2077. You have to select bytes out of an array to "spell out" a given string for various in-game currencies. Additionally, the direction you move (x/y) toggles with each selected byte. There are some red-herring strings given as examples, but players need to determine what combination to enter for the exploit.

Source code here.

The Exploit

First, we need to enumerate the server. The bytes in the array are specifically chosen, and translate to a small alphabet. Using these we can spell out "ls -R". This returns the following:

    BUFFER: [6C 73 20 2D 52 ]

    DEBUG: AXIS: y
    BREACH FAILED. ERROR:
    .:
    alft
    altf
    atfl
    falt
    flat
    latf

    ./alft:

    ./altf:
    flag

    ./atfl:

    ./falt:

    ./flat:

    ./latf:
    

Actions on Objectives

Now we just need to string together the bytes for:

    cd altf; cat flag
    

Punch this in for the flag!

Player Writeups (in no particular order)

• https://eddwastaken.github.io/posts/damctf-2025-breach/
• https://k3sero.github.io/posts/Breach-Damctf2025/
• https://anduinbrian.github.io/posts/writeups/damctf---2025/#miscbreach

If you'd like your writeup added please reachout to tlop@tlop.xyz!

7/14/25