Context: This is one of the questions I made for CodeSus which was an event organized by CCS TIET for freshers. Since none of the participants were able to solve it, heres the writeup.
Link obtained a spiritual stone (file) from Ruto, princess of the Zoras. He needs to play the Ocarina of Time to save Princess Zelda. Unfortunately, to play the ocarina he needs the password which is hidden in the file. Can you help him get that password ? https://www3.zippyshare.com/v/tIZUkwu1/file.html
- We need to find out what kind of file it is.
So we use the
filecommand in unix (linux/bsd/macos) to find out its type. Woedows also probably has an equivalent to
The output is
ocarinaoftime: WebAssembly (wasm) binary module version 0x1 (MVP)
- The thing about webassembly is that it can be compiled from any language. So we run the unix
stringscommand. This finds and gives us the readable ASCII strings in an otherwise unreadable binary. We get a shitton of text but ignore all of it except the first few lines which include
go.buildid Go build ID: "HNWkqS3VNBJms9Jb52Jw/i1auA6KRphLOrOuET_P4/s8bBXJ7b29jMyJrwS7Gq/CG_FVPXBuLKnBFwzqzF7"
Now we know that the webassembly was compiled using the Go programming language.
- All thats left is running the wasm (webassembly) binary in a browser. So look this up and you get an article in go’s official wiki. https://github.com/golang/go/wiki/WebAssembly They have complete instructions on how to proceed.
wasm_exec.js) that binds to a wasm file and some example html.
question.wasmand use the example html provided in go’s wiki
- Then serve the html using any web server (apache httpd/nginx/caddy)
We’ll use python’s inbuilt http server using
python -m http.server 6969
And when we go to
http://localhost:6969 > inspect element > console,
inocarinasheikiszeldaindisguise which is your answer.
TL;DR Read steps 1 and 2 and then duck/google (whatever) “how to run go webassembly”.
Last modified on 2020-12-13