picoCTF Solutions
picoCTF 2023Reverse EngineeringMedium

Ready Gladiator 0

Published: April 26, 2023

Description

CoreWars is back, and this time you must intentionally lose every battle against the Imp. Submit a warrior that self-terminates immediately.

Setup

Download imp.red

Edit the provided CoreWars warrior so it contains nothing but a header and ends immediately.

Pipe the modified warrior into nc saturn.picoctf.net 62089 to fight the Imp.

printf ';redcode\nend\n' > imp.red
nc saturn.picoctf.net 62089 < imp.red

Solution

  1. Step 1Strip the warrior
    Removing the code ensures your warrior instantly dies each round, satisfying the "always lose" requirement.
    Learn more

    Core War is a programming game invented in 1984 by A.K. Dewdney where two programs (called warriors) compete inside a virtual computer called the MARS (Memory Array Redcode Simulator). Each warrior is written in Redcode, a simple assembly-like language. Warriors take turns executing instructions, and a warrior dies when its program counter reaches an invalid (DAT) instruction. The last warrior with a living process wins.

    The Imp is the simplest possible warrior - it consists of a single MOV 0, 1instruction that copies itself one cell forward, then the program counter advances. This creates a self-replicating "wave" that sweeps through memory indefinitely. The Imp is famously difficult to kill because it continuously overwrites cells ahead of itself.

    In this challenge the goal is to lose. A warrior with only a ;redcode comment line and an enddirective loads with zero executable instructions - its first turn immediately hits an invalid instruction and dies. This is an interesting inversion of the normal CTF "win" condition, teaching that understanding the rules of the system is the first step to satisfying any constraint (win or lose).

  2. Step 2Run all rounds
    Send the file through nc; once the matches finish, the server prints the flag.
    Learn more

    CTF challenge servers that run multi-round games typically require all rounds to complete before issuing a flag, which proves the contestant understands the required behavior consistently (not just by luck). Here, sending a zero-instruction warrior guarantees a loss in every single round deterministically.

    The nc host port < filepattern sends the file's content as stdin to the remote server. The server reads the warrior definition, runs the battles, and responds with the result. This non-interactive use of netcat is common in CTF challenges where the protocol is simple (send data, get response) and no back-and-forth interaction is needed.

    For more complex Core War strategy, the community has developed warriors optimized for speed, area coverage, or anti-Imp strategies. Resources like the ICWS (International Core War Society) archive and sites like corewars.org document decades of evolved warrior strategies - a fascinating intersection of programming, game theory, and evolutionary computation.

Flag

picoCTF{h3r0_...6d4cf}

Any warrior that terminates immediately will forfeit every round and yield the flag.

Want more picoCTF 2023 writeups?

Browse picoCTF 2023Full library

Useful tools for Reverse Engineering

Related reading

What to try next