Description
A COLLADA (.dae) 3D model file represents an enemy mechanical device. The red axle rotation is the input; the blue axle rotation is the output. A very large input number is given. Determine the gear ratio by opening the model in Blender, then divide the input by that ratio and convert the result to ASCII to get the flag.
Download the challenge archive and extract the .dae file.
Install Blender (free, from blender.org) to open the COLLADA model.
wget https://artifacts.picoctf.net/c/508/vm0 && unzip vm0.zip# Open the .dae file in Blender: File -> Import -> Collada (.dae)Solution
Walk me through it- Step 1Open the model in Blender and count the gear teethImport the .dae file into Blender. The model contains two gears: a large red gear and a small blue gear. Delete non-essential parts to expose the gears, then count the teeth on each. The large gear has 40 teeth and the small gear has 8 teeth, giving a gear ratio of 5:1.bash
# In Blender:bash# File -> Import -> Collada (.dae) -> select the .dae filebash# Use X to delete non-gear objectsbash# Count the cogs/teeth on each gear manuallyLearn more
COLLADA (.dae)is an XML-based 3D model interchange format. Blender can import it directly via File -> Import -> Collada. The model in this challenge is a Lego-style gear assembly representing a simple machine.
Gear ratios work as follows: if the large gear has 40 teeth and the small gear has 8 teeth, one full rotation of the large gear causes 5 full rotations of the small gear (40 / 8 = 5). So when the red axle (attached to the large gear) rotates by some amount, the blue axle (attached to the small gear) rotates 5 times as much.
In this challenge the relationship is inverted: the input is the red axle (large gear) rotation and we must find the blue axle rotation. Since the small gear spins 5x faster, multiply the red rotation by 5 to get the blue rotation, or equivalently divide the very large input number to reverse-engineer what the output axle value corresponds to.
- Step 2Apply the gear ratio and convert to the flagTake the large input number from the challenge description. Divide it by the gear ratio (5) to get the blue axle output value. Convert the result from decimal to hexadecimal, then interpret the hex as ASCII to reveal the flag.python
python3 - <<'PY' # Replace INPUT with the large number given in the challenge INPUT = 0 # paste the number here ratio = 5 # 40 teeth / 8 teeth = 5 output = INPUT // ratio # Convert to hex and then to ASCII hex_str = hex(output)[2:] # strip '0x' flag = bytes.fromhex(hex_str).decode('ascii', errors='replace') print(f"Output: {output}") print(f"Hex: {hex_str}") print(f"Flag: {flag}") PYLearn more
The gear ratio translates the very large input rotation number into a smaller output number. That output number, when viewed in hexadecimal and decoded as ASCII, reveals a picoCTF flag string like
picoCTF{g34rs_0f_m0r3}.This challenge teaches that CTF problems can come in non-traditional formats. Instead of a binary or web app, the "virtual machine" is a physical gear system modeled in 3D. The mathematical relationship (gear ratio) is the "instruction set" of this machine, and computing the output given the input is the "execution."
Flag
picoCTF{g34rs_0f_m0r3}
The gear ratio is 5 (40-tooth gear drives an 8-tooth gear). Divide the input by 5, convert to hex, decode as ASCII.