For this not so simple game, we need to increase our odds of generating a Treasury Box as well as our odds of successfully exchanging the Treasury Box for the Flag.
Solution to the challenge
In order to hack the RNG use in this challenge, we need to create a local version of the whole RNG system. We used the local system to predict the RNG and pinpoint exactly what seed is needed to generate the desired number. Since the seed generation is open source and predictable we were able to generate our own seeds until we created one that worked.
Ways to protect against exploit
This attack was possible since the seed used to generate the random number was predictable and based on data that we could get access to. With a RNG, if we can reproduce the seed, we can reproduce the results.
We also got a warning from the hosts in the module.
sources/random.move
/// @dev Warning:
/// The random mechanism in smart contracts is different from
/// that in traditional programming languages. The value generated
/// by random is predictable to Miners, so it can only be used in
/// simple scenarios where Miners have no incentive to cheat. If
/// large amounts of money are involved, DO NOT USE THIS MODULE to
/// generate random numbers; try a more secure way.
They recommend using more secure ways to generate random numbers. To protect against this exploit, the RNG algorithm needs to use a seed that is totally unpredictable. To generate truly random seeds, you need to 'collect entropy', which means you need to find a way to add more randomness to the generation. A common way to do this in normal applications is to incorporate mouse clicks, keyboarding typing, etc. in the generation of the seed to make it totally unpredictable.
A blockchain version of collecting entropy could be to gather some data about the current state of the chain or maybe the last few hundred transactions of the chain and incorporate that to the generation of the seed. This would ensure that no one would be able to predict the seed.