Decred — Exodus Puzzle Walkthrough

The puzzle begins at the link https://www.exodus.io/decred/

We arrive at an image with two clickable links — one on the computer screen and one above the keyboard. The first leads to a video

( http://crypto.haluska.sk/exodus.mp4)

showing several enemy ships (7 in total) attempting to attack the player ship but they all get defeated one by one. Each battleship’s shift in motion and bullet fired collectively represent 8 bits ( 0’s for the shifts and 1’s for the bullets fired).

If we use a complete ASCII table (http://www.theasciicode.com.ar), we can decode all the information and arrive at

0111 1010 – z
1001 0111 - ù
1000 1010 – è
0110 0100 - d
0010 1111 - /
0111 0110 - v
0111 0000 - p

Now this text as you might guess is ciphered. So here we turn to the image of the keyboard which we discovered earlier on the puzzle homepage (https://www.exodus.io/decred/img/80s-Keyboard-Dark.jpg)

This keyboard is a hint to tell you that the ciphered text can be deciphered on an AZERTY keyboard, with a simple shift to the right. We can do this here. (http://www.dcode.fr/keyboard-shift-cipher)

We get the following results

azerty →    am-s.co
azerty ↑ s)uc9'm
azerty ← e*_f§b^
azerty ↓ é^,eLfà

As you may notice, the first one seems to be a URL. So if we visit that website, we get to a “Protected Site” page with a password prompt for entry.

If you remembered our ciphered text we discovered from the video file, you can enter it to proceed

zùèd/vp

Once we enter that password, we arrive at a basic Wordpress site with the following post which sets out some basic rules and gives a couple hints as to what direction not to proceed in. In doing so, it also makes it quite obvious that the next part of the challenge will be to penetrate the site in some way, making it sort of a CTF-style challenge.

Rules & Code of Conduct 
Please follow these rules in order to avoid creating obstacles/pitfalls for yourself and others.
* PLEASE, no denial of service / resource exhaustion attacks. It will not lead you to anything helpful for this puzzle.
*
* Thinking about brute forcing logins/passwords?
You need to just >>>
…….╱¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯╲
….╱░.░░░░░░░░░░░░░░░░░░░ ╲
.╱░░.░░░░░░░░░░░░░░░░░░░░. .╲
|░░░░█▀▀░▀█▀░█▀█░█▀█░░░░░░░░|
|░░░░▀▀█░░█░░█░█░█▀▀░░░░░░░░|
|░░░░▀▀▀░░▀░░▀▀▀░▀░░░░░░░░░░|
.╲░.░░░░░░░░░░░░░░░░░░░░░░ ╱
….╲░.░░░░.░░░░░░░░░░░░░░░╱
……¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
This will not help you. Penetrating SSH service is not one of the steps so don’t bother trying.

A player then continues from reading the instructions and may decide to do a port scan of the website with nmap. If so, he’d get the following results.

Prasanths-MBP:~ Administrator$ nmap am-s.co
Starting Nmap 7.40 ( https://nmap.org ) at 2017-07-01 14:34 EDT
Stats: 0:00:08 elapsed; 0 hosts completed (1 up), 1 undergoing Connect Scan
Connect Scan Timing: About 7.85% done; ETC: 14:36 (0:01:10 remaining)
Stats: 0:00:12 elapsed; 0 hosts completed (1 up), 1 undergoing Connect Scan
Connect Scan Timing: About 12.57% done; ETC: 14:36 (0:01:03 remaining)
Nmap scan report for am-s.co (208.77.99.224)
Host is up (0.050s latency).
rDNS record for 208.77.99.224: server1.adbogie.com
Not shown: 981 closed ports
PORT     STATE    SERVICE
21/tcp   open     ftp
22/tcp   open     ssh
25/tcp   filtered smtp
53/tcp   open     domain
80/tcp   open     http
110/tcp  open     pop3
111/tcp  open     rpcbind
135/tcp  filtered msrpc
139/tcp  filtered netbios-ssn
143/tcp  open     imap
443/tcp  open     https
445/tcp  filtered microsoft-ds
465/tcp  open     smtps
587/tcp  open     submission
993/tcp  open     imaps
995/tcp  open     pop3s
3306/tcp open     mysql
6667/tcp open     irc
7000/tcp open     afs3-fileserver
Nmap done: 1 IP address (1 host up) scanned in 22.03 seconds

It’s interesting to note that ports 21 & 22, FTP & SSH are open, however we know from the blog post that penetrating SSH is not an option but it leaves out FTP. It’s good to remember this information for use further down the puzzle trail. All other ports are basic and don’t give any response. If we progress to do a full nmap scan of the website as the initial one doesn’t scan all the ports, we notice that port 62217 is open and the service is unknown.

PORT      STATE SERVICE
62217/tcp open  unknown

If we try to connect to the port with a program like netcat, we enter an app running on the port

Prasanths-MBP:~ Administrator$ nc am-s.co 62217
Hello, my friend!
The current time is: 14:37:41
XJ NZWZCD LCP XLYJ LD DZXP ZQ JZF XLJ DZZY QTYO, SZHPGPC ESPCP TD L NPCELTY EZBFP ESLE JZF HTWW YPPO EZ RPE ESP CPBFTCPO NSLCLNEPCD EZ QTYTDS ESP CLNP EZ ESP PYO. RZZO WFNV LYO ACPDD ZYHLCO EZ GTNEZCJ!

The text block that we get looks like some sort of cipher, so if we put it through a caesarian shift cipher and run through all the possible shifts, we eventually get to a deciphered message.

Now notice that one word “TOQUE” seems a little out of place. That’s because its scrambled and is an anagram for “QUOTE.” You should also notice that the application running on port 62217 seems to be accepting input. This should lead you to believe that there is some sort of quote or message you need to enter to get to the next step.

Going back to the video we found at the beginning of the puzzle, if you do some further analysis on the audio of that video, you will notice that there is morse code hidden in it.

This morse decodes to:

“WE DO NOT MERELY DESTROY OUR ENEMIES WE CHANGE THEM”

If you google this quote, you will notice the first link that pops up directs to http://www.shmoop.com/1984/power-quotes-5.html which tells you it’s a quote from from 1984 by George Orwell. If you copy the quote from that website that reads “We do not merely destroy our enemies, we change them.” and paste that into your netcat interaction with the app on port 62217, you will get to the next step. It will return the following.

XCQaqlM4biiFF==RRAYKbJ61V5Ni0fH8mXRxjCpSzs
suEYCRwBWKO3ms9XANQle7sRojZUD6Dpr8rexZJOtm
CxLDBaBk51w0C528b5jfeGpuFNKzmWgexhOfduXoh2
4hb4bhOx7XS5Xs7faWlfzhBx8HF1MpKCrkWyH3NGko
XP1l|tEA|e5KzsGRn2=JoTn6uRyy46Y=0bs1gMEh8e
VDKa1Y6OKyC9JcfkcqHyICC7qJCTdm0rbcy06ATG2i
tEmgBYqQ6Sd8JbpmT6Xht81Tz442HJvhaKzxXnSIqr
sFPIbFw4LbFhyoKnnF6VK0YkjP+H3aYL6A7i81HApf
ZI88X6tdyH2jLQHXRpu0aW8EFdsCdhYSnhsUNKc7Rg
osmh0h74g3I9FRv5NQZj2zg0lzjg2+pXAWjR/MFGRG
xqLfwRf7YDmNjNEJPfI3c16bX/I5aLX8bcwlX4h4TC
RiqXvWVBEO7fxwUUe5cnB201RY2jFOy8tc2cPU+q94
bv2ocvROsP2LXwbyR1rmomvFCkAbETxfM9F3jDO7J7
WQtQOLYX46xILVJo8iltsAoNpNwlzcX+NlKb8odnEm
sepHMEJ9-EAFMuafJ8UzwSeHfPLdYxs3e60k88wjh8|
0ycfyTiA5JYzequT8-Wevc3rFJokdXLbw3gFnqz5yH|
EohRzFxB4Rv2RqmCrTAmIhlFVZSgNVAR7sQcOCzVHZ|
vKUQqKXWklzXS5mt24kLunvQb4dCvGhoQYfI1EPeSY
EOz5SM5JlNOcN4z7C‘Acc9V1I53zaOs1oS03D1FkXo|
eyiUuJWgn9Jk9qDwKzobzR7yC9pcAK01lBJAeolZ3b|
g3gVrmD9cena6INnyWpuBt8A9kOhC6UEEQqkBEM8VI|
lkCifs3hegF6bDJ7AEZvssbZoMHywrfhFapxncbW1b
SlSTTcoa17gYPp4e+JEyGumhLjSyibmp6pxtOhhdXt|
0cShlLmneDRYsYqqIhqd5GliFK7VC6wrYMPc9hctet|
ywn0mvQJH9pIoOWA0LM4SEaHg9Om2xaArGy2vWrXEA|
40IssqJeuUqD2FuH44MqzETYJkFWmO5IVmTzgPdDLR
WbAyLD1oiq7tg4x7obsBYACPUddV1tSiNP+ddswH3Y
66tAjAfmICqbebHizUhsJi71WVxugLYwELC/m1b7ca
NbH1W8zm5eXHfyaW1HtfLPRJB6gQ8aHGRfF73LKUz9|
ZmpiWfSbCRLfmNNQV6caaxV6qOQ6MdME5zDDhOLioY
l81tbUNgcTCodzOPTirlql5vYyUcgKIUAxndwVM1JT
wnqma5teMwqrOKO24kPNojQXZcvL9w47wF51F2io9J
3RMY3N4sCMM2M5MpDDyLcZ8Rc6kMyoDh79KTpsefYv
v8hrV7LyQvI7wRIp0D4EMB0t4oUCbdDCeTruLUTvXH|
ezYDv9ZLRruskKiBhCxrnCGnMCOq2wfO0QD38BmS7B
GD0Kjw83re7jcoo9Noow3ftpf6G3XzoGP6yCuvhkUu
3ID5on0KBfi27cHoQ8IK8mwahRd8A==lOL0DwJD0Gk
wJUVA1ZiHL0R0gZPBKu3btTDOwI9ytm5dbhmJJQ1vF
ZkUNe2CehudTGDhO13l7gNGpf7HFpF0rfKraD2qxX0
sIsNZ2ZiuNinFceVMLGWT2MtiSjilo0vLi5Tn9i2Rr
WztE56pqrUYUWmwctiZInBvmqWfTlsKxrkUmFEQbm7
a7ymkg4w4P7q0ld0pHxA15NA48plzhkyt1CW78p4st

The next step required some extensive scanning with wpscan or a similar tool to find a vulnerability in the site, and since not much progress was made, a hint (nice joint) was given during the Decred live stream broadcast on Youtube. “Nice joint” is simply an anagram for “injection” as some soon figured out and that should have led you to believe there was an SQL Injection vulnerability in the website. With a little further scanning, you should have noticed that wp-symposium version 14.11, a plugin for Wordpress, was installed and it is known to have an SQL injection vulnerability - https://www.exploit-db.com/exploits/37824/

Now that you know this, you should move to exploit it either by a custom written script or more preferably a program like sqlmap.

You can begin with a simple command like such to begin the process.

sqlmap -u “http://am-s.co/wp-content/plugins/wp-symposium/get_album_item.php?size=version()%20%3B%20--" —-dbs --level 3

Once you’ve dumped the entire database, you should notice a table with a unique name not part of the normal Wordpress schema

wp_ptfacdeeilnrst

the characters after the underscore as you might notice can be reordered to make “ftpcredentials”

If you proceed to dump the data from this table, you should get the following information

user_name:  4017B940CAE24016AAD3B435B51404EE
user_password: BCA2A84FA7A10EF3F06FA49727B0EAC567928360

If you examine further, you should notice that “user_name” field seems to contain a hash. It is hashed with NTLMv1.0 which is no longer considered secure, so if you proceed to un-hash, it will come out to “exodus”

As for the user password, you should notice that all the characters in there can be separated into 8 bit hex values.

e.g.

BC A2 A8 4F A7 A1 0E F3 F0 6F A4 97 27 B0 EA C5 67 92 83 60

Now if we proceed to convert these to decimal numbers and use those values to correspond to the letter place in the text block that we found earlier, we should get the password.

Here’s a little script that one of the puzzle players @blue_sky_catastrophe on the Decred Slack Channel (http://decred.slack.org) wrote to help do this faster.

raw_str = """XCQaqlM4biiFF==RRAYKbJ61V5Ni0fH8mXRxjCpSzs
suEYCRwBWKO3ms9XANQle7sRojZUD6Dpr8rexZJOtm
CxLDBaBk51w0C528b5jfeGpuFNKzmWgexhOfduXoh2
4hb4bhOx7XS5Xs7faWlfzhBx8HF1MpKCrkWyH3NGko
XP1l|tEA|e5KzsGRn2=JoTn6uRyy46Y=0bs1gMEh8e
VDKa1Y6OKyC9JcfkcqHyICC7qJCTdm0rbcy06ATG2i
tEmgBYqQ6Sd8JbpmT6Xht81Tz442HJvhaKzxXnSIqr
sFPIbFw4LbFhyoKnnF6VK0YkjP+H3aYL6A7i81HApf
ZI88X6tdyH2jLQHXRpu0aW8EFdsCdhYSnhsUNKc7Rg
osmh0h74g3I9FRv5NQZj2zg0lzjg2+pXAWjR/MFGRG
xqLfwRf7YDmNjNEJPfI3c16bX/I5aLX8bcwlX4h4TC
RiqXvWVBEO7fxwUUe5cnB201RY2jFOy8tc2cPU+q94
bv2ocvROsP2LXwbyR1rmomvFCkAbETxfM9F3jDO7J7
WQtQOLYX46xILVJo8iltsAoNpNwlzcX+NlKb8odnEm
sepHMEJ9-EAFMuafJ8UzwSeHfPLdYxs3e60k88wjh8|
0ycfyTiA5JYzequT8-Wevc3rFJokdXLbw3gFnqz5yH|
EohRzFxB4Rv2RqmCrTAmIhlFVZSgNVAR7sQcOCzVHZ|
vKUQqKXWklzXS5mt24kLunvQb4dCvGhoQYfI1EPeSY
EOz5SM5JlNOcN4z7C'Acc9V1I53zaOs1oS03D1FkXo|
eyiUuJWgn9Jk9qDwKzobzR7yC9pcAK01lBJAeolZ3b|
g3gVrmD9cena6INnyWpuBt8A9kOhC6UEEQqkBEM8VI|
lkCifs3hegF6bDJ7AEZvssbZoMHywrfhFapxncbW1b
SlSTTcoa17gYPp4e+JEyGumhLjSyibmp6pxtOhhdXt|
0cShlLmneDRYsYqqIhqd5GliFK7VC6wrYMPc9hctet|
ywn0mvQJH9pIoOWA0LM4SEaHg9Om2xaArGy2vWrXEA|
40IssqJeuUqD2FuH44MqzETYJkFWmO5IVmTzgPdDLR
WbAyLD1oiq7tg4x7obsBYACPUddV1tSiNP+ddswH3Y
66tAjAfmICqbebHizUhsJi71WVxugLYwELC/m1b7ca
NbH1W8zm5eXHfyaW1HtfLPRJB6gQ8aHGRfF73LKUz9|
ZmpiWfSbCRLfmNNQV6caaxV6qOQ6MdME5zDDhOLioY
l81tbUNgcTCodzOPTirlql5vYyUcgKIUAxndwVM1JT
wnqma5teMwqrOKO24kPNojQXZcvL9w47wF51F2io9J
3RMY3N4sCMM2M5MpDDyLcZ8Rc6kMyoDh79KTpsefYv
v8hrV7LyQvI7wRIp0D4EMB0t4oUCbdDCeTruLUTvXH|
ezYDv9ZLRruskKiBhCxrnCGnMCOq2wfO0QD38BmS7B
GD0Kjw83re7jcoo9Noow3ftpf6G3XzoGP6yCuvhkUu
3ID5on0KBfi27cHoQ8IK8mwahRd8A==lOL0DwJD0Gk
wJUVA1ZiHL0R0gZPBKu3btTDOwI9ytm5dbhmJJQ1vF
ZkUNe2CehudTGDhO13l7gNGpf7HFpF0rfKraD2qxX0
sIsNZ2ZiuNinFceVMLGWT2MtiSjilo0vLi5Tn9i2Rr
WztE56pqrUYUWmwctiZInBvmqWfTlsKxrkUmFEQbm7
a7ymkg4w4P7q0ld0pHxA15NA48plzhkyt1CW78p4st"""
idxs = [int(c, 16) for c in "BC A2 A8 4F A7 A1 0E F3 F0 6F A4 97 27 B0 EA C5 67 92 83 60".split(" ")]
print ''.join([raw_str[i-1] for i in idxs])

This will give you the password “RrNe3C=TqFWhplHubah1” for the FTP account under the username “exodus”

Once you log in via FTP to the website, you should notice that there is one file to download, called “ee03c8d2493cfad0b9c7ab42722dfa5b.svg”

Here’s what it looks like

This graphical puzzle is the last step before we get an encrypted ciphertext which when we decrypt with a certain key, will lead to the concatenated wallet seed that contains the prize.

To solve this, you must first notice that this is a graphical Dijkstra’s algorithm problem, in which each color in the image has a certain numerical weight associated with it (Orange — 5, Cyan — 2, White-10, Blue-4, Yellow-2, Magenta-3; given by the port service program if you tried to enter the FTP password after the quote) and you must try to find the shortest path between two nodes, starting at the green and ending at the red. Now the way we interpret nodes isn’t by the shapes but rather pixel by pixel.

This will require some basic programming which should give a result similar to the following if you do it correctly. It should also give you a total cost of 328.

Well, now what? The next step is to overlay the block of text on top of this image and see where the path leads!

The next step is to closely make your way down the path, line by line (except those that have | after them) and begin to construct the AES 256 bit encrypted ciphertext. The only exception is that the last line of the cipher text will spill over to start at the beginning and end at “==”

If you do it correctly, you should end up with the following ciphertext

bFhyoKnnF6VK0YkjP+H3aYL6A7i81HApfH2jLQHXRpu0aW8EFdsCdhYSnhsUNKc7Rg3I9FRv5NQZj2zg0lzjg2+pXAWjR/MFGRG3c16bX/I5aLX8bcwlX4h4TCnB201RY2jFOy8tc2cPU+q94momvFCkAbETxfM9F3jDO7J7NpNwlzcX+NlKb8odnEmQb4dCvGhoQYfI1EPeSYZoMHywrfhFapxncbW1b5IVmTzgPdDLRSiNP+ddswH3YYwELC/m1b7ca5zDDhOLioYAxndwVM1JTwF51F2io9J79KTpsefYv8BmS7BuvhkUu3ID5on0KBfi27cHoQ8IK8mwahRd8A==

Now if you use the total cost calculation that we got from finding the least cost path for this maze, “three hundred and twenty eight” as the key to decrypt this ciphertext, you will get the wallet seed!

virusguitaristswelterBradburyoffloadinertianecklaceembezzletroubletypewriterdropperGalvestonrockerunicornstairwaymicrowavestaplertravestyAthenssurrenderdrumbeateverydaychatterbusinessmanmusicmonumentsoybeanracketeerZulucompanyZulutruncatednecklace

CREDITS:

These are the handles of the users from the Decred Slack Channel who helped solve critical parts of the puzzle.

@grubana & @narcelio — morse code from the video 
@johnnyjorege & @pandac — binary from the video & deciphering the result
@yash — password entry on the website
@johnnyjorege scanning and discovering app on port 62217
@pandac deciphering text from port service 
@pandac , @blue_sky_catastrophe inputting quote found from morse earlier
@sham791 —figured out how to dump data from SQLi vulnerability
@blue_sky_catastrophe & @johnnyjorege for getting the FTP password from the block of text
@africanalex — figuring out to start at green, end at red for puzzle image
@sham791 — for discovering the wallet seed

Like what you read? Give Prasanth Venigalla a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.