Hacker Evolution Unofficial Strategy Guide and FAQ by Kasey Chang released May 22, 2007 1 Introduction This section is for "what the FAQ is about" and things like that. Feel free to skip this section. If you like the FAQ, please send me a dollar. :-) See [1.3] This FAQ is about "Hacker Evolution", a "hacking simulation" created and published by exosyphen. 1.1 A WORD FROM THE AUTHOR This is a FAQ and guide, NOT a manual, not that you really need a manual to play this game. Besides, all the commands are listed when you press F1, or type HELP in the console. This USG only covers the PC Version, since this only existed on the PC at time of this guide's creation. 1.2 TERMS OF DISTRIBUTION This document is copyrighted by Kuo-Sheng "Kasey" Chang (c) 2007; all rights reserved excepted as noted above in the disclaimer section. This document is available FREE of charge subjected to the following conditions: 1)This notice and author's name must accompany all copies of this document: "Hacker Evolution Unofficial Strategy Guide and FAQ" is copyrighted (c) 2007 by Kasey K.S. Chang, all rights reserved except as noted in the disclaimer." 2)This document must NOT be modified in any form or manner without prior permission of the author with the following exception: if you wish to convert this document to a different file format or archive format, with no change to the content, then no permission is needed. 2a) In case you can't read, that means TXT only. No banners, no HTML borders, no cutting up into multiple pages to get you more banner hits, and esp. no adding your site name to the site list. [Small exception: a "small" toolbar with no banners embedded is okay. See IGN or Neoseeker for examples.] 3)No charge other than "reasonable" compensation should charged for its distribution. Free is preferred, of course. Sale of this information is expressly prohibited. If you see any one selling this guide, contact me (see below). 4)If you used material from this, PLEASE ACKNOWLEDGE the source, else it is plagiarism. 5)The author hereby grants all games-related website the right to archive and link to this document to share among the game fandom, provided that all above restrictions are followed. Sidenote: The above conditions are known as a statutory contract. If you meet them, then you are entitled to the rights I give you in 5), i.e. archive and display this document on your website. If you don't follow them, then you did not meet the statutory contract conditions, and therefore you have no right to display this document. If you do so, then you are infringing upon my copyright. This section was added for any website that don't seem to understand this. For the gamers: You are under NO obligation to send me ANY compensation. However, I do ask for a VOLUNTARY contribution of one (1) US Dollar if you live in the United States, and if you believe this guide helped your game. If you choose to do so, please make your US$1.00 check or $1.00 worth of US stamps to "Kuo-Sheng Chang", and send it to "2220 Turk Blvd. #6, San Francisco, CA 94118 USA". If you don't live in the US, please send me some local stamps. I collect stamps too. 1.3 VOLUNTARY CONTRIBUTION Gamers who read this guide are under NO obligation to send me ANY compensation. However, a VOLUNTARY contribution of one (1) US Dollar would be very appreciated. If you choose to do so, please make your US$1.00 check or $1.00 worth of stamps to "Kuo-Sheng Chang", and send it to "2220 Turk Blvd. #6, San Francisco, CA 94118 USA". If you don't live in the US, please send me some local stamps. I collect stamps too. For the record, out of ALL the FAQs I wrote (over 60 at last count) over the past ten years or so, I've received exactly 35 dollars and 8 sets of stamps, as of release of this guide. So I'm NOT making any money off these guides, folks. 1.4 HOW AND WHEN TO CONTACT ME PLEASE let me know if there's a confusing or missing remark, mistakes, and thereof... If you find a question about this game that is not covered in the USG, e-mail it to me at the address specified below. I'll try to answer it and include it in the next update. Please do NOT write me for technical support. That is the publisher's job. You can find them at http://www.exosyphenstudios.com Please do NOT ask me to answer questions that have already answered in this FAQ/guide. It makes you look REALLY idiotic. I will NOT answer stupid questions like the ones above unless I'm in a really good mood. If you send questions like that, do NOT expect a reply. The address below is spelled out phonetically so spammers can't use spambots on it: Kilo-Sierra-Charlie-Hotel-Alpha-November-Golf-Seven-Seven AT Yankee-Alpha-Hotel-Oscar-Oscar DOT Charlie-Oscar-Mike To decipher this, simply read the first letter off each word except for the numbers and the punctuation. This is "military phonetics" or "aeronautical phonetics" in case you're wondering. This document was produced on Microsoft Word 2003. Some editing was done with Editpad (editpadclassic.com). 1.5 THE AUTHOR I am just a game player who decided to write my own FAQs when the ones I find don't cover what I want to see. Lots of people like what I did, so I kept doing it. Previously, I've written Unofficial Strategy Guides (USGs) for XCOM, XCOM2:TFTD, Wing Commander, Wing Commander 2, Wing Commander 3, Wing Commander 4, Privateer, Spycraft, 688(I) Hunter/Killer. Mechwarrior 3, MW3 Expansion Pack, Mechwarrior 4, Mechwarrior 4: Black Knight, Need for Speed: Porsche Unleashed, The Sting!, Terranova, Fallout Tactics, Starfleet Command Volume II, DS9: The Fallen, DS9: Dominion War, Driver, Warlords: Battlecry, Monopoly Tycoon, Dungeon Siege, and a few others. To contact me, see 1.4 above. 1.6 DISCLAIMER / COPYRIGHT INFORMATION Exosyphen is the creator and publisher of Hacker Evolution. http://www.exosyphenstudios.com This USG is not endorsed or authorized by exosyphen. The information compiled in this USG has been gathered independently through the author's efforts except where noted otherwise. This document is based on the V1.0.0.1 release. Please note that new releases are available all the time and may add new features, commands, and so on. New "levels" may also become available. This guide covers the "initial release", which contains total of 10 levels. 1.7 HISTORY 23-MAY-2007 Initial release 2 Hacker Evolution General Info 2.1 THE MOST FREQUENTLY ASKED QUESTIONS Q: Can you send me the game (or portions thereof)? A: No. Download the Demo from http://www.exosyphenstudios.com or http://www.exosyphen.com Q: Can you send me the manual? (or portions thereof) A: It's available on the website. Q: Can you tell me how to play the game? A: Read the manual please, and hit F1 for help. Q: How big is the install? A: About 87 megs total Q: Is there a patch? A: Use the auto-update tool. As of this release, it's V1.00.0084 Q: What about some cheat codes? A: Check the last section 2.2 HACKER EVOLUTION HISTORY Exosyphen is a game studio based on Romania that specialized in "hacking sims", basically puzzles that simulates hacking into other computers in order to accomplish several objectives. 2.3 HARDWARE REQUIREMENTS From official website: * Windows ME/XP/2000/2003 or Vista * Microsoft DirectX 8.0 (http://www.microsoft.com/directx/) installed * Pentiumr 1 GHz processor or faster, 512Mb RAM, 200Mb free disk space * DirectX 8.0 compatible videocard w/ 16 MB video memory * Microsoft compatible keyboard and mouse 2.4 HOW DOES THIS GAME PLAY? It's basically a puzzle game wrapped in a "shell" of simulated hacking. The console involves typing, but you can use the TAB key to auto-complete many commands and parameters. 2.5 BUGS AND FIXES The game is very stable and never crashed even once on my test computer. You should get the latest patch via the auto-update tool, and close any extra programs such as virus checker, firewall (unless you're going online), and such before starting the game. That seems to help. 2.6 EXPANSION PACKS? SEQUELS? RELATED TITLES? Exosyphen have many expansion packs planned, many will free to registered users. However, none has been released at this time. 2.7 SOME COMMON SUPPORT ISSUES None at this time. There are some reported incompatibilities with WinVista, but none has yet been confirmed. 3 Interface 3.1 PLAY SCREEN Upper right is a "control panel" with the "mission clock", as well as diagram of your computer, progress of a certain task such as decrypt, crack, or download / upload. It also shows predicted trace time, if any, and how many bounces are you using. Lower right is the message pane, where "e-mails" and other messages will appear. Upper left is the main view window, which shows you all the servers visible so far (which is probably NOT all of them) and your current bounce configuration, if any. Click on a host to toggle bounce on-off. Lower left is the console, where you can type in commands to execute various hacks, upgrade your PC, and so on. Please type in HELP or hit F1 to see the help screen. 3.2 CONSOLE COMMANDS Please check the downloadable manual from exosyphen.com for full documentation. This is a quick summary only Help displays help screen Scan checks if host is active. If yes, displays stats about the host Connect connects to the host specified, default port is 80, or specify other ports Logout closes the connection Ls also "dir", shows what's on the server at this port Cat displays the file on the console, even binary stuff. Download downloads file to your local server. Must have enough space Upload uploads file from your localhost to connected server Exec used to run a program, usually exploit, Clear clear the console screen Decrypt break the encryption of the server, depends on CPU speed Crack break the password of the server service, depends on CPU speed Transfer transfers $$$ to your computer. Server must be fully hacked (every port) as well as decrypted to give money Abort use abort to stop transfer, upload, download, decrypt, or crack attempts, usually before the trace completes Config displays your computer config and affected "factors" Upgrade displays upgrade info. Add one of the part codes to actually perform the upgrade Delete delete the file on the current machine (localhost if you're not logged into anyone) NOTE: 1.00.0084 adds a few commands, namely DOWNGRADE, BOUNCE and UNBOUNCE. You may wish to consult the README file for that version. They are not necessary to finish, but they sure add a certain flavor to it. 3.3 GENERAL GAMEPLAY FAQS Q: How do you save a game? A: You don't. Game is automatically saved. Each level should last no more than 1 hour, usually 20 minutes or so. Q: I think I did something really wrong. How do I restart a level? A: Hit ESC and quit out of the current level. Load your profile again and it'll restart at the current "level". 4 Hints and Game Mechanics 4.1 GENERAL HINTS * As a "hacker" you must learn to look for EVERY last bit of information, in the most unlikely places. * Every host is valuable. So acquiring hosts to break and serve as bounce points is of the utmost importance. * Many hosts also have $$$, which are required for killtrace runs and equipment improvements. * Browsing files not only can locate you more host names, it can also reveal passwords, (or hints to some passwords), even instructions on how to use certain exploits, commands, and bin files. Thus CAT every file you come across, encrypted or not, binary or not. In the files lie the clues, be it passwords or host names. * Most servers will give you a line or two of text, sometimes a full screen, when you login. That often tells you about other hosts. * e-mail address contains a domain name, don't forget this! * Dot-hackers.net is a good place to find exploits... if you can get in. * You want to minimize the number of "crack" attempts, as those raise your trace level by 15% each run. So every 2 crack attempts you run, you need to run killtrace 3 times. Use exploits or any other method before using a crack. * Study what's protecting what, then consider the attack-plan. Go through the weak spots. Use the minimum amount of bounce(s) needed for enough time. * Spread out your bounce attempts among multiple bounce hosts whenever possible. If you use one up you can't do a "double bounce" later. * Do NOT crack servers and services that you do NOT need. Money is a FINITE asset in this game. * Do NOT over-upgrade your hardware. That money may be needed to run killtrace before end of mission. * If you see a mission objective that says to reduce trace level below a percentage, save your $$$. You can always upgrade at the beginning of next mission. * RESET LEVEL: If you ever gotten into a situation where you are at a DEAD END, there's no money to be had, but you need to reduce your trace level, or your level's so high you can't do anything, clearly something went wrong. It's time to "reset" the level and start over. Hit ESC and quit the level, then load your profile again. There are exceptions: a) use a cheat code, or b) use the V.084's "downgrade" commands to sell off some hardware and raise some capital 4.2 FINISHING HARDWARE I finished the game without the V0.84 update, so it is quite possible. Here's the equipment I finished level 9 with: * 2 x 2 GHz CPU * 3 GB of RAM * standard 1 MBit modem * Level 1 firewall Thus, again, do NOT spend too much money on upgrades. 4.3 HARDWARE TECHNICAL DATA Every GHz of CPU will reduce the amount time needed for decryption or password cracking. Two separate 2 GHz CPU is same as a single 4 GHz CPU for this purpose. We'll just call it 4 GHz of CPU power. 4 GHz of CPU power will do things 4 times faster than 1 GHz of CPU Power. RAM is needed to store things. It does not affect speed. There are some files in the higher levels levels that need 3 GB of QRAM to store. You'll know when you see it. Firewall multiplies the trace time by a set factor. I think level 1 multiplies it by 1.5, and level 2 multiplies it by 2.0, though it could be 2.0 and 3.0 respectively. So essentially it gives you more time to complete your crack or decryptions, and transfers. Use the CONFIG command to see your current "hardware multipliers". NOTE: V84 or later of H-Evo have a "downgrade" command that allows you to trade-in older CPU and RAM and such for 90% value back. It is not really needed, but it is very much appreciated as it allows you to recover from a "dead-end" situation. 4.4 TRACE TIME Trace time is calculated by number of bounces and firewall levels. Base time is about 14 seconds (no firewall). Additional bounces will gain you extra 14 seconds or so per bounce. Multiply that by the firewall factor, and you get the overall trace time. (Estimated, not real formula) 4.5 TRACE LEVEL Trace level is a set value that depends on your actions. * Successful crack 15% * Successful decrypt 5% * Scan host that doesn't exist 1% * Exec exploit 1% * You have been traced 50% If your trace level reaches 100% you lose the level and must start over. It costs $500 to reduce your trace level by 10% by the KILLTRACE command. Thus, you should NEVER allow yourself to be traced. Abort out of traceable processes if you see that it's NOT going to finish in time. You may waste the bounce count, but it's better than getting traced and lose the entire level soon after. Watch time limits carefully. Even if your process finishes just 0.2 seconds before the trace, you are still safe. 4.6 SCORING Score is computed by following: * # of passwords cracked * # of servers decrypted * # of servers taken over (i.e. full access) * Amount of money transferred * Time left on clock (bonus amount of 300 decreases at 10 pts per minute) EX: If you finished at 20 minutes, your bonus is 100 pts (300 - 20*10 = 100) * Bonus conditions, including 0% trace level (extra 500 pts), found all hosts (extra 500 pts), dynamic difficulty, and more. 5 Level Hints 5.1 TUTORIAL Please just follow the on-screen instructions. Remember to grab ALL the money you can, not just that $1000 as required. However, there is a way to get maximum amount of money, and that means you can't follow the instructions step by step, but instead, finish the objectives a bit OUT of order. Q: What do you mean by "out of order?" A: Do the 2nd objective first. Host name is already given. Use that host to crack the first one w/o getting traced. 5.2 LEVEL 1: THE BEGINNING Please follow the walkthrough in the manual, which can be downloaded from http://www.exosyphen.com Q: Where are the other hosts? How do I find them? A: Host names can be hidden in the most innocuous places: inside files (even binary files), in the login / welcome prompts, on the homepage, and so on and so forth. Q: Can you be more specific? A: Explore the unprotected ports, surf around, and look for domain names. Once you found a few, see that they lead you. Q: So what do I do with the connection.log file? A: Read it, then upload it to the FSA server. Follow the e-mail's instructions! 5.3 LEVEL 2: XENTI SPACE STATION Q: What is a trojan? A: A trojan, in the computer world, is a program that looks innocent and harmless, but actually does bad things behind the scenes. Q: I can't crack / decrypt fast enough! Help? A: Time for a hardware upgrade, I guess. Or use more bounces. Q: Should I accept the trade offer from dot-hackers.net? A: Absolutely. You can use the money, always. Q: But which terminal hacked us? A: Read connection.log very carefully, check each and every host. How do you know if one exists, or not? Q: How do you get rid of the trojan? A: Just "DEL" it. 5.4 LEVEL 3: CHECKPOINT Q: What does the first objective really mean? A: "Scan sec.interlink.net", then you should understand. Q: Now what? A: Do you accept the offer from dot-hackers.net? Q: Let's say that I do? A: You miss out on some money, but you get a shortcut to the source. Q: And if I don't? A: You'll need to crack a host to get more clues, but you arrive at the same spot, albeit via longer route, and a wee bit more money. Q: I got the machine used to crack. Now what? A: CAT everything, you should find the bank statement and thus the account number. Q: How do I stop the trojan and restore connectivity? A: You did try to CAT the .BIN files, right? It tells you so in one of them. 5.5 LEVEL 4: NOTHING IS RANDOM Q: How do I crack that atm? I can't crack that 8-char password w/o getting traced! A: Instead of attacking the link, why not attack the atm directly? Q: I found the transaction.log, but I can't download it! I don't have enough space! A: Time to upgrade your hardware! (Or delete some stuff on localhost) Q: So where is this account transaction server? A: Perhaps the objective is a bit too literal. Example: if account is ab12345, then server is ab12345.bank.com Q: So how do I get rid of this trojan? A: Delete the file. That's it, really. Q: Where is that extra host on this level? A: Log into the bank server and look around carefully. You may notice something. 5.6 LEVEL 5: RUNDOWN Q: Uh. which firewall should I start with? A: The one with the lowest payoff, probably. It's likely the easiest to crack. Q: Argh! I can't even crack that one! Help! A: Maybe it's time for another CPU upgrade. Q: Help! I ran out of bounce hosts! A: *Sigh* start the level over. Spread out the bounce uses so you always have two hosts remaining in case you need a double-bounce. Q: Where is the serverfreeze.code? A: It's in a firewall server. Q: But I checked all four of them! What are you talking about? A: Perhaps you should read the welcome prompts again, this time VERY carefully. Q: I still don't get it. There are MORE than four firewall servers? A: There are actually 5. Q: Where's the backup server? A: Read some code and you'll find it. Q: What code? A: That code you're supposed to delete. Q: But I deleted it already! Help? A: Too bad. Restart the level! Q: Where can I find more money? A: In the "other" firewall server. The "other" way to find it is by reading some code. 5.7 LEVEL 6: THE CHASE Q: I found the wi-fi node he used. Where is he now? A: Perhaps, you should check for travel arrangements. Q: I found the airline, but they don't seem to have wi-fi. Now what? A: Appearances *can* be deceiving. Q: How do I cancel the flight reservation? A: Read the INFO file. Q: I found his IP address. Now what? A: Scan it. Q: But there's nothing there! A: Are you at the CORRECT wifi node? Q: His file is too big! How do I download it? A: Upgrade your RAM to 3 GB Q: What is the monitor trojan? A: It's that monitor.bin you've used before. Q: Where can I find monitor.bin? A: There are at least TWO hosts that have it. 5.8 LEVEL 7: D‚J… VU Q: Where is dot-hackers.net? A: Look at that e-mail you got. Q: Where can I get some money? A: See previous hint. Q: Why doesn't the x-filemanager.exploit work? A: You got the wrong version of it. CAT it. Look for another one. Q: I checked auth.nphone.com and it leads me nowhere. Help? A: You forgot to check the files in that place you were at. 5.9 LEVEL 8: THE MAZE Q: Uh, where do I start? A: At the email from "John Davis" Q: I don't get it. Please explain? A: E-mail has a domain name too. Q: I got that. Now what? A: Let's just say it must start at the leftmost side, and is the easiest to hack. The other hint is. you should have started YESTERDAY, as the e-mail says! Q: Huh? What about yesterday? A: Today is the December 29th, in the game. So yesterday is __ Q: Got that, but I don't understand the first hint. A: Download the hint, and you'll see. Q: You mean the constant? A: Yes, the constant is the hint. Q: Same at the next hint? A: Yes, the constant is the hint. Q: Next is largest and smallest. Is it that simple? A: Yes, it really IS that simple. Q: I don't get the assembly language hint. Help? A: Just take a piece of paper, make 2 columns. A, and B. And try to follow the instructions, and do it. Q: Is the last hint as easy as I thought it was? A: Yes it is. Q: Ack! I made a wrong turn and hacked the wrong server! What do I do now? A: Reset the level. There's very little extra money and you must make the right decision every step of the way. 5.10 LEVEL 9: END Q: Uh, where do I start? A: Same as last level. with the e-mail. Q: But, there's nothing really there. A: Look again, VERY carefully. VERY similar name. Q: Okay found it. Where are the firewalls? A: Look CLOSER at the second one. Q: Got that. Where's the AI core server though? A: You didn't pay attention, did you? Check each firewall again. Q: What order should I assemble the strings for the password? A: What order did you see the stuff listed? Q: I tried that order and it doesn't work! Help? A: Reverse the hierachy 6 Level Walkthrus 6.1 TUTORIAL 6.1.1 Full objectives list NOTE: Objectives need NOT be completed in order given. 1) Hack into the [core.hacker-evolution.com] server. The server has one open port(80) on which you must gain access. (Tip : use the CRACK command) 2) Obtain $1000 in your money balance. Money can be obtained, by transferring it from hosts that have a positive money balance. 3) Download the connection configuration file from [atm.hacker- evolution.com] 4) Hack into the [hacker-evolution.com] server ftp service. Note : Follow the instructions on how to do this with an exploit, rather then cracking it. 5) Hack into the [ssl.hacker-evolution.com] server. The server has one open port(80) on which you must gain access. (Tip : use a bounced link, to avoid getting traced.) 6) Hack into the [user.hacker-evolution.com] server. The server has one open port(80) on which you must gain access. (Tip : you must find the password and use the LOGIN command.) 7) Reduce your trace level below 50%. You can achieve this by using the KILLTRACE command. 6.1.2 General Strategy You don't need one for the TUTORIAL level, do you? Keep in mind that if you follow the instructions to the letter, you WILL be traced. This spikes your "global trace level" by 50%. When it reaches 100%, you are "caught" and it's game over. This is supposed to teach you that it's NOT always "game over" if you got traced. If you rather NOT get traced, then follow walkthrough, which will give you max money and minimum trace levels. 6.1.3 Walkthru You don't need one for the TUTORIAL level, do you? However, to get the most money and least trace amount, you'll need to do something slightly different from the script. From now on, the main commands are listed first, followed by ## for comments. Example type these in up to the ## do not type these, as these are just explanations The only exceptions are the BOUNCE commands. Not all versions support console bounce commands, so please grab your mouse and select the bounce servers on the map if your version does NOT. Unbounce all means remove all bounce points. Scan atm.hacker-evolution.com ## this is NOT cheating since ## the hostname was given as an objective Decrypt atm.hacker-evolution.com Connect atm.hacker-evolution.com Transfer 1000 ## Objective 2 complete ## NOTE: Repeat transfer money until you get ALL the money Ls ## check which files are here Download connect.config ## Objective 3 complete Logout Bounce 1 ## add any valid bounce so you have 1 bounce ##(right now, just atm.hacker-evolution.com) Crack core.hacker-evolution.com ## now you can crack ## the server w/o traced Unbounce all Connect core.hacker-evolution.com ## objective 1 complete Ls Download heftpd.exploit ## any exploit is worth downloading Cat autoexec ## nothing important Cat passwd ## remember this password, pass945 Scan user.hacker-evolution.com Exec heftpd.exploit hacker-evolution.com ## objective 4 Logout Login user.hacker-evolution.com pass945 ## objective 6 Bounce 2 ## add any 2 hosts for bounce Crack ssl.hacker-evolution.com ## objective 5 Killtrace ## repeat as needed to complete objective 7 6.1.4 Full server list core.hacker-evolution.com atm.hacker-evolution.com hacker-evolution.com ssl.hacker-evolution.com user.hacker-evolution.com 6.2 LEVEL 1: THE BEGINNING Please follow the walkthrough in the manual. 6.2.1 Full Objectives List 1) Retrieve the connection log file from the New York Exchange server, in order to be able to identify the source of the attack. 2) Identify the server used to remotely connect to the New York Exchange server. You can do this by investigating the [connection.log] file 3) Upload a copy of the [connection.log] file to the FSA fileserver. 4) Retrieve the users log file from the server that was used to remotely connect to the New York Exchange server. 5) After identifying the user from the log file from above, download his/her profile file from xenti.com, and upload a copy to the FSA fileserver. 6.2.2 General Strategy We will investigate the ny-exchange.com server a bit, to locate any clues to external servers. Once we located some more hosts, we can use those as bounce hosts to crack ny-exchange and get inside. You may want to buy Firewall level 1 before you embark on actual hacking. It slows down traces. 6.2.3 Walkthru connect ny-exchange ## let's see what's there now. ## notice there's a "designed by xenti-design,com" sig? ls ## notice the index.new? cat index.new ## notice the bottom, that says ## "defaced by dot-hackers.net"? logout scan xenti-design.com ## on the map, and unprotected! connect xenti-design.com ## that will "take it over", ##so to Logout Scan dot-hackers.net ## they're now on the map! decrypt dot-hackers.net crack dot-hackers.net connect dot-hackers.net ls ## let's see what they have. download x-filemanager.exploit ## very useful, as ##ny-exchange.com runs x-filemanager! transfer 2000 ## transfer enough NOT to trigger the ## full trace, repeat until you get all the money logout exec x-filemanager.exploit ny-exchange.com ## that breaks the other service on server connect ny-exchange.com 99 download connection.log ## objective 1 complete! logout connect files.fsa.gov 81 upload connection.log ## objective 3 complete logout cat connection.log ## read it, and scan the various terminal names. Only one exists. terminal-83 scan terminal-83.xenti.com ## objective 2 complete! bounce 1 ## add hosts so you have 2 valid bounces decrypt terminal-83.xenti.com ## terminal-83 has hefty encryption and you need two bounces to prevent getting traced. unbounce all crack terminal-83.xenti.com ## leave a bounce point if your CPU can't handle it del connection.log ## we don't need the local copy any more, and we need the space connect terminal-83.xenti.com download users.log ## objective 4 complete logout cat user.log ## if you study the timing of the attack vs. the users.log, tjohn is the culprit. bounce 2 ## any two bounces decrypt xenti.com ## again, big encryption needs two bounces at least unbounce all bounce 1 ## just 1 bounce needed to crack password crack xenti.com 210 ## leave one bounce to crack the password unbounce all connect xenti.com 210 download tjohn.profile logout killtrace ## repeat until satisfied connect files.fsa.gov 81 upload tjohn.profile killtrace ## repeat until you use it all up or reach 0%, whichever you prefer 6.2.4 Full Server List ny-exchange.com dot-hackers.net xenti-design.com terminal-83.xenti.com files.fsa.gov xenti.com 6.3 LEVEL 2: XENTI SPACE STATION Control Center to all satellites and space station was lost. Must restore connection and find culprit. 6.3.1 Objectives 1) Retrieve the connection log file from the Xenti Corporation Control Center, in order to be able to identify the source of the attack. 2) Find the trojan that has been injected in the kernel services, on the Xenti Corporation Control Center, and delete it. 3) Go back to xenti.com. There should be a log file to show who made the last changes there. Retrieve a copy of that logfile and upload it to our server (files.fsa.gov) 4) Identify the server used to connect to xenti.com, to create the new employee profile. 6.3.2 General Strategy Control center itself is protected. We need to find many outside hosts for bounce and such before starting our actual attack. 6.3.3 Walkthru ## There may be sections that I forgot to include a bounce. By now you should be able to tell if ## a task needs a bounce, or not. You be the judge. It can probably be done with lower CPU by ## bouncing more often, but I prefer to use a faster CPU instead. Scan dot-hackers.net ## check on our old friends Upgrade cpu0 ## let's add a 1GHz CPU to help us crack passwords faster Crack dot-hackers.net ## they always store the exploits in the port 80 server Connect dot-hackers.net Ls Download x-filemanager.exploit Logout Decrypt xenti.com ## nothing else to do, may as well start on xenti.com Crack xenti.com 210 Killtrace ## repeat until comfortable with the level Connect xenti.com 210 Ls Cat history.log Download history.log Logout Connect files.fsa.gov 81 Upload history.log Logout ## objective 3 is complete Exec x-filemanager.exploit control-center.xenti.com ## let's see where this leads. Connect control-center.xenti.com 99 Ls Download connection.log Cat connection.log ## should have gotten the offer from dot- hackers.net Logout ## objective 1 is also done Connect dot-hackers.net 99 Upload connection.log Logout ## got the host atm.ce-bank.com Scan atm.ce-bank.com Decrypt atm.ce-bank.com Crack atm.ce-bank.com Connect atm.ce-bank.com Ls ## always LS a server and CAT all the files. Nothing interesting in this one, but you'd never know! Transfer 2300 ## with a level 1 firewall, it takes 24 seconds to complete a trace, so you can transfer 2300 and have 1 second to spare. Logout ## repeat transfer until done Killtrace ## spend a bit of that money, repeat until satisfied Cat connection.log ## study this very carefully. SCAN each of the terminals available. Scan terminal-83.xenti.com ## we know this one is there. Scan terminal-84.xenti.com ## aha! Objective 4 complete Crack control-center.xenti.com 200 Connect control-center.xenti.com 200 Ls Delete tj.bin ## the only file here, nothing interesting in it either if you CAT it Logout ## as you delete it, you've completed objective 2! Killtrace ## repeat as needed to end the level, or just wait 6.3.4 Full Server List control-center.xenti.com dot-hackers.net atm.ce-bank.com terminal-83.xenti.com terminal-84.xenti.com xenti.com files.fsa.gov 6.3.5 Bonus items If you had hacked into the dot-hackers.net email port, and checked their email, you'll find that perhaps who you thought was working for the FSA, is not who you think it is. 6.4 LEVEL 3: CHECKPOINT You have reasons to suspect that perhaps this John Davis at the FSA was not who says he is. Are there clues out there? 6.4.1 Objectives 1) Retrieve the connection log file from the Interlink server, (Note : cracking won't work. Try to get the password from their secure authorization server) 2) Find the bank account number of John Davis. (Contained in a bank document). (Note : There is an easy way, and a more difficult and rewarding way as well.) [Download the statement!] 3) Retrieve a copy of the kernel monitoring program used by John Davis 4) Reestablish the links on the interlink server (step 1 of the objective) 5) Reestablish the links on the interlink server (step 2 of the objective) 6.4.2 General Strategy All depends on interlink.com. Once we break that, the rest will fall in easily enough. The trick here is to use the bare minimal way to locate what needs to be done. Though there are alternate ways available. There may be sections that I forgot to include a bounce. By now you should be able to tell if a task needs a bounce, or not. You be the judge. It can probably be done with lower CPU by bouncing more often, but I prefer to use a faster CPU instead. 6.4.3 Walkthru (the easy way) NOTE: If you do it this way, you will miss one of the servers available. However, it is faster and has less hassles. Scan interlink.net Scan sec.interlink.net Scan dot-hackers.net Decrypt sec.interlink.net Crack sec.interlink.net 55 Connect sec.interlink.net 55 Ls Cat passwd ## aha, password! Transfer 1500 Transfer 1500 Logout Login interlink.net twde3546mfrg Decrypt interlink.net Connect interlink.net 150 Ls Cat connection.log ## hmmm. terminal-83 again! Download connection.log ## that's objective 1! Scan terminal-83.xenti.com Logout Killtrace ## repeat as needed Connect dot-hackers.net 99 Upload connection.log Scan xterm.xenti.com Logout Crack dot-hackers.net Connect dot-hackers.net Ls Download x-filemanager.exploit Logout Ls Del connection.log ## we need the space Decrypt xterm.xenti.com Crack xterm.xenti.com 23 Connect xterm.xenti.com 23 Ls Cat activity.log Cat e-recript.doc ## hmmm. that's an account number! Cat host.id Download e-receipt.doc ## that's objective 2! Logout Crack xterm.xenti.com 151 Connect xterm.xenti.com 151 Transfer 2000 Upgrade mem0 ## we can use the extra capacity now for more stuff Ls Cat monitor.bin Download monitor.bin ## objective 3! Cat xconmanager.bin ## aha! So to restore, just delete this and put in the other file, eh? Cat conmanager.bin Download conmanager.bin ## we need this to restore function Logout Crack interlink.net 152 Connect interlink.net 152 Ls ## as expected, xconmanager.bin is here! Del xconmanager.bin ## objective 4! Upload conmanager.bin ## objective 5! Killtrace ## repeat until mission ends 6.4.4 Walkthru (the rewarding way) Scan interlink.net ## note the 2nd port open Scan sec.interlink.net Decrypt sec.interlink.net Crack sec.interlink.net 55 Connect sec.interlink.net 55 Ls Cat passwd ## aha, password! Transfer 1500 Transfer 1500 Logout Login interlink.net twde3546mfrg Decrypt interlink.net Connect interlink.net 150 Ls Cat connection.log # hmmm. terminal-83 again! Download connection.log ## get notice from dot-hackers.net, still around! Scan dot-hackers.net ## just to check on an old friend Scan terminal-83.xenti.com ## that's in the log Logout Killtrace ## repeat as needed Connect dot-hackers.net 99 ## consider NOT do it, it's up to you. Upload connection.log ## when it's done, you get xterm.xenti.com back Scan xterm.xenti.com Logout Crack dot-hackers.net Connect dot-hackers.net Ls Download x-filemanager.exploit Logout Ls Del connection.log ## we need the space ## note, this is where the path diverges. We don't need the stuff in the xterm.xenti.com to proceed Decrypt terminal-83.xenti.com Crack terminal-83.xenti.com Connect terminal-83.xenti.com Ls Cat users.log Cat remote.log ## new host found! Scan ns1.sdb.com Logout Decrypt ns1.sdb.com Crack ns1.sdb.com 79 Connect ns1.sdb.com 79 Ls Cat incoming.log ## hmmm. xterm.xenti.com Transfer 2200 ## repeat until you drain the money! Killtrace ## repeat until you're satisfied! Logout Scan xterm.xenti.com Decrypt xterm.xenti.com crack xterm.xenti.com 23 connect xterm.xenti.com 23 ls cat activity.log ## wow, access from here, and the destination is crippled. There's a bank too. Why? Cat e-receipt.doc ## the account number! Download e-receipt.doc Cat host.id ## nothing here Logout Crack xterm.xenti.com 151 Connect xterm.xenti.com 151 Transfer 2000 Upgrade mem0 ## we can use the extra capacity now for more stuff Ls Cat monitor.bin Download monitor.bin ## objective 3! Cat xconmanager.bin ## aha! So to restore, just delete this and put in the other file, eh? Cat conmanager.bin Download conmanager.bin ## we need this to restore function Logout Crack interlink.net 152 Connect interlink.net 152 Ls ## as expected, xconmanager.bin is here! Del xconmanager.bin ## objective 4! Upload conmanager.bin ## objective 5! Killtrace ## repeat until mission ends 6.4.5 Server List interlink.net sec.interlink.net terminal-83.xenti.com dot-hackers.net xterm.xenti.com ns1.sdb.com 6.5 LEVEL 4: NOTHING IS RANDOM Latest server to crash is Central Bank of Asia. Investigate the crash. It's all related, but how? 6.5.1 Objectives 1) Retrieve the connection log file from the Central Bank of Asia server. 2) Retrieve the transaction log file from the Central Bank of Asia server. NOTE: There are two ways to gets this, and the way suggested in the Objectives is NOT the best way! 3) Use the corresponding account number to identify the bank account interface server from a suspicious transaction. The server name format is : [ACCOUNT].bank.com EX: if account is ab12345, then server is ab12345.bank.com 4) Find the trojan that has been injected in the kernel services, on the Central Bank of Asia, and delete it. 6.5.2 General Strategy First we shall check what connections are available from cb- asia.com itself, then we'll explore some old friends and see where they lead, and then see if their paths cross. I recommend CPU upgrade now, if you didn't get one in level 3. There are two ways to get the transaction log. 1) If you got the connection log, and upload it to dot-hackers.net, you'll get a hit about hacking into the hash server and download the hash, which contains pieces of the password into the transaction server, which would contain the transaction log. 2) Or you can just grab the transaction_server.exploit from dot-hackers.net (you'll need to crack their port 80 first) and use that on the transaction server. I prefer the latter, as it also leads you to the black-haxors.com sidequest, though you're welcome to use whichever you find convenient. 6.5.3 Walkthru ## There may be sections that I forgot to include a bounce. By now you should be able to tell if ## a task needs a bounce, or not. You be the judge. It can probably be done with lower CPU by ## bouncing more often, but I prefer to use a faster CPU instead. Scan cb-asia.com ## notice one of the entries is a link to atm? That's $$$ Scan atm.au-bank.com.au Decrypt atm.au-bank.com.au Crack atm.au-bank.com.au Connect atm.au-bank.com.au Transfer 2000 Transfer 2000 Logout ## you should have plenty of money now, so let's spend a little Upgrade cpu0 ## 2 GHz of CPU will help us crack passwords and decrypt things faster Scan dot-hackers.net ## our friends are still around Crack dot-hackers.net ## our faster CPU now comes in handy Connect dot-hackers.net ## let's see what they got. Ls Cat news.txt ## free money at the other place, who can resist? Scan black-haxors.com ## now they're on the map, worry about them later Download x-filemanager.exploit ## every exploit is needed somewhere Download transaction-manager.exploit Logout Decrypt black-haxors.com Crack black-haxors.com ## this cracks the port 80, 1 more to go Exec x-filemanager.exploit black-haxors.com Connect black-haxors.com Transfer 2000 Logout Killtrace ## repeat as necessary to reduce trace level to reasonable levels Decrypt cb-asia.com ## back to target Scan cb-asia.com ## didn't we see transaction-manager somewhere before? Aha! Exec transaction-manager.exploit cb-asia.com Connect cb-asia.com 100 Ls ## there's the log file, but it's HUGE! Upgrade mem0 ## don't overupgrade, we may need the $$$ later this level Download transaction.log ## completes objective 2 Logout ## you'll get an e-mail message Connect dot-hackers.net 99 Upload transaction.log ## may as well see what they have to say about it Logout ## got another message, let's login and read their analysis Login dot-hackers.net tsdf2324nfdf3233 Cat report.doc ## interesting analysis. No need to download it though. Logout Crack cb-asia.com ## default is port 80 Connect cb-asia.com ## note that they have a "contact us" address of ns.cb-asia.com as well Ls ## and there's objective 1! Download connection.log ## objective 1 complete! Cat connection.log ## spot any new hosts? Dot-hackers want a copy too Scan ns.cb-asia.com Scan terminal-83.xenti.com ## note that you do NOT have to crack this host Logout Connect dot-hackers.net 99 Upload connection.log Logout ## you should get the instructions on how to get the password from hacking the hash port ## but we already have the transaction log, so no need to hack the hash server at all. Cat transaction.log ## look at the huge amount of one transaction. check if that account server exists. Scan ch548755.bank.com # objective 3 complete! Decrypt ns.cb-asia.com ## let's get some more $$$, but this is technically optional Crack ns.cb-asia.com Ls Transfer 2000 Transfer 2000 Logout ## one last item remains. Crack cb-asia.com 200 ## we need to get into kernel_services Connect cb-asia.com 200 Ls ## only one file there, tj.bin, which makes sense, according to connection.log Del tj.bin ## objective 4 complete! Killtrace ## repeat as necessary 6.5.4 Alternate Walkthru Once you've retrieved the connection.log and uploaded it to dot-hackers.net, you will get e-mail hint about how to retrieve the password from the hash server. I personally find it better to crack dot-hackers.net, retrieve their exploits, and use them on whatever servers I find convenient, thus avoiding the need for the hash server at all. However, should you choose NOT to crack dot- hackers.net (and miss out on a sidequest) here's the solution given. Basically, hack the hash server on the bank, and you'll get a file "hash", which contains this: sdsd 3434 ddfd dasd txty dsdd xcef 3342 edcv qwsa 4322 dssd sads dwed 1324 dedx fdsz dsds ewwe sdsd Apply the hint given to you in the e-mail, you highlight [ ] the hash you need to assemble. sdsd 3434 ddfd dasd [txty] dsdd xcef 3342 edcv [qwsa] 4322 dssd sads dwed [1324] dedx [fdsz] dsds ewwe sdsd Voila! The password is `txtyqwsa1324fdsz' 6.5.5 Full Server List cb-asia.com ns.cb-asia.com terminal-83.xenti.com dot-hackers.net ch548755.bank.com black-haxors.com atm.au-bank.com.au 6.6 LEVEL 5: RUNDOWN Time to hack the Xenti AI server, and destroy it. However, it's protected by 4 firewall servers. We need to crack all four. Each spits out a part of the password when cracked. Assemble the password and we can get into the server. We'll need to find the serverfreeze.code as well, and hack the backup to make sure they don't have any. 6.6.1 Objectives 1) Hack into the Xenti Corporation's central server 2) Delete the core code file from the Xenti Corporation central server 3) Find and upload the serverfreeze.code file to the Xenti Corporation central server 4) Hack into the Xenti Core backup server 5) Reduce your trace level below 20%. You can achieve this by using the KILLTRACE command. 6.6.2 General Strategy Please note objective 5. save your money for this specifically. Remember, URLs can be hidden in the most innocuous of places. Of the four firewalls, one is the easiest, so start with that one. Then use that to attack the others. Remember to transfer the money! You MAY want to get a CPU upgrade to 3 GHz total now. 3 GHz / FWL1 is good for cracking 16 char w/o bounce, or 512 bit encryption keys. Any more than that and you'll need bounces. 6.6.3 Walkthru ## There may be sections that I forgot to include a bounce. By now you should be able to tell if ## a task needs a bounce, or not. You be the judge. It can probably be done with lower CPU by ## bouncing more often, but I prefer to use a faster CPU instead. ## you may want to upgrade CPU now, as money should be plentiful from previous mission Decrypt firewall-2.xenti.com ## we start on firewall-2 because it's only 512 bit encryption Crack firewall-2.xenti.com 399 Connect firewall-2.xenti.com 399 Transfer 500 Logout Bounce 1 # add bounce to decrypt 1024-bit encryption Decrypt firewall-1.xenti.com Unbounce all Crack firewall-1.xenti.com 399 Connect firewall-1.xenti.com 399 ## note that the login says firewall.xenti.com!!!! Transfer 1000 Logout Killtrace ## as necessary Scan firewall.xenti.com ## aha! Extra money!!!! Worry about it later! Bounce 1 Decrypt firewall-4.xenti.com Unbounce all Crack firewall-4.xenti.com 399 Connect firewall-4.xenti.com 399 Transfer 1500 Logout Killtrace ## as desired Bounce 2 ## this requires 2 bounces, as it's 2048-bit encryption Decrypt firewall-3.xenti.com Unbounce all Crack firewall-3.xenti.com 399 Connect firewall-3.xenti.com 399 Transfer 2000 Logout Bounce 2 Decrypt core.xenti.com Unbounce all ## assemble the password in the order it was given Login core.xenti.com 11111111999999992222222277777777 Connect core.xenti.com 401 Ls Logout ## nothing here, we need money to continue, hack firewall.xenti.com Scan firewall.xenti.com Decrypt firewall.xenti.com Crack firewall.xenti.com Ls Download serverfreeze.code Transfer 2000 Transfer 2000 Logout Bounce 1 ## crack 32-char password Crack core.xenti.com 402 ## objective 1 complete Cat core.code ##note that there's a reference to firewall.xenti.com if you didn't see it earlier ## as well as a reference to nessie.core- xenti.com Scan nessie.core-xenti.com Upload serverfreeze.code ##objective 3 complete Delete core.code ## objective 2 complete Logout Bounce 2 Decrypt nessie.core-xenti.com Unbounce all Bounce 1 ## make sure the 32-char password is hacked Crack nessie-core-xenti.com 210 ## objective 4! Connect nessie.core-xenti.com 210 Transfer 1000 Logout Killtrace ## repeat as needed to go below 20%, perhaps even 0% ### You win when you go below 20% which is objective 5 6.6.4 Server list firewall-1.xenti.com firewall-2.xenti.com firewall-3.xenti.com firewall-4.xenti.com core.xenti.com firewall.xenti.com nessie.core-xenti.com 6.7 LEVEL 6: THE CHASE We need to find John Davis. Figure out how he's connecting to the net, and see if it's possible track him down. 6.7.1 Objectives 1) Find the wireless router which John Davis uses to connect his laptop to the Xenti network. Retrieve the DHCP table from it, to identify the name of his notebook. 2) Find John Davis's laptop, hack into it and retrieve the archive containing his files. Upload a copy of it, to the dot- hackers.net server 3) Inject the monitoring trojan into John Davis's laptop. There isn't a copy of it available at hand, so you must find one. 4) Cancel John Davis's flight reservation. 5) Reduce your trace level below 20%. You can achieve this by using the KILLTRACE command. 6.7.2 General Strategy You knew which hosts he used to hacked. There must be a trail somewhere. So chase those down, and see where they lead. They should lead in all sorts of directions. Remember, one of the requirements is reduce trace level, so only upgrade when it MUST be done! 6.7.3 Walkthru ## There may be sections that I forgot to include a bounce. By now you should be able to tell if ## a task needs a bounce, or not. You be the judge. It can probably be done with lower CPU by ## bouncing more often, but I prefer to use a faster CPU instead. Scan dot-hackers.net Decrypt xterm.xenti.com ## 3 GHz CPU should have no problem with 512 bit encryption cracking Crack xterm.xenti.com 23 ## crack all three services Crack xterm.xenti.com 115 Crack xterm.xenti.com 151 Connect xterm.xenti.com 23 Transfer 2000 Transfer 500 ## empty the server Ls Cat activity.log ## note first entry is wi-fi.jd.xenti.com Scan wi-fi.jd.xenti.com Cat e-receipt.doc ## see atm-5.sdb.ch Scan atm-5.sdb.ch ## woohoo! $10000! Cat host.id Logout Connect xterm.xenti.com 115 Ls Cat mail ## note flyblue-air.com and reservation number! Scan flyblue-air.com ##aha! Logout Connect xterm.xenti.com 151 Ls ## so that's where the bin files are. Logout Crack dot-hackers.net ## we need whatever they got in that port 80 service. Killtrace ## as needed to reduce to manageable levels, preferably just below 50% Connect dot-hackers.net Ls ## lots of stuff! Grab them! Download k-filemanager.exploit Download transaction_manager.exploit Download x-filemanager.exploit Cat news.txt ## old news, as we've got the money from last time. Logout Decrypt atm-5.sdb.ch ## let's get some money! Crack atm-5.sdb.ch 443 Connect atm-5.sdb.ch 443 Ls Transfer 2300 ## repeat transfer until all money gone, 2300 gives you 1 sec margin on the trace. ##Consider upgrading CPU now, or beginning of next level. Logout ## we're done here, but remember there's monitor.bin here too Decrypt wi-fi.jd.xenti.com ## let's do the wi-fi server then Crack wi-fi.jd.xenti.com 808 Connect wi-fi.jd.xenti.com 808 Ls Download dhcptable Cat dhcptable Logout Decrypt flyblue-air.com Killtrace ## repeat until below 50% Exec x-filemanager.exploit flyblue-air.com Connect flyblue-air.com ## nothing in 80 Logout ## nothing about wifi in homepage at all Connect flyblue-air.com 99 ## used exploit Ls Cat index.old ## aha! So there's the wifi server address!!!! Scan wifi.flyblue-air.com Logout Ls Del dhcptable ## we need the space Crack flyblue-air.com 100 ## the reservations server Ls Cat info ## this tells you how to create and remove reservations Del 34723 ## objective complete! Logout Killtrace ## as needed Decrypt wifi.flyblue-air.com Crack wifi.flyblue-air.com 808 Connect wifi.flyblue-air.com 808 Ls Download dhcptable1 Cat dhcptable1 ## see your target? Someone w/ very familiar name Logout Scan 192.168.1.120 Decrypt 192.168.1.120 Exec k-filemanager.exploit 192.168.1.120 Ls ## May be good time to upgrade memory as you need 3 GB to download the archive Connect 192.168.1.120 102 Ls Download archive.bin ## I hope you have 3 GB! Cat archive.bin ## hey, there's an URL in this archive! Scan backup.flyblue-air.com ## no time to hack it, no need to either Logout Connect dot-hackers.net 99 Upload archive.bin Logout Delete archive.bin Connect atm-5.sdb.ch 443 Download monitor.bin Logout Connect 192.168.1.120 102 Upload monitor.bin ## objectives are complete except last one Killtrace ## repeat until we can satisfy the objective, and we should JUST have enough money 6.7.4 Server List xterm.xenti.com flyblue-air.com backup.flyblue-air.com wifi.flyblue-air.com wi-fi.jd.xenti.com dot-hackers.net 192.168.1.120 atm-5.sdb.ch 6.8 LEVEL 7: DEJA VU The World Med center was hacked. Their computer system went down for 30 minutes, then just came back up. What was copied or moved and who did it? 6.8.1 Objectives 1) Identify the origin point, from where connection was established, in order to penetrate the WorldMed main server 2) Retrieve a copy of the file that has been stolen from the WorldMed central server. 3) Delete the stolen file from the host on which you have found it. 4) Reduce your trace level below 10%. You can achieve this by using the KILLTRACE command. 5) Keep at least $1600 in your money balance. 6.8.2 General Strategy Instead of attacking WorldMed immediately, attack ancillary targets for a while, as we need to find some bounce hosts first. THEN get into WorldMed with the appropriate access tools, and let's see where it leads us. 6.8.3 Walkthru ## There may be sections that I forgot to include a bounce. By now you should be able to tell if ## a task needs a bounce, or not. You be the judge. It can probably be done with lower CPU by ## bouncing more often, but I prefer to use a faster CPU instead. Scan ns.dot-hackers.net Crack ns.dot-hackers.net 53 Connect ns.dot-hackers.net 53 Ls Cat cache Cat named.conf ## aha! Atm-3.sdb.ch! Scan atm-3.sdb.ch Cat x-filemanager.exploit ## this is on port 99. Cat zone Logout Decrypt atm-3.sdb.ch ## let's get some money!!!! Crack atm-3.sdb.ch 443 Connect atm-3.sdb.ch 443 Ls ## hmmm. another x-filemanager.exploit? Cat x-filemanager.exploit ## aha, this runs on port 181, not 99, so grab it Download x-filemanager.exploit Transfer 2300 ## repeat transfer until you empty this ATM! Killtrace ## repeat until your trace level is under 50%, and keep it under 50% logout decrypt c-core.worldmed.com ## time to do the WorldMed server! Exec x-filemanager.exploit c-core-worldmed.com ## WorldMed's x-filemanager runs on port 181!!!! Connect c-core.worldmed.com 181 Ls ## just one file Cat call-config ## phones are in the format xxx-xxxx- xxxx.nphone.com were xxx are numbers. ## however, we need the actual LOG to backtrack the hacker. must hack call manager logout crack c-core.worldmed.com 180 connect c-core.worldmed.com 180 ls cat call-records ## let's see which call lasted exactly 30 minutes. scan 555-3234-1122.nphone.com ## voila! logout decrypt 555-3234-1122.nphone.com crack 555-3234-1122.nphone.com 743 connect 555-3234-1122.nphone.com 743 ## just tells us about auth.nphone.com scan auth.nphone.com ## it has $4000 you can `borrow' ls cat modem.conf ## this tells us about xenti.nphone.com instead! Scan xenti.nphone.com Logout Decrypt auth.nphone.com Crack auth.nphone.com Connect auth.nphone.com Transfer 2000 Transfer 2000 Killtrace ## repeat as needed Logout decrypt xenti.nphone.com crack xenti.nphone.com 743 connect xenti.nphone.com 743 ls ## auth.log, and worldmed-dna.seq download worldmed-dna.seq # objective complete! Cat auth.log #hmmm. Del worldmed-dna.seq logout killtrace ## until you fulfill mission objective 6.8.4 Server List c-core.worldmed.com ns.dot-hackers.net atm-3.sdb.ch 555-3234-1122.nphone.com auth.nphone.com xenti.nphone.com 6.9 LEVEL 8: THE MAZE 6.9.1 Objectives 1) Hack into the first host on the maze path. 2) Hack into the second host on the maze path. 3) Hack into the third host on the maze path. 4) Hack into the fourth host on the maze path. 5) Hack into the fifth host on the maze path. 6) Download the DNS reconstruction map from the last server on the path. 6.9.2 General Strategy Money is limited on this level. Be very careful in using the cracks and decrypts, make sure you got the right server. 6.9.3 Walkthru ## NOTE this walkthrough assumes you have 4 GHz CPU, 3 GB of RAM, and level 1 firewall. ## There may be sections that I forgot to include a bounce. By now you should be able to tell if ## a task needs a bounce, or not. You be the judge. It can probably be done with lower CPU by ## bouncing more often, but I prefer to use a faster CPU instead. ## 4 GHz CPU means you can decrypt 1024 bit key directly, and need 1 bounce to do 2048 bit key. Scan xmaze.net Decrypt xmaze.net Crack xmaze.net Connect xmaze.net Transfer 2000 Transfer 500 Logout ## scans show 28 is easiest, 512 cipher only ## it's also 28 because the e-mail you got says you should have started YESTERDAY, and today is 12/29 Crack 28.xmaze.net 901 Decrypt 28.xmaze.net Connect 28.xmaze.net Ls Download dnaseq-28 Cat hint-28 Download hint-28 ## you'll get e-mail with hint, points to 24 Logout Killtrace ## repeat as necessary Decrypt 24.xmaze.net Crack 24.xmaze.net 901 Connect 24.xmaze.net 901 Ls Download dnaseq-24 Cat hint ## points to 26 Logout Killtrace ## repeat as needed Decrypt 26.xmaze.net Crack 26.xmaze.net 901 Connect 26.xmaze.net 901 Ls Download dnaseq-26 Cat hint ## hint points to 27 Logout Killtrace ## repeat as necessr decrypt 27.xmaze.net crack 27.xmaze.net 901 connect 27.xmaze.net 901 ls cat log ## points back to xmaze.net download dnaseq-27 cat hint ## this hint takes a bit of patience, but it'll lead us to 22 transfer 500 logout decrypt 22.xmaze.net crack 22.xmaze.net 901 connect 22.xmaze.net 901 ls download dnaseq-22 cat hint ## 16 servers, so must add up to 8, which means. 35. Logout Killtrace ## as necessary decrypt 35.xmaze.net crack 35.xmaze.net 901 connect 35.xmaze.net 901 ls download dnaseq-35 cat hint ## no hint, we're done! Logout ## wait for level to end 6.9.4 Server List 20.xmaze.net 21.xmaze.net 22.xmaze.net 23.xmaze.net 24.xmaze.net 25.xmaze.net 26.xmaze.net 27.xmaze.net 28.xmaze.net 29.xmaze.net 31.xmaze.net 32.xmaze.net 33.xmaze.net 34.xmaze.net 35.xmaze.net 37.xmaze.net xmaze.net 6.10 LEVEL 9: END This is the end. We need to wipe out the Xenti AI server 6.10.1 Objectives 1) Retrieve a copy of the AI kernel file from the Xenti Corporation server. 2) Delete the AI kernel file from the Xenti Corporation server. 3) Reduce your trace level below 30%. You can achieve this by using the KILLTRACE command. 6.10.2 General Strategy Note that you don't even know the AI server's name, or the firewall servers' names, so pay attention! 6.10.3 Walkthru ## NOTE this walkthrough assumes you have 4 GHz CPU, 3 GB of RAM, and level 1 firewall. ## There may be sections that I forgot to include a bounce. By now you should be able to tell if ## a task needs a bounce, or not. You be the judge. It can probably be done with lower CPU by ## bouncing more often, but I prefer to use a faster CPU instead. Scan ns.dot-hackers.net ## yes, e-mail contains server address! Decrypt ns.dot-hackers.net Connect ns.dot-hackers.net ls Download namedserver_service.exploit Cat named.conf ##hmmm. ns2? Scan ns2.dot-hackers.net ## aha! Cat zone Transfer 2300 ## repeat until you drain all the money Logout Decrypt ns2.dot-hackers.net Crack ns2.dot-hackers.net Exec nameserver_service.exploit ns2.dot-hackers.net Connect ns2.dot-hackers.net Ls ##nothing Transfer 2000 ## all it's got Logout Killtrace ## repeat as needed! Connect ns2.dot-hackers.net 53 Ls Cat cache ## aha! There's the firewall server names! Scan fwall-34.xenti.com Scan fwall-23.xenti.com Scan fwall-64.xenti.com Scan fwall-00.xenti.com Cat named.conf Cat zone Logout ## remember the order listed, Let's start hacking! Decrypt fwall-00.xenti.com Crack fwall-00.xenti.com 88 ## got the "message" Connect fwall-00.xenti.com 88 Transfer 500 Logout Decrypt fwall-64.xenti.com Crack fwall-64.xenti.com 88 ## got the "message" Connect fwall-64.xenti.com 88 Transfer 500 Logout Decrypt fwall-23.xenti.com Crack fwall-23.xenti.com 88 ## got the "message" Connect fwall-23.xenti.com 88 Transfer 500 Logout Decrypt fwall-34.xenti.com Crack fwall-34.xenti.com 88 ## got the "message" Connect fwall-34.xenti.com 88 ## wait. it says. aicore.xenti.com! Scan aicore.xenti.com ## voila!!!! Transfer 500 Logout Decrypt aicore.xenti.com ## so what's the password? It's the pieces you got, in the order Login aicore.xenti.com ttyy3322xxzz4455uupp8888kkcc7777 Connect aicore.xenti.com Ls ## you see 4 bin files, one of which is correct Download ttyy3322xxzz4455uupp8888kkcc7777.bin Killtrace ## repeat killtrace while we wait for download to finish Killtrace ## keep going until you go below 30% Del ttyy3322xxzz4455uupp8888kkcc7777.bin Logout #### You win!!!! 6.10.4 Server List ns.dot-hackers.net ns2.dot-hackers.net aicore.xenti.com fwall-34.xenti.com fwall-23.xenti.com fwall-64.xenti.com fwall-00.xenti.com 7 Miscellaneous 7.1 MODS Some user mods which changes interface colors are available in the support forum, see official website. 7.2 CHEAT CODES There are exclusive cheatcodes. They are NOT guaranteed to work at all. Try it for yourself. How to use? Type them in the "console". exosyphen: identifies the maker of this fine sim xskiplevel : ends current level and go to next one, but resets your score to zero xmoney: gives you $10000, but resets your score to zero xshowhosts: reveals all the hosts on the map, but resets your score to zero xsubmit: hmmm. 7.3 TRIVIA Blue Sky Airline in the game is actually named after one of Exosyphen's previous games, "Blue Sky". --THE END--