Alexis Callemard

puzzle

  1. Step 1
  2. Step 2
  3. Step 3
  4. Step 4
  5. Step 6
  6. Step 7
  7. Step 8
  8. Step 9

This is a writeup of the resolution of Nadya’s Puzzle that was found on various chans. The puzzle was presented like this:

There are 10 steps to the puzzle. It starts very simple but gets more complex with each step. Each step will give you information to discover the next step. Some knowledge of steganography, encryption, and ciphers will help. I apologize in advance for the difficulty of step 9 – it’s driven some people to insanity – but it can be solved, I promise. If you would like to enter The Wired your first step is… hsvvrp.zjsvzlsfo.paola.lluayhjlp..pzy.bolyl.

Step 1

Our first hint is given in the introduction, the puzzle has already started. Let’s dig in!

First hint: hsvvrp.zjsvzlsfo.paola.lluayhjlp..pzy.bolyl.

It looks like a substitution ciphere, Caesar Cipher being one of the most popular ones, we try to decode it as a Caesar Cipher. It looks promising, it is now forming words: alooki.scloselyh.ithet.eentracei..isr.uhere.

Look closely, the entrance is here

Or so it says. Let’s look at the seemingly superfluous letters and isolate them: ai.sh.it.ei..r.u. And then remove the dots used for formatting.

It’s a URL, pointing to https://aishitei.ru.

Step 2

After following the URL discovered in step 1, we open the inspector and are greated with:

-— You’re off to a good start. Now look up. -— Or maybe it was down? -— Try asking the girl, Lain, for help. -— She should be around here somewhere.

That’s our second hint. Refreshing the page, we notice that the mascot changes. The FAQ tells us that we can chose a specific mascot by passing the waifu parameter in the URL.

We can use a script to fetch all pictures, then we look through them. Surely enough, one of them is representing Lain:

img

Step 3

Looking at the strings in the file with the string command, we find a hint:

you're on the right track..kcart thgir eht no er'ouy\
the wired is calling for you..ouy rof gnillca si deriw eht\
can you hear it yet??tey ti raeh uoy nac
track_44.wavvaw.44_kcart

It’s telling us that there is something we need to hear and gives us the name of an audio file (track44.wav), after which we find the header of a WAVE file.

After renaming the file to track_44.wav (or extracting the audio file with software such as foremost) we can now listen to it.

track_44.wav

We recognize Morse code.

Step 4

For the most enlightened, they can get the hint from listening to the audio file. For the rest like me, let’s transcript what we hear and feed it to a morse decoder (I used https://www.dcode.fr/morse-code):

_._. ._ _.|_.__ ___ .._|.... . ._ ._.|__ .|._.. .. ... _ . _.|_._. ._.. ___ ... . ._.. _.__|._.. .. ... _ . _.|_._. ._.. ___ ... . ._.. _.__|_.. ._ _. __. . ._.|_.. ._ _. __. . ._.|._. .._ _.|_. ._ _.. _.__ ._ _. ._ _.__|_.. ___ _|__ .|.._. .. _. _..|__ .|_ .... . ._. .

Which translates to:

CAN YOU HEAR ME LISTEN CLOSELY LISTEN CLOSELY DANGER DANGER RUN NADYANAY DOT ME FIND ME THERE

Once again, it gives us a URL.

Step 6

We follow the hint and go to https://nadyanay.me, then we open the inspector and find this string 6e616479616e61792e6d652f77697265642e747874, on it’s own, unlike the previous hints accompanied by some text.

Looks like hex. We convert it to ASCII. There it is, it’s a URL: nadyanay.me/wired.txt

Step 7

We download the text at https://nadyanay.me/wired.txt. It is also available here for posteriry:

wired.txt

It looks like base64 with the == at the end, however decoding it as base64 gives us nothing. After a more careful observation, words written in capital letters stand out. I used ripgrep to isolate them, then tr to remove the newlines:

cat puzzles/wired.txt | rg "[A-Z]+" --only-matching | tr --delete "\n"

Some formatting later and here is the result:

INO WE NEED YOUR HELP WHAT DOES IT WANT THE ENTRANCE CAN BE FOUND KEEP LOOKING PROCEED TO STEP EIGHT TXT

Step 8

We proceed to https://nadyanay.me/stepeight.txt as intructed and find this text:

BLP KLPUE PX
HYQTLMY FL FWY HSCYE
XWW FWYB TJU WYJC BLP
AL ZJTO FL FWY ASCQX
QJSU HJUFX BLP FL HJFTW
LMUSVCYXYUTY MOR
FWYU CYJE
LMUSVCYXYUTY LMUSVCYXYUTY

We can see what looks like repeating words, a pattern. From that we deduce that it’s a monoalphabetic cipher. Given that it has a really specific context and vocabulary, online decoders won’t help us much. We have to crack it manually (though some tools can still be of help, once again dcode comes in handy: https://www.dcode.fr/monoalphabetic-substitution). That one takes a bit of time and chance.

YOU FOUND US
WELCOME TO THE WIRED
SHH THEY CAN HEAR YOU
GO BACK TO THE GIRLS
LAIN WANTS YOU TO WATCH
OMNIPRESENCE MKV
THEN READ
OMNIPRESENCE OMNIPRESENCE

It wants us to go back to the first website https://aishitei.ru, watch omnipresence.mkv and read omnipresence.omnipresence.

Step 9

We find the files in the same folder where we found lain:

Once again you can find them here:

Hint: this step has to do with endianness.


#puzzle