Level 2

Continuing with the game this time we get this:

Agent apok…

Good Work on your previous mission – you are ready for your next mission. We now have access to the terminals. We think the intruder is telling the truth – other changes have been made to the system.

A file has been found on the system that is not our own. All we can think of is that this is some kind of installation file the hacker used to speed up his job while he was in our system. We have examined the file, but there appears to be a form of encryption used. I know this is your speciality, so we have assigned you the task of breaking the encryption. Once broken, if you find the location of any other files put on the system include the full location (in standard Windows format) in your mission conclusion.

Good luck apok.

They give us a link to donwload a zip file which contains a strange .enc file:

The first thing that passes through my mind is trying a Caesars decipher, I have used a brute force method for it, I have taken the python script from here and made a few modifications, this:

Was replaced by:

I am using the whole printable characters because I do not know what characters the cyphered message has. Launching the script give us some non sense strings, except one:

But there is something missing, although it is almost correct there are some not understandable characters, I’m gonna guess the path should be something like:

After some trial error I got the right combination:

So, the password is:

Level 3

Agent apok…

Good work, we have a follow up mission relating to the recent hack – but you are scheduled to take a training mission, and pass it, before we can offer you the next mission.

We want to ensure that the mission goes to you again, after your good work on the last mission – however, we can’t wait around when something this serious has happened…so please try and get through your training asap.

This mission should be a breeze for you, its purely an observation test – to ensure you’re awake. I am not entirely sure why we have to make you do it, but the heads of the company are sticking firmly to agent policies – and they won’t let us proceed without you having taken the relevant training. Keep your eyes open, and check everything – the clues are there.

Good luck apok.

This time we are taken to a web page with an applet in it, if we check the source code we find out the applet path:

After download it, I have used an online decompiler to decompile it in the cloud, it is given us two files:

Let’s check training.java

The code is self-explanatory. The first thing we can notice is the applet is comparing the text entered by the user against a header field named Training-code, if strings are equal then the Training-code will be encoded into base 64 and concatenate the .php string, this will be a new web page where we should go, I got my training code by using burp suite as a proxy:

Entering the code in the applet give us the web page where we should go, there in the web page we get a new message:

You have completed the training exercise, well done agent.
Go to the mission conclusion and enter the solution as: nnc8V309kHS7n

We got it! That way level 3 is finished. See you on level 4.