# Alyx 2.0 ## First Step pastebin.com/5N3zkqVb Here we have an IRC chat log with the following hints: `<D4rkGh0st> no dude she was talking about`**`bacon`** `<D4rkGh0st> I wISh I COuLD TakE A stEp`**`baCKWaRds`**`ANd CHaNgE WHAt I DId, DONt WoRrY FOR ME, fINIsh whAT WE StARTed. I KNoW WE CaNT`**`tuRN BAck`**`The TimE buT We CAN Still`**`REVErSE`**`ThE eVEnts. ALyX` We are hinted that its [Bacon Code](https://en.wikipedia.org/wiki/Bacon%27s_cipher) so we can asume the following: ``` uppercase = A lowercase = B ``` Resulting ciphertext: ``` babbabbbabbbaabbaabaaabbbabaabbabbababbbbabbbabbbabababbbbbbabbbaaaabbbbbabbbaabbbabbbbabbaabbbbaabaabaabaabbabbbbaaaabbbbabbbababbaaabbab ``` Since decoding with that simple substitution doesn't give any readable output: `Y??THKYZZPX?PD????HTKG?D?XS?` it's clear that something is missing. The text has the following hints: **backwards, turn back, reverse**. From here we know that we need to do something in reverse to decode it properly. ### Decoding The Bacon alphabet uses 5 bits for each letter  To decode, we reverse the bacon alphabet: ``` Original: B = aaaab C = aaaba D = aaabb Reversed: B = baaaa C = abaaa D = bbaaa ``` So, we divide the ciphertext every 5 characters: ``` babba bbbab bbaab baaba aabbb abaab babba babbb babbb abbba babab bbbbb abbba aaabb bbbab bbaab bbabb bbabb aabbb baaba abaab aabba bbbba aaabb bbabb babab baaab bab ``` Then we reverse each group individually: ``` abbab babbb baabb abaab bbbaa baaba abbab bbbab bbbab abbba babab bbbbb abbba bbaaa babbb baabb bbabb bbabb bbbaa abaab baaba abbaa abbbb bbaaa bbabb babab baaab bab ``` Decoding gives the following output: TINYDOTCCSLASHINEEDYOURHELP --> tiny.cc/ineedyourhelp ### Note: a lot of you reversed the entire text instead. That's a valid method too since all the bacon alphabet has 5 bits, but by doing that you need to make sure that the entire ciphertext you are reversing is multiple of 5, otherwise you are placing trailing bits on the front of the ciphertext, messing all the decode in cascade, for example: I want to encode the letter Y in the word **computer** with reversed bacon: ``` normal Y = babba | reversed Y = abbab Encoded letter using reversed: ABBAB ComPuter separate in groups of 5 : ComPu ter ABBAB BBB <-- BBB are trailing bits Reversing each group: BABBA BBB it will decode the letter Y, ignoring the trailing bits. ============================================= but if you reverse the entire text like this: retuPmoC then the you are working with: retuP moC BBBBA BBA <-- the trailing bits end up on front BBBBA is not a valid bacon code. ``` To overcome this problem you need to remove the trailing bits until the ciphertext is multiple of 5, then you can reverse the entire text and it will decode correctly because it won't place the trailing bits on the front messing everything up. ### FAQ Q: The first step is so retarded, just make it multiple of 5! why did I have to remove the last 3 letters? A: My goal was to avoid people solving that step by copy pasting into an online tool only knowing that "it's bacon and its in reverse" without understanding how bacon was reversed or how bacon code works at all. **But Reversing the entire text was not an intended method** and removing letters was an unintended extra step needed to be able to solve it this way. ## Second Step pastebin.com/WREq3E1s The text is ciphered in caesar, aka ROT. the line number of each line indicates the number of rotations needed to decode that individual line. ```=4 dau, e jaaz ukqn dahl, xqp benop, opknu peia, e cqaoo, d pNz ocdn vn v kgvxzcjgyzm nj d xvi fzzk ocZ mzvg gdIf nvaz mchwy nbcm jumny cm jLcpuny hi iHy mbiofx bupy uwwymm ni cn von vatgvxl tkx bm pbee zxm uknmxyhkVxw hk wblveHlxw tm lhfx ihbgm a fwwv lg escw kmjw qgm sjw wpsuLdq ozg a lzafc qgm sJw twxgjw ugflafmafy. ``` ```=15 Nzzw, eSp faoLep wTYv td ctrse mpwzh, fdp jzfc fdpcylxp ld alddhzco ``` ```=47 E9:?7:]4@>^G_6A ``` So to decode we use rot4,5,6,7,8,15 and 47 for the last line. ```=4 hey, i need your help, but first, story time, i guess, i uSe this as a placeholder so i can keep thE real liNk safe since this paste is pRivate no oNe should have access to it but chances are it will get bruteforCed or disclOsed at some point i need to make sure you are exacTly who i think you aRe before continuing. ``` ```=15 Cool, tHe updAte lINk is right below, use your username as password ``` ```=47 thinfi.com/v0ep ``` The link is protected and we need to use "our" username as password. Since the message was originally sent to D4rkGh0st, we know that **D4rkGh0st** is the password. ## Third Step pastebin.com/HM4FX3Cn Here we have another password protected link. The message on this paste ends with: ``` Come on, go back and show me why you are the one I trust to get me out of here, I'm pretty sure you missed two words... put them together and use it as password for the private notes ``` which is basically telling us to go back to step 2 and find two hidden words. We can notice some "random" capital letters spread across the first paragraph.  You will notice something, all the capital letters are **vertically aligned with a comma,** which indicates that there is something going on in vertical.  Uppercase = dash Lowercase = dot `-... .-.. --- -.-. -.- = block` The first word is **block** the other word is hidden on the translated sentence from line 15:  Second word is **chain** Password: **blockchain** ## Final Step [Link to URL](https://cryptpad.fr/pad/#/2/pad/view/Bt-Ld489nUJpIp-cPHl7UcVrWPTVUKu5FsSNJHW6YfA/embed/) The email SecretComms@protonmail.com can be found in the metadata of the linked image, the image also contains Ethan Collins Identificative Key on the bottom `1E6FF4D21A475`. You need to send an email to SecretComms@protonmail.com impersonating Ethan (placing Ethan's key on the body of the email) and somehow make Tom miss his shift so Alyx can escape. If you do it successfuly, Tom will reply exposing his Identification key needed to solve the weekly `F74A0D97B976E`