# Alyx 3.0 ## First Step https://pastebin.com/u/Alyxx  **A new note appeared on Alyxx's pastebin**  "**Sometimes, the deepest secrets can only be found in my eyes.**"  **Take the pixel hex color.**  **Password:** hidden ## Second Step pastebin.com/7eLz3bQE Acces with the password "**hidden**" The text says that even when you are blind, space keep existing so you have to select the text to see the spaces.  We have 3 different space sizes.  5 Spaces  1 Space  0 Spaces 5 acts as a separator "**/**" (since its longer) 1 acts as a dash "**-**" 0 acts as a dot "**.**" **Note:** I used separators at the beginning and the end because there is an inconsistency on how pastebin shows empty spaces after a newline and it was making the riddle unsolvable.  **Password:** chosen ## Third Step - https://pastebin.com/iF5Th4pK It's a base64 encoded text, but the hint tells us that its scrambled.  Decoding from Base64 shows some plaintext at the end  **Some numbers are showing up. We separate those 3 lines.**  Something looks broken, that's because the line order is scrambled. We reorder them accordingly (Note that the line with a "**=**" must be the last one since the character is used for padding)  We end up with a list of **17** numbers. The base64 has **17** lines. The list shows the correct order of the lines (Makes sense because line 3 (the last) has an "**=**" sign)  **It can be done manually but I wrote a quick python script** ```python text = """WmlhU3dnU1NCM2IzVgpzWkc0bmRDQm9Z WFpsSUcxaFpHVWdhWFFnCmQybDBhRzkx QjBaWGgKMExnPT0= SUhSb1lXNXJjCnlCbWIzSWdhR1ZzY0ds aGhkbVVnZEc4Z2EyNXZkeUJwY3lCCm9a emRHClZ3SUdGdVpDQndjbTkyWldRZ2VX SQpITnZiSFpsWkNCMGFHVWdiR0Z6ZENC WEpsSUhCaGMzUmxZbWx1TG1OdmJTOXEK dVp5QnRaU0JsYzIKTmhjR1VnZEdobElH ZENCNWIzVWdjMlZ1WkdsdVoKeUIwYUdG UjI5dlpDQnFiMklzSUhsdmRTQm9ZWFps MElHVnRZV2xzTGdwQmJHd2dlVwo5MUlH ZUhkRlIwUnhOU0IwYUdVZ2NHRnpjM2R2 a0lnCnBpYjNSMGIyMGdjR0ZrWkdsdVp5 bVZwYm1jZwphR1Z5WlM0S1FXZGhhVzRz YwptUWdhWE1nSW5WdWMyTnlZVzFpYkdW OTFJR0YKeVpTQjNiM0owYUhrZ2IyWWdZ""" lines = text.split("\n") order = [11, 7, 6, 17, 15, 4, 9, 1, 2, 10, 12, 5, 8, 13, 16, 14, 3] for n in order: print(lines[n-1]) # -1 bc index starts at 0 ``` **we decode the final base64 and it gives us another base64. we decode again.**  **Final Text:** Good job, you have solved the last step and proved you are worthy of being here. Again, thanks for helping me escape the fbi, I wouldn't have made it without you sending that email. All you have to know is here pastebin.com/jxwEGDq5 the password is "unscrambled" bottom padding text. **Password:** unscrambled ## Last Step - pastebin.com/jxwEGDq5 **Alyxx tells us what happened during isHaacK adventure and Alyx 2.0**  The link downloads a zip file with some files captured by the backdoor in the FBI. ## Investigation - http://tiny.cc/Alyxx **Files/**  **Files/FBI-Files-09-29-2020/**  the **datadump.txt** contains a bunch of names, emails and passwords. ``` name, email, ip, password Jac Robertson, jrobertson@mac.com, 160.45.3.140, 040269 Bret Blanchard, bblanchard@netlog.com, 219.122.235.227, Bond007 Natalya Anderson, nanderson@webeden.co.uk, 197.198.61.162, sexy1 Jareth Fitzgerald, jfitzgerald@chron.com, 137.104.31.144, 03021955 Tonicha Cochran, tcochran@gmail.com, 72.178.0.0, tranzit [...] ``` **Patient-Consent-Covid-19.pdf** is the only pdf without a password. You can find in the metadata that **Michael Stewart** is the author of the pdf. Searching that name in the data dump shows the HR password ``` Michael Stewart, hrdepartment@mail.net, 59.210.10.88, HrP@55w0rd321! ``` We can use that password to decrypt the **FBI Agents Email Log.pdf**  In this document we can see Kosiak's password and his email. - his password is **4pr1l2019!** - Searching Kosiak's email in the datadump shows an entry. `Kaisok Vorodis, undercover@mail.net, 89.21.2.175, F4k31nt3rn3tP@55w0rd` Password: **F4k31nt3rn3tP@55w0rd** - None of those passwords decrypt **Kosiak N0tpr0n Classified Data.pdf** ## Investigation - Finding Kosiak's password For this task, let's recap all the relevant info we have  - Human Resources Password is **HrP@55w0rd321!** - The pdf was updated on **april 2019** and Kosiak's password is **4pr1l2019!** - The folder is named **FBI-Files-09-29-2020** so it's from **september 2020** - The entry of **Kosiak's email** in **Datadump.txt** gives - **F4k31nt3rn3tP@55w0rd** - His **fake** internet password Kosiak's password might be **september2020!** but we are missing the leet speak like in **4pr1l2019!** Note that **F4k31nt3rn3tP@55w0rd** and **HrP@55w0rd321!** share the **P@55w0rd** part, which means Kosiak took that part from the FBI department for his fake password. This means that Kosiak writes passwords himself like **F4k31nt3rn3t** and **4pr1l**. He only converts **vocals to numbers** **september2020! --> s3pt3mb3r2020!** Password: **s3pt3mb3r2020!** ## Investigation - N0tpr0n Classified Data We can now decrypt **Kosiak N0tpr0n Classified Data.pdf**  We can see an RSA private key and a [link](https://www.devglan.com/online-tools/rsa-encryption-decryption) for decryption. It can be used to decipher the data in **N0tpr0n_RSA_Encrypted_Data.txt**  Solution: **alyx{N0tpr0n_0p3r4t10n_w1ll_c0nt1nu3}** ---