Ask coding questions

← Back to all posts
4
Secret Message
Steven_The_GuyT (197)

I got an email this week, containing a secret message! I wasn't able to decipher it, but has anyone else been able? Don't tell us how to(no spoiling), just tell us if you did!

Commentshotnewtop
6
EchoCoding (243)

The message is very hard to figure out! Great job to everyone who did, but I simply do not have the patience or skill to do so!

4
mat1 (2249)

If you mean the newsletter, i've only been able to decode the message but it leads to a repl which i haven't figured out yet.

1
Steven_The_GuyT (197)

@mat1 oh cool! good luck with finding the repl!

2
mat1 (2249)

@Steven_The_GuyT I've found the repl, but it says to find a security vulernability which I can't find.

1
Steven_The_GuyT (197)

@mat1 what's a security vulnerability?

1
ReshiramWolfu (60)

@mat1 Send me the link to the repl, and i will try to find it

2
mat1 (2249)

@ReshiramWolfu Dm me on discord (mat#6207), we'll be able to work together

1
ReshiramWolfu (60)

@mat1 Can't get on until Friday, but sure!

1
MATTHEWBECHTEL (121)

Can I join. I am having no progress XD @mat1

3
Masy (17)

The .xn-- is a international link i believe

1
Masy (17)

@MATTHEWBECHTEL If you want to work together lmk and ill give you my hangouts (Cant use discord on a school monitored macbook)

1
Masy (17)

@MATTHEWBECHTEL [email protected] (Mind all of the little script kiddy wanna be hackers thats an alias gmail account with over a 12 digit password, If you want the email have it i think i have like 2 emails in there)

1
1
Masy (17)

@MATTHEWBECHTEL Yes haha id just rather not give out my email that has my server invoices in it

1
MATTHEWBECHTEL (121)

Ok. I’ll keep a screenshot. @Masy

1
MATTHEWBECHTEL (121)

Did you not want me to use it to contact you? @Masy

1
Masy (17)

@MATTHEWBECHTEL ohhh i read that wrong, yeah contact me on there, I thought you meant of my server invoice

1
MATTHEWBECHTEL (121)

No, I would not invade privacies. @Masy

1
Masy (17)

@MATTHEWBECHTEL Haha its all good. I get a lil confused some times. When do you think you can message me so we can start working?

2
IzanLarumbe (27)

🆈🅰🆈🆈🅾🆄🅶🅾🆃🅸🆃--🅱🅰🆂🅸🅲🅴🆁.🆁🅴🅿🅻.🅲🅾

2
IzanLarumbe (27)

@IzanLarumbe YES I GOT IT BOI
I AM THE FIRST!!!!

1
IzanLarumbe (27)

@IzanLarumbe `
// Find the security vulnerability and exploit

let express = require('express');
let fs = require('fs');
let app = express();

let password = process.env.PASSWORD;

if ( !/^[a-z]{8,20}$/.test(password) ) {
console.log("Plese setup your password");
process.exit(1);
}

app.use((req, res, next) => {
let start = process.hrtime()[1];
res.respond = (data) => {
res.contentType('text/plain;charset=utf8');
res.header('X-ProcessingTime', process.hrtime()[1] - start);
res.end(data);
};
next()
});

app.get('/', (req, res) => {
fs.readFile('index.js', "utf8", (err, data) => {
res.respond(data);
});
});

app.get('/info', (req, res) => {
if ( req.query.password == password ) {
res.respond(process.env.INFO);
} else {
res.respond("Password Incorrect");
}
});

app.listen(3000, () => {
console.log('server started');
})`

1
IzanLarumbe (27)

@IzanLarumbe Sad that i don't know json or hijacking json. I am done :3

0
Steven_The_GuyT (197)

@IzanLarumbe hey i'm on the leaderboard for most upvotes in 30 days!

1
Steven_The_GuyT (197)

@IzanLarumbe wait you weren't the first. @mat1 found it before you. Look at the top post and it's replies. Sorry!

1
mat1 (2249)

@Steven_The_GuyT Btw, the competition ended a while ago. The answer was izatimingattacklol, and you had to find it by running a timing attack on the web server. Rob told me I got 4th place, but I never got a reward and he isn't a part of the Repl.it team any more.

1
mat1 (2249)

@Steven_The_GuyT The creator of the challenge

1
zephur (0)

I have not had that happen to me. But I have opened my editor from aprevious save that had JavaScript in it that I did not write-- with comments!

1
IzanLarumbe (27)

I didn't got the email... i am sad.

1
Steven_The_GuyT (197)

@IzanLarumbe it's ok! Here's the stuff you need to decrypt: xn-----it52acaehokse3db1ckjbm3eba.xn--437hoalg.xn--237hya
!(https://storage.googleapis.com/replit/images/1558359292055_dfa04104ec0bcf3ef3b79aecde9622aa.pn)

1
IzanLarumbe (27)

@Steven_The_GuyT I just decrypted somthing:
it52acaehokse3db1ckjbm3eba.🆁🅴🅿🅻.xn
a link boi, a emoji based link. I saw that its registred at this web:
https://xn--i-7iq.ws/emojidomain/it52acaehokse3db1ckjbm3eba.%F0%9F%86%81%F0%9F%85%B4%F0%9F%85%BF%F0%9F%85%BB.xn
or something like that.

1
IzanLarumbe (27)

@Steven_The_GuyT I got it decoded. But i cant read it since it is on an emulator!! :(

1
Masy (17)

What encryption Method is it using? Does anyone know?

1
IzanLarumbe (27)

@Masy Emoji based or something like that, i dont really remember...

1
MATTHEWBECHTEL (121)

I like tried every decryperer I could find and none of them helped me.

1
MATTHEWBECHTEL (121)

Is this the encrypted message? xn-----it52acaehokse3db1ckjbm3eba.xn--437hoalg.xn--237hya
@Steven_The_GuyT @mat1

1
MATTHEWBECHTEL (121)

Hm I will check the message and decrypt it the best I can...

1
SPQR (332)

are we allowed to work together i wonder

1
Steven_The_GuyT (197)

@SPQR i know right? it's too hard xd