• Content count

  • Joined

  • Last visited

About SmashManiac

  • Rank
    Unholy Action Forum Commander


  • URL
  1. Secret room

    Back at it again! First of all, I got as a gift an official Hack 'n' Slash T-shirt, and I figured it might be interesting to describe the package contents here for completeness. The T-shirt itself looks exactly like the pictures in the store, except the inner part has the T-shirt size instead of "MD". There's no hidden label hidden inside it or anything. The plastic wrap had a nice little sticker with the same design, the T-shirt size, the Double Fine URL... and the string "HACK N' SLASH", with a missing apostrophe before the "N". Inside the plastic wrap, there was also a small Fangamer swag package, including a Fangamer marketing brochure, an untitled holiday 2017 postcard by Laura Wilson, a Super Smash Bros. pin, and a Final Fantasy VII... um... thing - it feels plastic-y on the printed side and like paper on the other side, and if it's a sticker I can't peel it off. Interestingly, the postcard's "From" and "To" labels are printed using the same retro font as the one used on the T-shirt. So pretty cool, but at first glance, nothing interesting that might relate to this puzzle. However, upon closer inspection, I realized that the Hack 'n' Slash logo printed inside the T-shirt actually contains a hidden barcode! You can read it on its top and bottom edges - it's the same on both. Heck, it's even visible on this official store picture and we all overlooked it: So I blew up the picture, rotated it horizontally, put a few monochrome filters onto it, and send it to an online barcode decoder for analysis. Turns out it's a Code 128 barcode which reads: I'm assuming you're supposed to concatenate "hacknslash" with "" for the URL, which is unfortunately the same URL than one from a previous puzzle, which redirected to the store page to purchase the T-shirt in the first place, and it doesn't work now anyway. So in other words, it's a really cool discovery, which revealed absolutely nothing. Oh well. But the fact that we missed this for so long suggests that we might have overlooked other hints. The other thing that I wanted to mention is that I continued looking into AES, specifically the multiplicative inverse in the finite field GF(2^8) transformation step in SubBytes() as it is the only non-linear transformation of AES. The official specifications mentions using the extended Euclidean algorithm to perform this, but I couldn't wrap my head around that concept. Instead, after playing with equations for a little while, I came up with a nice way to find the multiplicative inverse, which is as follows: if abcdefgh is a non-null byte, then it's multiplicative inverse in GF(2^8) ABCDEFGH can be found by resolving the following set of equations (addition is the XOR operator, and multiplication is the AND operator): (a+c+d+h)A+(b+c+g)B+(a+b+f)C+(a+e)D+dE+cF+bG+aH=0 (b+d+e)A+(a+c+d+h)B+(b+c+g)C+(a+b+f)D+(a+e)E+dF+cG+bH=0 (c+e+f)A+(b+d+e)B+(a+c+d+h)C+(b+c+g)D+(a+b+f)E+(a+e)F+dG+cH=0 (a+d+f+g)A+(c+e+f)B+(b+d+e)C+(a+c+d+h)D+(b+c+g)E+(a+b+f)F+(a+e)G+dH=0 (a+b+c+d+e+g)A+(a+b+c+d+f)B+(a+b+c+e)C+(a+b+d)D+(a+c+h)E+(b+g)F+(a+f)G+eH=0 (b+e+f)A+(a+d+e)B+(c+d)C+(b+c)D+(a+b)E+(a+h)F+gG+fH=0 (a+c+f+g)A+(b+e+f)B+(a+d+e)C+(c+d)D+(b+c)E+(a+b)F+(a+h)G+gH=0 (b+c+g)A+(a+b+f)B+(a+e)C+dD+cE+bF+aG+hH=1 It's possible to solve this system of linear equations using elimination of variables or Gaussian elimination, but doing so appears to cause formulas to blow up, so I haven't done so for the general case. I'm interested to see what the final solution looks like to see how strong is the nonlinearity of AES is, but I don't have a good way to do so right now. In any case, with that it's possible in theory to remove all references to GF(2^8)'s polynomial representation for mathematical analysis and focus exclusively on pure bit formulas to represent the result of AES, which is pretty neat.
  2. Secret room

    I was under the impression that tjablin's posted C code was not actual disassembly, but only reproduced the output? Unless Hack.exe also uses LibTomCrypt? As the encryption is triggered by entering DRMRoof, the trick to avoid multiple encryption is to not exit DRMRoof while a book is on the pedestal, including with PrincessChambers already there by default.
  3. Secret room

    Thanks a lot, I'll take a closer look at those when I have some time. The AES functions in the game are exposed in the Lua environment through the DFHack object as encipherBuffer and decipherBuffer. Their implementation are in the Hack.exe x86 binary. tjablin apparently did a disassembly, but the code he posted as reference is no longer accessible, and I'm not sure if the C version he wrote is an exact match or not.
  4. Secret room

    Hmm you're right. I read through the entire AES standard, and if we would skip the finite-field multiplicative inverse substitution in the SubBytes step, each output bit could be represented as a series of XOR operations. I have no idea what a formula for this multiplicative inverse would look like... if one can even be written.
  5. Secret room

    So here's a potentially dumb question. Say i_x is the xth bit of the AES-256 block input (after CBC XOR in our case), k_x the xth bit of the key, and c_x the xth bit of the ciphertext block output. What would the functions c_x(i,k) and i_x(c,k) look like?
  6. Secret room

    Heh, I thought for weeks about the P versus NP problem just for the kicks myself. No dice. I'm surprised this paper doesn't reference the controversial eXtended Sparse Linearization (XSL) attack. Not sure if that's important or not though. I don't know if attacking the zeroes matter, but if it does then I should point out that the last bytes at the end of the file immediately before the PKCS #7 padding should be: 00 00 00 00 00 00 00 Being able to guess the key string itself would be great, but if it's a long sentence like the normal PrincessChambers.lua key then we might be in trouble unless it's based on a string in the game or a known incantation. As for clues, if they exist in the game, they are either truly well hidden, hidden in plain sight, or we overlooked them somehow. Otherwise, there could be clues hiding anywhere, including the following locations: Amnesia Fortnight 2012/2014 material, including the 2012 special edition box set, trailers, documentary, the Hack 'n' Slash prototype and its box art. All marketing material, including the full game press release with the HTTP trace, the ZIP/JPG hybrid teaser puzzle, trailers, the official wiki, the development blog and the official T-shirt. Messages from Noughtceratops's Twitter account. Devs Play season 1 episode 4, including the Zelda IPS patch and the currently-unsolved hacked Zelda cartridge winner puzzle. Unless Brandon, someone else linked to the game or Double Fine gives us more information, that's what we have to work with.
  7. Secret room

    I've been questioning this statement recently. Here's what I've gathered so far: The key string is hashed using SHA-256, which is used as the key for AES-256-CBC with a null IV, to generate the output. We already know the first 4 blocks of 16 bytes each of the original plaintext due to the Lua file structure and the game's directory structure (see my post from June 19, 2016). Due to the properties of CBC, deciphering a block only requires the key, the block's ciphertext and the previous block's ciphertext, or the IV if there is no previous block. With this information, we have 4 sets of AES-256 "equations" with only the hashed key as the unknown variable. The question is, is deducing the key from those "equations" realistic? It sounds unlikely to me, but I could not find a definitive answer to this question. I've seen claims that terabytes of known plaintext block matches wouldn't be enough to do so, but could not find the mathematical arguments to support them.
  8. Official wiki?

    Yes, the official Hack 'n' Slash wiki is indeed the GamePedia one, but nobody really bothered to maintain it since its original creation.
  9. Secret room

    Netrix, can you share the script you're using for bruteforcing? Also, I just had an idea watching keybounce's stream. There's a few empty chests in the game. I originally thought it was unfinished content, but it is possible it's a hint for the secret room somehow.
  10. If you're talking about why the world collapsed near the end of your recording, it's kinda your fault. I suggest you try to figure out what happened by yourself. If you can't figure it out, here's what happened: A turtle spawned while you were hacking the spawn behavior, and as you were editing the 2nd entry, the turtle tried to execute it. By coincidence, you had it set on GRABGRASS while the turtle was swimming, a case that is not normally possible. The game then tried to load the nonexistent graphics for this combination, triggering the error.
  11. I can't even chat on YouTube Live streams because of their forced Google integration...
  12. That's unfortunate. Almost all hacks in the game can be reverted by going back in time. This should help you a lot for your next playthrough. Fortunately, you should be able to quickly get back to where you were, since you already know the solutions to the previous puzzles.
  13. Did you bomb a bomb and enter its portal? That might be the cause of your issue. I believe loading a state before acquiring the bombs should solve it. I'd very much like to see people stream the game live, although this is the kind of game where "silly ideas" is very likely to spoil something unless you've already beaten the game though, so I think I would be more of a spectator until then.
  14. Code not updating on first exit from Algorithm room

    It's not normal, but the current version of the game contains many unintended bugs unfortunately, so don't be surprised if you stumble on more weird stuff like this. As for a solution, considering Double Fine has not updated the game in years, it would probably require a community patch mod.
  15. Should the mac version be "1.0.0"?

    No, it's the correct version. I believe the patches affected the Lua code only, not the native executable.