Jump to content
Sign in to follow this  
Followers 0

The PRE game fun...

2,259 posts in this topic

Posted (edited)

[color="red"][b]This thread is now closed, and is continuing [url="http://www.neowin.net/forum/index.php?showtopic=529110"]HERE[/url].[/b][/color]

---------------------------

[b]Neowin - Help us solve [url="http://www.vanishingpointgame.com"]The Vanishing Point Game[/url] at [url="http://www.vanishingpointgame.com"]www.vanishingpointgame.com[/url][/b]

Thanks to [url="http://www.neowin.net/forum/index.php?showuser=108441"]bobp[/url] for creating this thread, of which I've now taken ownership for easy updating!

See [url="http://www.neowin.net/index.php?act=view&id=36622"]here[/url] for the initial front page news item and more details.

So far, we know that it's probably a marketing campaign by [url="http://www.42entertainment.com"]42 Entertainment[/url] for Microsoft (as the initial teaser image was first seen on the [url="http://blogs.msdn.com/ie/"]Internet Explorer Development Blog[/url], and the Flash login page is seen connecting to the 42 Entertainment domain). 42 Entertainment were behind the highly successful Halo viral marketing campaign.

I'll be updating this post with the codes we find and the puzzles that are given as a result of that.[list]
[*]Initial image [url="http://www.neowin.net/index.php?act=view&id=36622"]as reported on Neowin front page[/url] - [color="#33FF33"]solved[/color] as [b]wh0isl0ki[/b]
[*]Also [color="#33FF33"]solved[/color] as [b]iw4nttwinyou[/b] from a [url="http://halowars.heavengames.com/key"]blog post on HeavenGames.com[/url]
[*]Also [color="#33FF33"]solved[/color] as [b]3scap3grav1ty[/b] from an edited post by the mystery lokivanishes poster
[*]Also [color="#33FF33"]solved[/color] as [b]imm0rtaliz3m3[/b] thanks to a key from Doug Stockwell
[*]Also [color="#33FF33"]solved[/color] as [b]wh3r3t0g0[/b] thanks to the guys at unfiction
[*][b]iw4nttwinyou[/b] - gives US phone number (when called asks for PIN) - [color="#33FF33"]solved[/color] with PIN 35813, prompting the user to [url="http://www.vanishingpointgame.com/antepenultimate/"]THIS webpage[/url]
[*][b]3scap3grav1ty[/b] - gives different grid-based puzzle - [color="#33FF33"]solved[/color], leading the user to [url="http://www.vanishingpointgame.com/zenith/"]THIS webpage[/url]
[*][b]3akix3ozidd1b[/b] - identical to the above - [color="#33FF33"]solved[/color]
[*][b]wh0isl0ki[/b] - gives grid-based puzzle - [color="#33FF33"]solved[/color], leading the user to [url="http://vanishingpointgame.com/biography/"]THIS webpage[/url]
[*][b]imm0rtaliz3m3[/b] - gives an mp3 file, the waveform of which looks like [url="http://publictransport.hu/temp/1234.jpg"]this[/url] and is [color="#33FF33"]solved[/color] like [url="http://i14.tinypic.com/44a2uqq.jpg"]this[/url] [i](thanks go to Ehsan from Unfiction)[/i], leading the user to [url="http://vanishingpointgame.com/file/"]THIS webpage[/url]
[*][b]wh3r3t0g0[/b] - gives some html-escaped data. Putting this into a basic html page reveals a word, leading the user to [url="http://vanishingpointgame.com/circumambulation/"]THIS webpage[/url]
[/list][attachment=171683:lokistuff.png]

[attachment=170993:welcome.gif]

The sudoku-like puzzle is solved with the following numbers:
[code]592 487 613
817 563 924
643 921 875

428 156 739
135 749 286
769 238 541

256 374 198
371 895 462
984 612 357[/code] Edited by Rob

Share this post


Link to post
Share on other sites

Posted

The source code has

<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTUxMzcyMjQyN2RkbyO7jpOtE1Mb07Hm2nrpSyWWoQo=" />

I don't know if it is normal for the value to be like that, I don't know HTML

and <!-- PIN=5813 --> towards the bottom

Neither are the password

Share this post


Link to post
Share on other sites

Posted

Well reading it out loud didn't produce any noticable vocal results for me... tho some of the numbers and letters look like highways and directions

Share this post


Link to post
Share on other sites

Posted

The Viewstate is a standard ASP.NET variable that's put in to most pages, nothing to do with that. The PIN, on the other hand, is interesting.

A raw dump of the HTTP session the Flash script uses when sending the password 'neowin' is quoted below.

[quote]
POST /PreCodeHandler.ashx HTTP/1.1
Accept: */*
Referer: [url="http://www.vanishingpointgame.com/login_s.swf"]http://www.vanishingpointgame.com/login_s.swf[/url]
x-flash-version: 9,0,28,0
Content-Type: application/x-www-form-urlencoded
Content-Length: 49
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.0.04506.30)
Host: www.vanishingpointgame.com
Proxy-Connection: Keep-Alive
Pragma: no-cache
Cookie: vaakokie=H3hOXjhzqeAzFtwGjbmmkCk7iMQ9w0z7oFBF0vETARCMV9ar9uwf4f7MNA47-_L-eTIoPoeJSVzbgrilYyVumfERJlhCZ4MvkcG6uGOfP2A1; ARPT=MMWQKNS192.168.1.128CKMYM; ASP.NET_SessionId=iyr5jxraoxvg5j55zg0t1255

var1=[b]neowin[/b]&var2=989DCA4C56923144F848F12F6D49C484
[/quote]

Share this post


Link to post
Share on other sites

Posted

Yeah, I'm sure.

[url="http://img99.imageshack.us/my.php?image=42entertainmentpa1.png"][img]http://img99.imageshack.us/img99/5280/42entertainmentpa1.th.png[/img][/url]


What is that packet sniffer that is open source and the name starts with an "e"? This has been killing me trying to find it. It's a good sniffer :p

Maybe I'm wrong about the "e" thing. Or the open-source thing. But it definitely does not run the native Windows GUI. Uses an "overlay" (much like Java, GTK, etc)

Share this post


Link to post
Share on other sites

Posted

now 42 thrown in the mix! omg confusing...

Share this post


Link to post
Share on other sites

Posted

Ethereal is what you're thinking of. But I think Fiddler is better for this kind of analysis anyway as it deals with HTTP traffic specifically.

Think perhaps we're thinking along the wrong lines though. We should be trying to work out what these mean.

rpf6ncada34wget32-84
kvezz1x6cfp0egnyvm32
z3o6qj-o3ddwn3;u-loe

Share this post


Link to post
Share on other sites

Posted

[url="http://42entertainment.com/do.html"]http://42entertainment.com/do.html[/url]

This is one of their missions:

[quote]Innovative Marketing Campaigns: As a standalone agency, we drive brand engagement and ROI by immersing consumers in our clients' brands.[/quote]

I'm pretty sure that's all relating to them.

Share this post


Link to post
Share on other sites

Posted

from 42's website - "Who hacked the website of a Napa Valley beekeeper, leaving behind a series of GPS coordinates? Why were pay phones at the Empire State Building delivering installments of a sci-fi radio drama? � As these questions gripped tens of millions of Web surfers last summer and fall, the answers led to a viral marketing campaign created for Microsoft by Seattle-based 4TwoEntertainment to promote Halo 2, the long-awaited sequel to the Xbox videogame hit."

I'm thinking GPS stuff too...

Share this post


Link to post
Share on other sites

Posted

Wait.. does the Fiddler look at only HTTP traffic, or HTTPS as well? Because it seems to be connecting securely.

Share this post


Link to post
Share on other sites

Posted

I tried the first SWF decompiler on google and found this image
[attachment=170945:attachment]

Share this post


Link to post
Share on other sites

Posted

You heard the man! January 8th, 6:30PM, Bellagio Fountains

Share this post


Link to post
Share on other sites

Posted

[quote]January 8th, 6:30PM, Bellagio Fountains[/quote]
what is going happen on that day

Share this post


Link to post
Share on other sites

Posted

Las Vegas.... hmmm

Share this post


Link to post
Share on other sites

Posted

[quote name='Soham' post='588160149' date='Dec 22 2006, 18:39']
what is going happen on that day [/quote]

Nobody knows which makes this whole thing even more interesting. I have a feeling that we didn't learn anything at all, and that Microsoft just did this to add to the excitement... and that we need an actual code to gain access to another part of the site :shifty:

Share this post


Link to post
Share on other sites

Posted

[url="http://www.cesweb.org/attendees/conferences/keynotes.asp"]http://www.cesweb.org/attendees/conferences/keynotes.asp[/url]

this is interesting, Bill will be in Vegas that day

Share this post


Link to post
Share on other sites

Posted

its CES.... its something that will be announced in CES and the winner will get a prize there

Share this post


Link to post
Share on other sites

Posted

Yeah... I was thinking it's probably something related to CES.

Share this post


Link to post
Share on other sites

Posted

i got some thing 63432-841603236-33;-

Share this post


Link to post
Share on other sites

Posted

[quote]
Most of you won't figure this out

rpf6ncada34wget32-84
kvezz1x6cfp0egnyvm32
z3o6qj-o3ddwn3;u-loe

vanishingpointgame.com
[/quote]
Im guessing that is the key but encoded/encrypted somehow

Share this post


Link to post
Share on other sites

Posted

you can find the words (in spanish) cada & vez.. together it means each time.


:p

Share this post


Link to post
Share on other sites

Posted

i think it has something to do with "connecting the dots" using a keyboard layout and those letters...i tryed it but i didnt see anything....kind of a star at the beginning and then a triagnular pyrmid??

Share this post


Link to post
Share on other sites

Posted

Not much of a help...but the image was made in Adobe Photoshop 7 on Dec. 19 '06...
And I'm trying to do one of those bible-code things where you skip this many letters and only use some...but so far no luck :(

Share this post


Link to post
Share on other sites

Posted

[quote]rpf6ncada34wget32-84[/quote]
My eyes see rpt anconada wget :) lol... Linux commands? :p

Share this post


Link to post
Share on other sites

Posted

In Vegas on the 8th of Jan? Well CES definitely starts on the 7th.

But the code? Arrrrghhhh! I don't think so. I'll just wait until the answer is posted on the web. Because within hours it'll be everywhere!

Cal

Share this post


Link to post
Share on other sites
This topic is now closed to further replies.
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.