User Tools


Holiday Hack Trail (Dorm)

This challenge can also be reached at https://trail.elfu.org/

There are 3 game play modes:

  • Easy
  • Medium
  • Hard

None of the following solutions involve purchasing anything in the “Store”, so just click “BUY” to move past this screen.

Easy

The way to win in Easy mode is simple and involves modifying the URL:

hhc://trail.hhc/trail/?difficulty=0&distance=0&money=5000&pace=0&curmonth=7&curday=1&reindeer=2&runners=2&ammo=100&meds=20&food=400&name0=Jane&health0=100&cond0=0&causeofdeath0=&deathday0=0&deathmonth0=0&name1=Jen&health1=100&cond1=0&causeofdeath1=&deathday1=0&deathmonth1=0&name2=Chris&health2=100&cond2=0&causeofdeath2=&deathday2=0&deathmonth2=0&name3=Chris&health3=100&cond3=0&causeofdeath3=&deathday3=0&deathmonth3=0

If you change the URL to have distance=8000, which is the distance that you have to travel to get to KringleCon, and press “GO”, then you will magically get there in one go.

Medium

In this mode you can use the Browser Development Tools to modify the hidden parameter for distance before pressing GO.

From

<div id="statusContainer">
    <input type="hidden" name="difficulty" class="difficulty" value="1">
    <input type="hidden" name="money" class="difficulty" value="3000">
    <input type="hidden" name="distance" class="distance" value="0">
    <input type="hidden" name="curmonth" class="difficulty" value="8">

To

<div id="statusContainer">
    <input type="hidden" name="difficulty" class="difficulty" value="1">
    <input type="hidden" name="money" class="difficulty" value="3000">
    <input type="hidden" name="distance" class="distance" value="8000">
    <input type="hidden" name="curmonth" class="difficulty" value="8">

Hard

This mode adds a hidden parameter called 'hash', which contains an MD5 hash of something.

After some testing of parameters and reversing of hashes, I determined that the value of what was being hashed was calculated as follows:

1625 + distance + curday - (100 - food)

I am sure that there is a combination of parameters that makes up 1625, but I did not spend too much time looking at this.

This lets me calculate a hash for 8000:

1625 + 8000 + 1 - (100 - 100) = 9626

MD5 of 9626: 649d45bf179296e31731adfd4df25588

Now I can modify both the distance and the hash parameter, press GO, and get to KringleCon in next to no time.