The Final Countdown | CyberStart Completion

Intern

Hello World Mixed Up Messages Social Engineering Lazy Locked Login The Rocketeer 610enC0de'd Password Traffic Jam Start-Up Troubles Hextraordinary Maths at Light Speed Off Balance The Final Countdown

Headquarters L1

Social Secret Broken Banks Happy Customers Race To Where Mixed Messages Executable Secret Saesar Hidden Report Bike Fan Horrible Hats Tower of Wheels Binary Bike Lock

Headquarters L2

Decryption Ring Binary Bike Lock Secret Pages Too Much Text More Broken Bicycles Broken Link Hard Hash Encrypted Message Fingerprints Useful Hack Under Attack User Who

Headquarters L3

A Secret Rendezvous Lucky Throw Chopper Check-in Confused Secret Source Corrupted Route into the Router Password Postulation Snake Charmer The Competitor Revealed Big Transfer Dante In Command?

Headquarters L4

A Helping Hand Arnold Chopper? Photobomb Upgrades? Paaa! A Dangerous Contact Maggie's File Bendikke Loves Axes Phishing For Flemming Lockdown Lost But Not Forgotten Bad Kitty

Headquarters L5

Perplexed by Pixels Word On The Street Shinji's Drone Out Of Sight Zapped File Found Shopping For Secrets Perplexed by Pixels Yakoo Cars T-Shirt Trivia Baffled By Browsers Dangerous Comment

Headquarters L6

Rezapped Truck Stop Meeting Momoko Lost Key Running Man Heroka's DB Hush Fund Junya Who? QR.gif Custom Plates Still Hiding Brute Strength

Headquarters L7

Dot Dot Dash Hidden Boats Docking Port Pedro's Password Quick Drop Miguel the Moneyman Developer Disaster Breaking Bottles Bash the Botnet All Zipped Up Secret Spreadsheet Password Pickle

Moon L1

Programming 101 Handy Variables Converting for Fun Maths in Code Super Strings

Moon L2

Flow with Conditionals Logical Let's Get Functional Hooray for Arrays Going Loopy

The Final Countdown

Briefing:

The main tourism website for Barcelona has been hacked. The hackers have devised a program that changes the content of the website based on a timer. You can imagine the confusion this has been causing the sites visitors! Can you figure out how we can get the secret code to stop this program from running?

It’ll be tricky - they appear to use a script to join multiple sets of content together and finally send the joined sets to somewhere else to validate.

Tip: The characters at the 5 URLs change quickly, but computers can be far quicker than humans, especially when getting data!

Hint:

With a little code you could probably get the contents from those 5 URLs as strings and join them together. With all the parts together, it’ll just be a case of sending to the final URL. Pay attention to the formats shown!

How to Solve:

Click on one of the links, or simply go to https://roambarcelona.com/

Run the following code a few times.

var logFetch = "";
fetch('https://roambarcelona.com/clock-pt1?verify=Na2Q%2BeqhSP5hTRLDwpTNoA%3D%3D').then(res => res.text()).then(dat => logFetch = logFetch + dat);
fetch('https://roambarcelona.com/clock-pt2?verify=Na2Q%2BeqhSP5hTRLDwpTNoA%3D%3D').then(res => res.text()).then(dat => logFetch = logFetch + dat);
fetch('https://roambarcelona.com/clock-pt3?verify=Na2Q%2BeqhSP5hTRLDwpTNoA%3D%3D').then(res => res.text()).then(dat => logFetch = logFetch + dat);
fetch('https://roambarcelona.com/clock-pt4?verify=Na2Q%2BeqhSP5hTRLDwpTNoA%3D%3D').then(res => res.text()).then(dat => logFetch = logFetch + dat);
fetch('https://roambarcelona.com/clock-pt5?verify=Na2Q%2BeqhSP5hTRLDwpTNoA%3D%3D').then(res => res.text()).then(dat => logFetch = logFetch + dat);
// A delay is needed to ensure each part has been fetched.
setTimeout(() => {
  fetch('https://roambarcelona.com/get-flag?verify=Na2Q%2BeqhSP5hTRLDwpTNoA%3D%3D&string=' + logFetch).then(res => res.text()).then(dat => console.log(dat))
}, 1000)

Don’t worry if something like Time till code change: 10 secs<br>Sorry, that's not correct is outputted, simply run the code again.

Answer:

wh1te_Ro$E

Improve this page