Level 0

Below is the in-game tutorial text in its entirety (copyright Exosyphen Studios of course):
The first level in the game is a simple tutorial, in which you will get to learn all aspects of the game. You
can also follow the instructions you receive in the game. As soon as you start the level, you receive a
message. The message instructs you to crack the following server: desk-11.corporate.com. Type the
following command in the console to crack the server:
crack desk-11.corporate.com
Wait for the crack to finish. After this, the first level objective is completed. You can press F2 to see the
level objectives and their status.
Next, we should connect to desk-11.corporate.com and look for a hint for the next server. Our second
objective is to hack into the main corporate server. Type the following command to connect to desk11.corporate.com:
connect desk-11.corporate.com
Next, type:
ls
to view what files are available on the server. There is one file available, called: access.log. To display its
contents, type:
cat access.log
You will notice a hint to: desk-25.corporate.com. The host it not visible on the target map. To reveal it, use
thescan command:
scan desk-25.corporate.com
Next, type:
logout
to disconnect from desk-11.corporate.com.
Now, it's time to hack desk-25.corporate.com. The server has an encryption key which must be decrypted
first. To do this, type:
decrypt desk-25.corporate.com
Wait for the decrypt process to finish. Next, you will have to hack the service running on port 25 on desk25.corporate.com. To do this, type:

crack desk-25.corporate.com 25
and wait for the crack to finish. Next, we have to connect to desk-25.corporate.com and read the
instructions in the file that is present on the server. To do this, type:
connect desk-25.corporate.com 25
cat instructions.txt
logout
Note: You can scroll the console window contents with the mouse, or using the PgUp/PgDn keys.
Now, you have to follow the instructions in the file, to hack into main.corporate.com. First, you have to
reveal the server on the target map. To do this, type:
scan main.corporate.com
You will notice that it has a 256 bits encryption key. You have to setup a bounced link to avoid being
traced when decrypting this encryption key. To do this, click on : desk-11.corporate.com and desk25.corporate.com. You will notice that they have been added to the bounced link. Now you can proceed to
decrypt the encryption key. Type:
decrypt main.corporate.com
Wait for the decrypt process to finish. Note: To learn more about bounced links, type: bouncehelp in the
console.
Next, you will have to hack the service running on port 99 on main.corporate.com. The password is 16
characters long, so you have to leave the bounced link in place to be able to do this. Type:
crack main.corporate.com 99
and wait for the crack to finish. After you are finished, remove the hosts from the bounced link, by clicking
on them. Note: Use the bounced links carefully, as you can only bounce 3 times through a hacked host.
Next, you will have to crack the service running on port 49. It uses an 18 character long password, so
even using a bounced link, you will still get traced. There is another way for this. Find the password. To do
this, connect tomain.corporate.com on port 99, and look inside the password.dat file:
connect main.corporate.com 99
cat password.dat
logout
The password is: mywordismypassword. Use the password to crack the service running on port 49:
login main.corporate.com mywordismypassword

The second level objective is now completed. (Press F2 to view your objectives). Notice that there is
some money available on main.corporate.com. To transfer it, connect to the server and transfer the
money in 2 chunks, to avoid being traced:
connect main.corporate.com 99
transfer 1000
transfer 500
logout
Wait for each transfer to finish, before starting the next one, and logout when you are done.
Next, you receive a new message with further instructions. Also, it's a good time to reduce your trace level
(you can see this in the system panel window). To do this, type:
killtrace
Don't use it more than once at this time, as you will need the money to finish the level. Each time you use
thekilltrace command, your IP address is changed, and you are charged $500 for this service. Note:
If your trace level reaches 100%, you lose the game and have to restart the level.
Let's read the new instructions. Type:
connect main.corporate.com 49
cat instructions2.txt
logout
Your next target is secure.corp.net. Use the scan command to reveal it on the map:
scan secure.corp.net
Use a bounced link to decrypt its encryption key. After you have setup a bounced link through 1 server,
type:
decrypt secure.corp.net
and wait for the decrypt process to finish. The service running on port 149 has a 64 character long
password, which you can't hack now. To hack this service, you must retrieve and use an exploit. To do
this, type:
connect main.corporate.com 49
download secure_control_149.exploit
logout
exec secure_control_149.exploit secure.corp.net
To complete your 3rd level objective, you have to retrieve and upload the virus file to secure.corp.net. To
do this, type:

connect main.corporate.com 49
download xvirus.bin
logout
connect secure.corp.net 149
upload xvirus.bin
logout
Wait for each command to finish, before typing the next one. Your 3rd level objective is now completed.
You will notice that your trace level has reached a pretty high value. You must reduce it in order to avoid
being traced and to complete your 4th level objective (reduce your trace level below 60%). To reduce your
trace level, you have to connect to each server you have hacked, and delete the logs, using
the deletelogs command. To do this, type:
connect desk-11.corporate.com
deletelogs
logout
connect desk-25.corporate.com 25
deletelogs
logout
connect main.corporate.com 99
deletelogs
logout
connect secure.corp.net 149
deletelogs
logout
Your trace level should be low enough now. To complete the last objective (and the level), you must obtain
$2000 in your account. Move the mouse over each server on the map, to see which one still has some
money on it.secure.corp.net has $1000 which you can transfer to complete the level. To do this, type:
connect secure.corp.net 149
transfer 1000
logout
You have now completed the level. The game allows you to continue exploring the level for another 10
minutes. You can use this time to locate hidden servers, money, delete logs, etc. Whenever you want to
advance to the next level, just type:
nextlevel

In addition to the above tutorial, note that there's also a hidden server by the
name secret.exosyphen.com. You want to at least scan for it so you can get the 500 end level bonus for

discovering all servers on the level. There's $500 on that server, but it's not worth the trouble considering
how much you'll jack up your trace level in order to get it.

Below is an alternative set of instructions - more compact and efficient, but lacking the educational
element:
scan desk-11.corporate.com
crack desk-11.corporate.com
connect desk-11.corporate.com
deletelogs
ls
cat access.log
Notice the entry for desk-25.corporate.com.
scan desk-25.corporate.com
logout
decrypt desk-25.corporate.com
crack desk-25.corporate.com 25
connect desk-25.corporate.com 25
deletelogs
ls
cat instructions.txt
logout
scan main.corporate.com
Add desk-11.corporate.com to the bounce link. Note the tutorial text erroneously calls for two hosts on the
bounce link, while a single one is sufficient.
decrypt main.corporate.com
crack main.corporate.com 99
Remove desk-11.corporate.com from the bounce link.
connect main.corporate.com 99
deletelogs
ls
cat password.dat
Now you know the password for the service on port 49: mywordismypassword
logout
login main.corporate.com mywordismypassword

Add desk-25.corporate.com to the bounce link. This allows us to transfer all $1500 in a single transaction.
connect main.corporate.com 49
transfer 1500
deletelogs
ls
download secure_control_149.exploit
download xvirus.bin
cat xvirus.bin
Note the virus source: secret.exosyphen.com
scan secret.exosyphen.com
cat instructions2.txt
logout
scan secure.corp.net
Make sure desk-25.corporate.com is still in your bounce link.
decrypt secure.corp.net
Remove desk-25.corporate.com from the bounce link.
exec secure_control_149.exploit secure.corp.net
connect secure.corp.net 149
ls
cat instructions3.txt
transfer 1000
deletelogs
upload xvirus.bin

Level 1
Before you start working on your objectives, notice where your instructions are coming from: root@xenticom.net. That's your clue as to a hidden server on the level:
scan xenti-com.net
Notice it has no encryption key and the FTP service running on port 25 requires no password. Let's have
a look:
connect xenti-com.net 25
ls
Aha, there's an exploit for remote access service running on port 999, which we could use to gain access
to the other service on this server!
download remote_access_999.exploit
logout
exec remote_access_999.exploit xenti-com.net
connect xenti-com.net 999
ls

It gets even more interesting! There's another exploit here - this one for port 49 - manual override. Let's
get it too and grab the money while here as well:
download manual_override_49.exploit
transfer 500
deletelogs
logout
Now that we've pilfered everything we could get our hands on from xenti-com.net, let's start with our
objectives.
Your first order of busness is to hack into the server of the Public Car Registration Service
(pcrs.citycom.net) and delete its database so your car can't be scanned:
scan pcrs.citycom.net
Wonderful! We could use the remote access exploit and save on the global trace hikeup:
exec remote_access_999.exploit pcrs.citycom.net
connect pcrs.citycom.net 999
ls
delete database-kernel
logout
Your first objective is now complete.
Now let's hack into the traffic signal:
scan ctrl-45.citycom.net
It gets better and better! Aren't you glad you hacked that hidden server? Let's use the manual override
exploit here:
exec manual_override_49.exploitctrl-45.citycom.net
connect ctrl-45.citycom.net 49
Pay attention to the welcome message. It mentions something about drill-rgn.
ls
Aha, there's that file.
cat drill-rgn
Well, we already knew about node.citycom.net, so nothing new here. Idle curiosity might come in handy
later though...
Let's get back to our objective. We need to delete the file controlling the red light:

delete control-red
The second objective is now complete.
Now for those who are curious why deleting the red control file would lock the light on red, let's examine
the light control script (you can skip this since it's not part of the solution):
cat light-controller
Aha, if the file doesn't exist, the light is set on that color and the script terminates. Interesting way of
coding... Still, myself being a professional programmer, I couldn't help but notice a bug in the script. Once
the traffic light script gets running, it'll no longer make those initial checks and instead it will loop through
the remaining files. So the real effect of deleting the red control file is the light will cycle between yellow
and green only. How did this bug ever slip through QA testing I wonder... Anyway, back to our objectives.
logout
Even though the third objective has been checked since the beginning of the level, we'll need money to
drop our trace level eventually, so it's a good idea to stock up. That's what the ATM at the corner is for,
right?
scan atm.central-bank.com
Pretty easy to hack (ignore the advice for using a bounced link - you don't need it) and it has $4000 for
our efforts. Now that we have three servers hacked, we can use them in a bounce link to get the entire
sum in a single transfer using our puny 1Mbps modem.
decrypt atm.central-bank.com
crack atm.central-bank.com 9999
Add 2 of the hacked servers to the bounce link, for example: xenti-com.net and pcrs.citycom.net.
connect atm.central-bank.com 9999
transfer 4000
deletelogs
logout
There's nothing interesting in the ATM software installation log, so we didn't bother with it.
Now that we have plenty of money, let's reduce our trace level a bit. Don't get too excited about achieving
your fourth objective since we are going to rack up more trace right away.
killtrace
killtrace
killtrace
killtrace

Now that our trace level is in the 30-s, let's concentrate on the guy's cell phone. First, let's see that cell
phone tower and what can we gather from there:
scan 2-45.gsm
This is a bit tougher than the previous servers. You need a bounced link for both decryption and cracking
the password on the remote monitor service (no handy exploits anymore...). Remove all hosts from the
bounce link and add atm.central-bank.com alone.
decrypt 2-45.gsm
crack 2-45.gsm
Remove atm.central-bank.com from the bounce link.
connect 2-45.gsm
deletelogs
ls
Before we proceed with the handsetpool file as directed, there's an interesting tidbit in the errors log file:
cat error.log
See, the camera connection was lost. That's the other hidden server on the level.
scan camera-35.citycom.net
We won't get anything out of hacking into the camera, but this gets us the 500 end level bonus for
discovering all servers and it only costs us 1% global trace level.
Now let's go back to the handestpool file:
cat handsetpool
Ok, time to use our logic. The instruction says to figure out the channel from the handsetpool file. We
know our stalker is sitting tight, so the only fixed/stable phone must be his. We need to look into channel 3
to find his cell phone address:
cat channel-3
Well, that was easy. His phone's address is channel-3.2-45.gsm.
scan channel-3.2-45.gsm
logout
This one is even tougher to crack. We'll need 2 hosts in the bounce link to decrypt it and to crack each of
its 2 services. We do want to crack them both so we can tap the $1500 within.
Add 2-45.gsm and xenti-com.net to the bounce link.

decrypt channel-3.2-45.gsm
crack channel-3.2-45.gsm 98
Notice xenti-com.net dropped from the bounce link. The game actually has a bug and says we are using a
single host in the bounce link, but that's wrong. We use both hosts in the bounce link, but xenti-com.net's
bounce count dropped to zero and it's no longer useable. Add atm.central-bank.com to the bounce link to
make it two servers again after the previous crack finishes.
crack channel-3.2-45.gsm 99
Now we see another game bug in addition to the one we saw above. The link is reported with a single
host and as I mentioned above this is wrong. However, both hosts had a single bounce count remaining
and only 2-45.gsmdropped to zero, while atm.central-bank.com remained at bounce count of 1 (it should
have dropped to zero as well). You can leave it in the bounce link or replace it with another server if you
want. At any rate, you need one server in the bounce link before you proceed so you can transfer all
$1500 in one go.
connect channel-3.2-45.gsm 98
transfer 1500
deletelogs
Phew, we shed whopping 19% of trace level! Let's get back to hacking.
ls
download call.log
logout
Remove the only server from the bounce link (if any).
connect xenti-com.net 25
upload call.log
logout
Now all but objective 4 are completed. Type killtrace as many times as needed to drop your trace
level below 50% and you are done. I ended with 45% trace level and $5500. Note that it's not worth
pursuing upgrades just yet since you have only $3500 of disposable money and the upgrades you are
after are at $4000.

Level 2
Let's start by looking at the xenti-com.net server which is openly visible and accessible this time:
scan xenti-com.net
connect xenti-com.net 21
ls

Well, there's a cell phone trojan we'll need later on, but no handy exploits this time so we'll have to rely on
regular cracking. This does mean we'll need quite a bit of dough to cover our tracks...
download cell-trojan.app
logout
Now let's have a look at the cell tower:
scan 45-2011.tower.gsm
Well, it's a good thing we have the open xenti-com.net server, since we need it for hacking into the cell
tower. Add it to the bounce link.
decrypt 45-2011.tower.gsm
Now remove xenti-com.net from the bounce link.
crack 45-2011.tower.gsm 139
connect 45-2011.tower.gsm 139
deletelogs
killtrace
ls
cat handset.pool
There's a single stable/fixed channel - channel 6. Let's investigate:
scan channel-6.45.gsm
logout
We got a hold of the assailant's cell phone. Time to hack it. Add 45-2011.tower.gsm to the bounce link.
decrypt channel-6.45.gsm
crack channel-6.45.gsm 299
Remove 45-2011.tower.gsm from the bounce link.
connnect channel-6.45.gsm 299
deletelogs
killtrace
ls
cat sync.log
Notice the guy is periodically sync-ing his cell phone with his computer. Naturally we need the last IP
address.
scan 243.143.35.99

We'll need two hosts in the bounce link for this one. Add channel-6.45.gsm and xenti-com.net to the
bounce link.
decrypt 243.143.35.99
crack 243.143.35.99 21
Notice xenti-com.net dropped from the bounce link. Remove channel-6.45.gsm from the bounce link as
well.
connect channel-6.45.gsm 21
deletelogs
killtrace
ls
In order to wipe out his computer, we need to delete his C drive:
delete drive-c.encrypted
logout
Your second objective is now complete. The instructions call for finding the guy's cell phone again and
upload a trojan. We already got the trojan from xenti-com.net, so let's concentrate on locating the cell
phone again. We need to see where did channel 6 get transferred to in the GSM tower.
connect 45-2011.tower.gsm 139
ls
cat switchover
According to the log, channel 6 got transferred to channel 2 in the same tower. Weird...
scan channel-2.99.gsm
Before we get out of here, let's try all the other cell phones, we might find a hidden server... Yes! channel
9 has somebody in range!
scan channel-9.45.gsm
Notice there's some money on it too, so it's worth hacking. For now we have sufficient money, so let's get
back to our objective. Add channel-6.45.gsm to the bounce link
decrypt channel-2.99.gsm
With that host spent we need another host to bounce through for cracking the password. Add 452011.tower.gsmto the bounce link. It'll be spent after this as well.
crack channel-2.99.gsm 299
connect channel-2.99.gsm 299
deletelogs

killtrace
upload cell-trojan.app
Our 3rd objective is now complete. While here, let's start working on the 4th objective as well.
ls
download gps.log
Notice there's yet another file that didn't exist before. Let's investigate.
cat wireless.log
Aha, the guy was snooping for wireless networks... He managed to find a wireless cafe, so let's
investigate:
scan wireless.cafe.com
Nice - more money.
logout
Now we need to find that military satellite. The only unexplored lead we have is that guy's computer and
the second service running on it. However, we are in a bit of quandary. We need 2 hosts in the bounce
link in order to crack the password and we only have the guy's new cell phone address to bounce
through. Time to explore the side servers we found about (and get the money while at it too).
decrypt channel-9.45.gsm
Add channel-2.99.gsm to the bounce link.
crack channel-9.45.gsm 9999
connect channel-9.45.gsm 9999
transfer 1500
deletelogs
killtrace
logout
Remove channel-2.99.gsm from the bounce link.
decrypt wireless.cafe.com
Add channel-9.45.gsm to the bounce link.
crack wireless.cafe.com 200
connect wireless.cafe.com 200
transfer 1500
deletelogs

killtrace
logout
Add wireless.cafe.com to the bounce link too.
crack 243.143.35.99 99
Notice channel-9.45.gsm is now spent for bouncing. Remove wireless.cafe.com from the bounce link as
well.
connect 243.143.35.99 99
deletelogs
ls
Nice, let's get that exploit and look through the other files.
download targetlock_999.exploit
cat control.h
There was nothing in the source file, but the header has a surprise - the address of the military satellite.
scan link-245.satellite.military
logout
Add 243.143.35.99 and wireless.cafe.com to the bounce link.
decrypt link-245.satellite.military
crack link-245.satellite.military 888
wireless.cafe.com is now spent, but we no longer need bouncing. Remove 243.143.35.99 from the
bounce link as well.
exec targetlock_999.exploit link-245.satellite.military
connect link-245.satellite.military 999
deletelogs
upload gps.log
logout
The guy is now history. We are almost done here. Note we need to free up some space for the
identification file before we download it.
delete cell-trojan.app
connect link-245.satellite.military 888
download id.file
That finishes the fourth objective. We should have enough money at this point for the last objective, and
as for the trace level - execute killtrace if necessary to drop below 80 - you should already be below
80 if following the guide step by step. I ended the level with 78% trace level and $5500.

Level 3
This level is solved while dancing on a tight rope balancing your money and trace level. Any step astray
and you lose trace points, which means money. This level you also get your first upgrade - an 8mbps
modem.
I started this level with $5500 and 78% global trace level.
For starters, ignore the advice to use your old password. It won't work and will unnecessarily add 1% to
your trace level. Look around instead:
scan access.xenti-corp.com
Notice the service on port 1024 has the LAN router address on it. Let's investigate:
scan lan-router.xenti-corp.com
About this time you should receive an email from your security department. Note the server it's sent from:
scan sec.xenti-corp.net
Finally a server we can hack into. Interstingly, the security department has the weakest level of security...
But first, we need to drop our trace level a bit.
killtrace
killtrace
killtrace
decrypt sec.xenti-corp.net
crack sec.xenti-corp.net 992
crack sec.xenti-corp.net 999
connect sec.xenti-corp.net 999
deletelogs
ls
Nice - two exploits here.
download lan_status_8081.exploit
download secure_imap_993.exploit
logout

Let's use the exploits we just got to fully hack the security server and open one of the ports of the LAN
router:
exec secure_imap_993.exploit sec.xenti-corp.net
exec lan_status_8081.exploit lan-router.xenti-corp.com
killtrace
Now we can finally achieve our first objective:
crack access.xenti-corp.com 1024
Add sec.xenti-corp.net to the bounce link.
crack access.xenti-corp.com
Remove sec.xenti-corp.net from the bounce link.
connect access.xenti-corp.com
deletelogs
logout
killtrace
Now it's time to tackle the LAN router. Add both
the bounce link.

sec.xenti-corp.net and access.xenti-corp.com to

decrypt lan-router.xenti-corp.com
Remove sec.xenti-corp.net and access.xenti-corp.com from the bounce link. We already opened
port 8081, so we can finally connect to the LAN router. We can cover our tracks now since we won't need
to crack its other port.
connect lan-router.xenti-corp.com 8081
deletelogs
ls
We are told to look for John's computer and the logical place is the router's DHCP table:
cat dhcp-table
scan john-43.xenti-corp.com
logout
Right after we do this, we get a mail from an old acqaintance - Steve. Notice his challenge and take him
up on it.
scan mail.steve.server
killtrace
killtrace

decrypt mail.steve.server
exec secure_imap_993.exploit mail.steve.server
crack mail.steve.server 99
connect mail.steve.server 99
deletelogs
download documents2_61.exploit
logout
killtrace
Good old Steve saves us the trouble of cracking one of John's services.
exec documents2_61.exploit john-43.xenti-corp.com
connect john-43.xenti-corp.com 61
ls
Notice the credit card receipt there.
cat cc-receipt.pdf
Aha, we now have an ATM to replenish our money. Notice how we still haven't touched the money in
sec.xenti-corp.net. We'll do so after we upgrade our modem with money from the ATM.
logout
scan atm-12.fcsb.com
We'll need some bounce links to hack in there. However, before we do that we need to fully hack into
Steve's mail server, otherwise we'll be left with insufficient bounce links later on.
Add sec.xenti-corp.net and access.xenti-corp.com to the bounce link.
crack mail.steve.server 150

sec.xenti-corp.net has no more bounces left. Remove access.xenti-corp.com from the bounce
link.
connect mail.steve.server 150
deletelogs
killtrace
ls
cat dump.bin
Interesting. Steve's mail server was created from the image of another server and it has a stale core
dump pointing to the original server...
scan ground2.steve.server
logout

Time to tackle the ATM. If you've followed the instructions so far, you should have precisely $1000 at this
point.
Add mail.steve.server to the bounce link.
decrypt atm-12.fcsb.com
Add access.xenti-corp.com to the bounce link too.
crack atm-12.fcsb.com 999

access.xenti-corp.com has no more bounces left. Remove mail.steve.server from the bounce link
as well. We won't try to transfer more than $1000 from the ATM this time.
connect atm-12.fcsb.com 999
deletelogs
transfer 1000
transfer 1000
transfer 1000
Time for our first upgrade - level 3 modem! We can transfer the remaining money afterwards.
upgrade mdm3
transfer 2000
deletelogs
logout
connect sec.xenti-corp.net 993
transfer 2500
deletelogs
logout
killtrace
killtrace
killtrace
Time to get back to our mission. Steve was very helpful with that exploit, perhaps we can see if he has
another on his other server?
decrypt ground2.steve.server
Add atm-12.fcsb.com to the bounce link.
crack ground2.steve.server 21
Remove atm-12.fcsb.com from the bounce link.

connect ground2.steve.server 21
deletelogs
ls
Splendid - another exploit we can use on John's computer!
download documents1_60.exploit
logout
exec documents1_60.exploit john-43.xenti-corp.com
connect john-43.xenti-corp.com 60
ls
Here's the letter, but it requires all of our memory... Let's clean up first.
logout
delete documents1_60.exploit
delete documents2_61.exploit
delete lan_status_8081.exploit
delete secure_imap_993.exploit
connect john-43.xenti-corp.com 60
download letter-11012008.doc
logout
connect mail.steve.server 99
upload letter-11012008.doc
logout
Now all that remains is to hack that camera server and take care of our trace level. But first, where is the
camera server? Remember the AVI file you saw on the first service we cracked on John's computer? Let's
investigate.
connect john-43.xenti-corp.com 61
ls
cat cam.avi
logout
Aha, as expected, the AVI file contains the address of the camera that took it.
scan camsurv.xenti-com.net
The camera server has a password that requires 3 bounce links. Luckily, with John's computer now fully
hacked we have 3 hosts we can use for hacking.
Add john-43.xenti-corp.com to the bounce link.
decrypt camsurv.xenti-com.net
Add atm-12.fcsb.com and mail.steve.server to the bounce link as well.

crack camsurv.xenti-com.net 888

mail.steve.server has no more bounce bounces left. Remove the other servers from the bounce link
as well. We won't need more bounces anyway.
Now the only remaining objective is to bring our trace level below 50%. For starters let's cover our tracks
at the camera server:
connect camsurv.xenti-com.net 888
deletelogs
logout
Now simply execute killtrace enough times to bring your trace level below 50%. I ended up at 42%
trace level with $1000 in hand.