[COLOR=’#191919’]My God! The pizza is full of stars!
Wait… you guys still haven’t solved this? 
I’ve solved it, I’m just waiting for everyone else to catch up 
EDIT:
I think it’s also quite possible the keyword will be related to the seven deadly sins, seeing as how we have the circles of hell, where sins are punished, as well as how Horn keeps alluding to how Dr. Stone stole his pizzas.
I think the ARG took up 35% of the development time of black mesa. 
This was probably way easier and quicker to set up than it is to solve.
I couldn’t catch up this ARG since the last 5 or 6 pages.
There is a solution or not? If false, there is something more on the desk?
No, the ARG has yet to be solved, and we are still stuck on the 752 hex code that you can find on the Wiki page.
Something that I recently discovered–there is a forbidden “terminal.bmrf.us” page much like the standard site. Perhaps there are others?
Up until recently, the best theory we had about the hex code, in my opinion, was that it is a text message encrypted with a symmetric block cipher, most likely a 64-bit block cipher, like Triple DES (3DES), CAST-128, Blowfish, IDEA, etc. However, I don’t know if this theory still stands after stormseeker’s recent posts here. It seems like he is saying that solving this has nothing to do with encryption, yet it may involve encryption, or maybe not. In any case, he seems to be implying that at least something of what has been discussed here since Nov-Dec 2012 might be the right idea.
If we’re still looking at encryption, we need to figure out something that can form what is most likely 16 or 24 bytes of data that can be used as the key for the encryption algorithm. Whether the key is based on a password or on something else, is still up in the air. There seems to be no clues, that we are aware of yet, that point to a specific tool to be used for decoding the message.
However, there are still a lot of unanswered questions about various things found in the clues. For instance:
In the Tempus clue, the HALOS system seems to be attempting (but fails) to triangulate the location or source of the transmission that carried the message we received in IRC Clue 1. Is this a hint for us to try and figure out the source of the transmission? Is there something we’ve missed about the location clues, considering that the HAFB location was mentioned again? Or does the word triangulation mean something?
What is “ComLabs Test Initiative”, and is it in any way related to the “Test Pattern” mentioned in the HALOS file?
Recently, I was rereading the Wikipedia article about that verse from Dante’s Inferno, and I got another idea: What if that verse has more to do with the character Nimrod, who spoke that verse, and the biblical story of the Tower of Babel, than the Ninth Circle of Hell which was where that verse was spoken?
It’s tempting to make the connection and seeing the similarities between Nimrod building the Tower of Babel, JD Marcel building the Technopolis Tower in the TV show Bugs, and Dr. Horn building HALOS.
I performed a port scan on bmrf.us, and I got this back:
bmrf.us isn't responding on port 21 (ftp).
bmrf.us isn't responding on port 23 (telnet).
bmrf.us is responding on port 25 (smtp).
bmrf.us is responding on port 80 (http).
bmrf.us isn't responding on port 110 (pop3).
bmrf.us isn't responding on port 139 (netbios-ssn).
bmrf.us isn't responding on port 445 (microsoft-ds).
bmrf.us isn't responding on port 1433 (ms-sql-s).
bmrf.us isn't responding on port 1521 (ncube-lm).
bmrf.us isn't responding on port 1723 (pptp).
bmrf.us is responding on port 3306 (mysql).
bmrf.us isn't responding on port 3389 (ms-wbt-server).
bmrf.us isn't responding on port 5900 ().
bmrf.us isn't responding on port 8080 (webcache).
I’m no website expert, so I don’t know what this means, if anything. Apparently, smtp equates to internet mail, and mySQL is a database thingamabob.
Looks normal, except that now there is no SSH server listening on port 22 or 37, like there was before.
Or a cascade: AES-Twofish-Serpent
That text in the top right corner looks like it says: “eg AES | 2F | SP”
I’m not sure how RSA (public key) figures into the symmetric encryption methods.
I looked into any software that does AES-Twofish-Serpent encryption, and really the only result I get is for TrueCrypt. But that seems to be a deadend because it only disk encryption and not single file encryption.
I get different results. SSH is still open.
$ nmap -sV bmrf.us
Starting Nmap 5.21 ( https://nmap.org ) at 2013-09-26 20:52 MDT
Nmap scan report for bmrf.us (64.15.147.56)
Host is up (1.3s latency).
rDNS record for 64.15.147.56: gman.blackmesasource.com
Not shown: 988 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
25/tcp filtered smtp
37/tcp open ssh OpenSSH 5.3 (protocol 2.0)
80/tcp open http nginx
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
179/tcp filtered bgp
445/tcp filtered microsoft-ds
465/tcp open smtps?
514/tcp filtered shell
587/tcp open smtp Exim smtpd 4.72
3306/tcp open mysql MySQL (unauthorized)Yeah, apparently my brain wasn’t working properly when I came to that conclusion. When I was looking at MadDoctor’s scan result, I must have been focusing exclusively on the lines that said “is responding on port …”. Apparently, the port scanner he used didn’t include ports 22 and 37 in the scan, or they would have been listed as “isn’t responding”, if they were blocked.
Those ciphers have 128-bit block size. Unfortunately, the length of the raw HALOS code isn’t an exact multiple of 128 bits, but it is possible that these ciphers could have been used in a stream cipher mode, which means the length of the ciphertext would match the length of the plaintext. Another possibility could be that there is some additional data attached to the encrypted data, like a header or something.
RSA can be used in a hybrid encryption scheme where RSA is used to encrypt the symmetric key used with a symmetric cipher. The RSA encrypted key may then be stored/sent along with the encrypted data that was encrypted with the symmetric cipher.
I can’t say for sure without looking into it, but if such a scheme was used to produce the 752 hex code, and the RSA key was 1024 bits as indicated on the whiteboard, I would guess that the RSA encrypted symmetric key would probably fill up most of the code.
One thing I tried was to convert the Hex data into digits, and I received a bunch of one, two and three digit numbers. None of them goes above 250. I’m wondering if these are what we’re meant to discover, and perhaps it’s something related to the niobium; element numbers, for instance. I’m not saying this is what it is, as I’ve already tried that, but it may be something related to Niobium . . . .
EDIT: In fact, after running the resulting numbers through a few cipher detection programs, it’s coming out with a startlingly high correlation for the following ciphers:
Tridigital
Monome Dinome
Morbit
Grandpre
Here is a link to the resulting numbers I got, and the steps i took, in case you don’t want to convert them yourselves: Latest Attempt
Maybe this will lead to something, and maybe not, but it’s a new idea and hopefully it’ll lead to something worthwhile 
Does anyone have a decent tool for decrypting Tridigital? My CryptoCrack software is having issues with it for some reason.
You’re parsing the data as an array of unsigned 8-bit integers.
4-bit(1 hex char): 0 to 15 unsigned, -8 to 7 signed
8-bit (2 hex chars): 0 to 255 unsigned, -128 to 127 signed
16-bit (4 hex chars): 0 to 65,535 unsigned, -32,768 to 32,767 signed
32-bit (8 hex chars): 0 to 4,294,967,295 unsigned, -2,147,483,648 to 2,147,483,647 signed
And now you’re just looking at a base10 representation of the data, there’s nothing new here.
I’m not sure how you’re importing the data, but I tried opening halos.raw.txt with this app and it appears to be converting it to ASCII and ignoring anything thats not A-Z0-9.
It sounds like you may have just pasted a base10, space delimited, version of the data into this thing. I doubt it’s able to understand what the input is, since it looks like it’s just checking against possible character substitution ciphers, and you’re only giving it numbers.
Okay, after a quick review of hexadecimal, I see what you’re saying. Converting the hexadecimal into its decimal form really only converted some of the letters into numbers, thereby adding digits to the original hex characters. Well, there goes another theory out the window 
Worth a shot, and it’s all about the fun, right?
Hexadecimal is a numeral system where each digit can be one of 16 symbols. This is also called a base 16 numeral system. The symbols 0-9 represent values 0-9, and A-F represent values 10-15.
A string of hex digits can be interpreted in a number of different ways, but the most common way is to interpret it as a hexadecimal representation of a block of data, where the smallest storage unit is a byte (8 bits). Exactly two hex digits represent a byte and can be a value from 00 to FF, which in decimal is a number from 0 to 255.
However, we can also interpret it as a large base 16 number. In the case of the HALOS hex code, it’s a HUGE number. In order to convert it to a decimal number, we can split the hex into individual digits and multiply the decimal representation of each digit with 16^p (16 raised to the power of p), where p is the position of a given digit, starting from 0 and counting from right to left. The decimal number is then the sum of all the products.
Thus we get:
1116^751 + 316^750 + 216^749 + … + 1316^0 = INSERT BIG NUMBER HERE
If we already have the data as a string of bytes, we can calculate the number by treating the data as a base 256 number:
179256^375 + 43256^374 + 0256^373 + … + 93256^0 = INSERT BIG NUMBER HERE
Note that here I’ve assumed that the leftmost digit is the most significant digit, ie. representing the largest part of the number. In some cases, it could be the other way around.
EDIT:
For those interested, I’ve calculated the decimal (base 10) representation of the hex code as described above:
22041815885340277678320555729365859977500681405545741164031959296047784108963921615509912884443119337319616850388875491838314007677423775092558571493458884809518134128591782295003504793533643300299319...I can’t see how this representation of the code could be useful, though. Feeding it into a tool designed to work with classical ciphers will probably get you nowhere. However, knowing how to correctly convert the hex code to large numbers could be useful if we if need to look into public key cryptosystems like Benaloh and Paillier. But I would be surprised if this puzzle actually turns out to involve something as complicated as Benaloh/Paillier encryption.
I was snooping around on encryption places, and I saw that the Serpent algorithm takes a 16 bit initialization vector. Now, the code is 752 bits, and 752 + 16 gives us 768, which is a multiple of 128, Serpent’s block size. I don’t know what this means, if anything, and Storm said that encryption may or may not be involved, but it’s a coincidence at the very least.
The code is 3008 bits, or 376 bytes. It is presented in it’s hexadecimal form as 752 characters.
On a somewhat related note, it was mentioned earlier that data encrypted with a salt in OpenSSL prepends the 8 byte string “Salted__” to the beginning of the encrypted data. If this string is prepended to the halos data the total length of the file is 384 bytes, or 3072 bits. 3072 is divisible by 128, and is a more recognizable number to CS folks.
I tried modifying the data to add “Salted__”, removed -nosalt from my script, and then tried all the passwords (list a couple pages back) again. Still didn’t get anything interesting out of it.
Maybe we could try converting the first bit to make Salted_, and use that to decode the rest of it? By bit I mean first little part, not 1/8th of a byte bit. Actually, that might make sense. Maybe it’s encoded ASCII, but with some kind of nonstandard substitution cipher.