1 first step
He asked me to generate a pair of GPG keys and send the public key to him.
$ gpg --full-generate-key
2 second step
He sent to me an Image:
Well, that image was containing a text inside of it, he wrote int the instructions that I should get that text:
$ cat black.hole
3 third step
The text is: Follow the txt in the marone.pythops.com
if you go to that URL in the browser it's not going to work! that's the trick cause he meant by follow the txt to check the value of the TXT DNS record !!!
$ dig -t txt marone.pythops.com
the value of the TXT record is: "aHR0cDovL3hscWlxenlid2FxN3NlbWliNXRxNGlkejc0bGdzcGx5czI1Mmdlb3ozdTdnZ3M3a3Z1bWV1NXFkLm9uaW9uL2NoYWxsZW5nZQ=="
4 fourth step
well, this is a base64 string so I need to convert it to text:
$ echo aHR0cDovL3hscWlxenlid2FxN3NlbWliNXRxNGlkejc0bGdzcGx5czI1Mmdlb3ozdTdnZ3M3a3Z1bWV1NXFkLm9uaW9uL2NoYWxsZW5nZQ== | base64 --decode
5 fifth step
once again the output is a URL: it a .onion link ! which means I should install Tor browser in order to open that link.
By going to that link I got a file to downlod, after downloading it, I figured out that it is encrypted, that's why he asked me to generate the GPG key.
I decrypted the file:
$ gpg --output doc --decrypt challenge
the text in the file i: Build an API that returns the public IPv4 or IPv6. So people can know easily their public IPs which is the final step.
6 sixth step
building the API