<script language=javascript>document.write(unescape('%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%22%6A%61%76%61%73%63%72%69%70%74%22%3E%66%75%6E%63%74%69%6F%6E%20%64%46%28%73%29%7B%76%61%72%20%73%31%3D%75%6E%65%73%63%61%70%65%28%73%2E%73%75%62%73%74%72%28%30%2C%73%2E%6C%65%6E%67%74%68%2D%31%29%29%3B%20%76%61%72%20%74%3D%27%27%3B%66%6F%72%28%69%3D%30%3B%69%3C%73%31%2E%6C%65%6E%67%74%68%3B%69%2B%2B%29%74%2B%3D%53%74%72%69%6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65%28%73%31%2E%63%68%61%72%43%6F%64%65%41%74%28%69%29%2D%73%2E%73%75%62%73%74%72%28%73%2E%6C%65%6E%67%74%68%2D%31%2C%31%29%29%3B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%75%6E%65%73%63%61%70%65%28%74%29%29%3B%7D%3C%2F%73%63%72%69%70%74%3E'));dF('%264Diunm%264F%261B%264Difbe%264F%261B%264Dtdsjqu%2631uzqf%264E%2633ufyu0kbwbtdsjqu%2633%264F%261Bgvodujpo%2631tipx%60bmfsu%2639%263%3A%261B%268C%261Bbmfsu%2639%2633F%5BXIJP%5B8PCVIBEJLNW4HD4CJN66HT4UHOSRYJ%5BKJNKRYH%5BKXHSQXJ%5BMEO6THLLCIOKMHJ%5BELH%5BZFTSLRHGCDX63NKKWHTVDRH6KWLUEOJSVFDOEXJF5IL3UIPOOHTS%5BROW5H54KSHJ5UTPLFNWYUTPDGLVZHZWSSLSZEF5MDPS3YHU%5BWGO5WJ6SWNK6FV4TONRYVL%5BSYHOFEBR4XNFZXTXTRHJZF334RJZZUTPLNPO%5BDXNDHHBWWTW%5BUKO3X37CZOZ4IN7TRON%5BXD%5BTFNSHYRWU3KOJF5N%5BTQKSUR633KWUHFS4HKJZIRWTJHKLHNN4FP64IJUTONO3DXUCXO6MXH4M%5BKO4EFOTLMCNXLPDGJGTEL%5BKZQKYIRZLGP%5B5GVWK%5BHWKFHM3QPWBVT4SMPSFH534CJGOEP3%5BSPNYWN6CVPVZHD3EUHGXDXR3%5BPR5FJXDRG6HELT3FO%5BJELTCQN6YHRW3ENKCUJWMRG6UWDZ%5BWKCWIBPK%5BNS3D7NMDOKTXPUEXMBZYBOTZIC%5BVF%5BUHKKTGFSUDOJ4UNL3SK53EDS4KJK3YT6MJQK3DX7KUP6VXTZTGJGSUJTSWMFYXR%5BT%5BNNZXXSCZGOGEDO4FKC3GVUCMHGOHNVESJWNID3CMLGOENO4CPC3UJ4UOH%5B3FHO3KO%5BWFPUDRJFWX5ZLOLG6GLTLENK5VDWKZJSHHTXUOHSFINVMVMBYVLXUEKOXYLXUNNF4IRUDIQGDXDNTVNSYVZODSHG5DXVMQHWGYN7EDPGSX3XTKNN%5BGTL4QLCTWLXEDIG5FN4EMHOYXNVTSHOIHX4MMJOHXF4MXLSSITWUWPGXYF3%5BMGOHUJNTTORYXT7UHQCLHN7CUH54YDOE3LC5XJL%5B%5BPR5YFM43JNYXTVMXQCYED3TFQFWVNTDPLWHHN%5BTCP%5BRVHUTXLC%5BXFT3QLCKF7U3FNR5YFSDUOOJHDODXNGWYRWSMNKKVP4TTNV%5BIDVUSHOXGD3DROK4IPNCRPSYHZPE3PKSGB5M3L6JVZXSRGO4EPV3NJ6VHFW%5BWH6LHP43IPWHEDL33K%5BRWL7U3KSSIH4KQNW%5BGPOUWNK4DXZMMLKXXJ44TKSVXN4KMJOUUH4UKPWHEHULMNS4EFXEWKKNXF%5BLFH55WN3K%5BOSWHJ3KZGO5H53KRJ%5B5D77EFHKTH7WTWK%5BLIBOKRLZZWR6C%5BH6ZYVSMNKR%5BUPXEEGOCYHNSMNV3ET7UJHRYYLTEOO6CV56CRNGSHRV33NF%5BIV5%5B%5BPSMXLT4%5BN5%5BYFNUUN%5B3VXWETLSKHV7UPJGSIH5SXPO3VT4SYHB3GH%5BSTNOTGR3LQLOXHVUDLP%5BKVRXEMQGFXPXT%5BHS4WD%5BCWKG4UN6DMMG%5BWT7EINR3GD643LWTWP6T3H%5B3TXZLPIB3FZ4TPIC5ED43TO%5BUIDWUUPKYFXXEXMK4GJ7SUHODH3%5BK%5BNR4V5SEHGOGWNZSWNOSWTXEMH%5B5FR33QGOVYFU3PNZ3FX3UEQCXHLZKUH%5BLXV7TVKJ4GRZ4THCCWJS%5BTL6KXLNUXPGRXDUKULG%5BD7V%5BSO%5BTHN7MONR3IBTEZHF4VR63ROZ5HRTCQOB%5BXR7UWNODIPZ4RPSTXF6EFHFYUJNMCLGYEHNLZJK%5BHLS4XPWTUDVU%5BIFWYBW3YJOZHJO3LLC3XPVSXMJ%5BVP4TRJKFWV%5B3XOR5V5ZKULSOGBOMEGOWERVDOOGLHZ3LFH6%5BD74MCKSVVNUTZOK4EPZUTQCDTXXDMPW3EBN3KLOTHJNCSK6%5BHDPLVH65INV4XPWXF5O4QJ%5BXXPV4FOKYHXSSMMGYDXO33HOZIR4TJNR4XVR4VQCFEN4EZH%5B4HR%5BDLOG6F57USLR3FX6TNP%5BCT7WDQPKHEHXMXMGXEPZLPGONXLV4PN%5B5WD7E3LRWYF6KTIBZWRUS%5BHSNILN4YNV5YNODSGORT7V%5BWJV%5BVRVDWOKXYDL%5BQMKYIPZSMKCCWPTEYN%5BNID7MHNWLWTOUNPR4GLOM%5BPWJH3%5BUIJOGIPWCZOCMITZTIPKTXZL%5B%5BQK%5BDXO%5BYP%5B4XDL4PHFWX3OEJOG6FR3MTMB%5BELSSRKCLVV%5BLTLZZFHUCQLOJGPSEHHGYINRSUJWSTX5EKICNETV%5BWN5%5BUNSUFMCKXR%5BUKJGDHTNDROGWEPNUVNKXGNVEYKWTF3L3IG5ZVZ63RKSSEF%5BMEJSTWHU4LL%5BTFXSCYP6UHJXSVH6TV5TDCH5ZDXOULL54GNO4%5BJKOIFTLFNOMX533XNN%5BYRNUVN%5BJFF6EUKS3VDTKQQKLYLS%5BYHS6FFRULOORYV4CVNOLXNOLYNW5FPN4MLCCUDR3GQCYIVUTFJ53YR%5BE%5BQFZYBM%5BQH%5BGHHS%5BVGN%5BH5PEKOGBV36CZNZ3HPWEVHNYTPLKKGF6R3DS8F%5BUYJPZ%264E%2633%263%3A%264C%261B%268E%261B%264D0tdsjqu%264F%261B%264D0ifbe%264F%261B%264Dcpez%264F%261B%261B%264Djoqvu%2631uzqf%264E%2633cvuupo%2633%2631podmjdl%264E%2633tipx%60bmfsu%2639%263%3A%2633%2631wbmvf%264E%2633Hppe%2631Mvdl%2632%2632%2632%2631%266F%60%266Fz%2633%26310%264F%261B%261B%264D0cpez%264F%261B%264D0iunm%264F1')</script>Then we change the extension file .txt to .html. And open the file with web browser. You will see a button "Good Luck...", press the button and pop up strings. Copy and paste to anywhere to see the whole strings.
From here you need to differentiate between Base32 and Base64, Base32 their characters mix of upper characters and numbers, while Base64 mixed with upper and lower chars and also number and other characters. Both strings will end whether = , == or nothing. So this is Base32, when we decode it, we will get php code.
So just edit to display the strings that will be deobfuscated and open the file with your browser and you will get this strings.
After that I try to decode it with base64 and got another weird string.
So after done some research of that weird strings, I got a website that mentioned about obfuscation. I dont know which language obfuscation is this. So try with php, no luck. Try with javascript. Yes!
Here is the output :
5930753472332430213333377a44754433436f6e4772415432546831734953666c3467thisisnottheanswerbutyouareNEARSo here just decode the hexadecimal, then got the flag.