About - The Omnis Challenge

The Omnis Challenge
A Bloodhunt ARG created by Leon San José Larsson and Tobias Solem at Sharkmob.

Summary

The Omnis Challenge was an ARG for the game Bloodhunt. It ran from Thursday, April 27th to Monday, May 1st 2023. The ARG is now over and winners have been contacted to receive their rewards, but the website is still available in case you want to test your skills. Below you can also see details on the steps required to solve all the stages, in addition to the total attempts on that stage, as well as a timer showing the amount of time the community spent solving it.

On behalf of Sharkmob, I thank you all for participating in this event. It was extremely fun to build and especially fun seeing the community come together to solve some pretty difficult tasks. In total, we had 27,361 attempts in stages 1-10 from users in 50 different countries.

The prizes were:

1st: Omnis statue, Xtrfy Bloodhunt keyboard, Gamer Advantage glasses, 3,000 tokens
2nd: Xtrfy Bloodhunt keyboard, Gamer Advantage glasses, 1,000 tokens
3rd: Xtrfy Bloodhunt keyboard, Gamer Advantage glasses, 500 tokens
4th: Xtrfy Bloodhunt keyboard, Gamer Advantage glasses, 300 tokens
5th: Xtrfy Bloodhunt keyboard, Gamer Advantage glasses, 300 tokens

Additionally, and to celebrate the community's efforts, everyone can redeem a special Avatar & Banner using the code OMNISCHALLENGE23 here.

Stages
Stage 0:
45 minutes spent solving

At 5PM CEST, April 27th, a Tweet and an article on Bloodhunt.com are published announcing The Omnis Challenge
The article includes a ZIP file accompanied with an image of Omnis in Bloodhunt's Prague
The task is to figure out the street name that Omnis is standing on and use that as the ZIP file password
After some map-searching, the conclusion is that Omnis is standing on the street zelezna, which is the correct password
Inside the ZIP file are 2 files, qr_code.jpg and SHA.jpg
The QR code text is gssor://aknncgtms.bnl/nlmhr. Decrypted with a 1 shift Caesar cipher it says https://www.bloodhunt.com/omnis
Going to this page, or to https:/omnis.pages.dev will lead to stage 1 of The Omnis Challenge

Stage 1:
2,735 total attempts with 962 correct // 40 minutes spent solving // 498 people made attempts

The title is Enter your answer with style
A clue is located inside the CSS file (stylesheet)
The clue is a HEX string, 56 4F 56 4C 4F 4C 54 4F 54 41 56 4F 56 41 20 52 4F 52 49 56 4F 56 45 52 4F 52
When converted to ASCII, will present VOVLOLTOTAVOVA RORIVOVEROR.
Using Swedish Rövarspråk, this can be translated to Vltava River, which is the correct answer

Stage 2:
1,230 total attempts with 924 correct // 4 minutes spent solving // 434 people made attempts

The clue is in the title, ISam17.51
ISam17.51 can be found on a wall in the Garage, where using Heightened Senses will reveal the text Shielded by faith
If you type in shielded by faith, they will get another clue, Philistine is something else.
The correct answer is Goliath which is connected to the reference above

Stage 3:
9,755 total attempts with 963 correct // 16 hours, 15 minutes spent solving // 463 people made attempts

The clue is in the title §1 Omnis Chambers
The first paragraph of text on a wall in the Omnis Chambers in Elysium reads co mtpv ti deimg zdk n znhy dntc ykimzf wx ypb pvfivux ezvhzh dcost tdhiwm dqy ezh jxwe 5 rzteh.
This is an Enigma cipher, that when solved with various clues around the Prague map, the final answer becomes my name is edvin and i have been living in the massive bunker under prague for the last 5 years.

Stage 4:
582 total attempts with 428 correct // 1 minute spent solving // 275 people made attempts

The title is a poem/riddle
The answer is an echo, or just echo

Stage 5:
1,196 total attempts with 340 correct // 1 hour, 15 minutes spent solving // 269 people made attempts

The title is Sky. Chambers. RF - Secrecy needed. ROT13 answer wanted.
Sky meaning the page title, Chambers meaning the Omnis chambers, and RF meaning the Rail fence cipher
The document title is a ciphertext sTiDOpnADnmSegoHuHhlSacAnHLdSSsAhDDsAraSetHhsytHooSunADaLAHSS
When decoded with Rail fence using the positions of 2 letters in Omnis Chambers (T -> 20 = key, S -> 19 = offset). The text revealed is the path to a dark image
Manipulating the brightness on this image will give you the chance to spot sets of letters scattered across the image
When these letters are combined correctly, they read F.W. Murnau, the initials of a movie director
One of the movies of said director is Nosferatu
Entering the name and release year of the movie in ROT13, Abfsrengh (1922) will lead to stage 6

Stage 6:
2,796 total attempts with 220 correct // 16 hours, 45 minutes spent solving // 278 people made attempts

The title is Search. Listen. Report. - 🔑 Bring back an encrypted message 🔑
In the HTML, you will find 2 encoded HEX strings. Each one will lead to an audio file (deception.mp3, unrelated.mp3)
The first audio file is a reversed clip of Omnis talking in German about deception and quoting The Art of War
The second audio file is a reversed clip from a documentary about The Ministry for State Security, aka Stasi
Encoding the German name of the book, die kunst des krieges with Vigenère using the key stasi will result in vbe ccflt vmk dramyxs, which is the correct answer

Stage 7:
344 total attempts with 231 correct // 7 minutes spent solving // 189 people made attempts

The title is Gallow's Hill I. Who commanded the forces?
This is the name of a Bloodhunt quest, which has a riddle about a Swede who sacked Prague
The general referenced is Hans Christoph von Königsmarck, and 3 variants of that name are the correct answers: Hans Christoph von Königsmarck, Hans Christoff von Königsmarck, and Hans Christoff Königsmarck

Stage 8:
4,239 total attempts with 381 correct // 12 hours, 15 minutes spent solving // 266 people made attempts

The title is /stash/znrtsgburmvhgivvgrmkiztfv.png.
Using alphabet substitution (Atbash), this becomes /stash/amightyfinestreetinprague.png
Going to that image, you can see an image of a street in Bloodhunt's Prague
On this street is a bar named Bétlémská. If you enter this, you get back ⬆ wxsaht oonwxscs nhlwhloly
If you look up to the document title, it says Fancy a drink?
Taking the previous response through a Beaufort cipher with the key yesplease gives you chapel merchant rthirteen
The same street also features a chapel called Betlémská kaple. This was founded in Prague in 1391 by Wenceslas Kříž (known as the Merchant)
And the correct answer is Wenceslas Kriz or Wenceslas Kříž in ROT13, so jraprfynf xevm or jraprfynf xříž

Stage 9:
1,091 total attempts with 148 correct // 5 hours, 20 minutes spent solving // 147 people made attempts

The title is Never forget your past. in Czech
Most text on the page appears scrambled
The input placeholder reads nk-BFRT-geiKSEXpyvRRIGqfarfkrOAVLdxjgLGYlam
Decrypting this with Beafort (-BFRT- hint is in cipher and needs to be removed) using the key youranswer (placeholder was previously Your answer) gives you leonsDASHcatDASHcreatedDASHthisDOTpng
You might guess /stash/leons-cat-created-this.png, but this is in a different stash 😉
The submit button instead says KFBEPllutt-wffct-qvvjsqfmw
Decrypting this with Vigenère using the key submit gives you SLASHstash-omnis-encrypted
Combining these, you get /stash-omnis-encrypted/leons-cat-created-this.png, which leads you to an image containing Base64 text for another image
In the final image, it says S:t Giles if flipped and rotated (or looked at through a mirror)
This refers to the real church Bloodhunt’s Burning Church is based on
The answer is Burning Church, but in Czech: Hořící kostel

Stage 10:
3,393 total attempts with 72 correct // 19 hours, 20 minutes spent solving // 177 people made attempts

The final input stage
The title is Final Hurdle 100BC - mnlygwa gvby hnjm dpah "tjuov"
100BC is Caesar's birth year, which is the cipher to solve the title
If the last part of the title is decoded with a Caesar cipher using a shift of 7 (number of characters underlined), and with an alphabet where F and H are removed, you get decrypt your head with "mango"
"head" refers to the headers of the API response
A header in the check response called omnis-communication will include Key + 19.8.1 === k_vbfrt || glnmtorxpfskzngchzrohagedcwphaidvipkrjm3 (19.8.1 = S.H.A)
Decoding this using Variant Beaufort (vbfrt) with the key mangoecddcabbfbaebbebfcaabedaa (key from title + stage 0 QR Code SHA minus numbers) gives you slashstashslashclassifieddashaudiodotmp3
This leads to /stash/classified-audio.mp3, which includes Morse for: Omnis encountered a video of Vera being burnt to ashes, most likely by an Entity Hunter, before she could advance to the Graveyard. At least these clues did not end up in the hands of the Entity. But the circumstances surrounding Vera's destruction calls for further investigation.
This is a quote from a Bloodhunt quest
If you enter vera or decay, you get gnp.TKFNWYF638/2hsats/
If you reverse that, you get an image of an in-game avatar
In this image is also a 13, meaning ROT13
Entering the name of the avatar and god in ROT13, wnahf (Janus), you will have entered the correct answer
You are then given vfgxk://taeuk.uxr/lvalsHMuW2W8uJMC8
When this is decoded with Vigenère using the key omnis, a Google Forms link is revealed, https://forms.gle/ddmzfZUgK2J8mRYQ8
That’s where the ARG continues and ends

Stage 11:
70 submissions received

The Google Form included several encrypted questions
To win, you needed to decrypt the questions, answer them, and send them back encrypted
Question 1: What is the reason as to why Omnis is refered to as they? Omnis is not only a single individual, but also a collective combined with they/them pronouns
Question 2: What is Omnis' favorite type of food? Rats (accepted variants in substitute: animal blood) (and if with great (other) answers: vitae/blood)
Question 3: Upon searching for a missing agent in Prague, Omnis sent you to Rudolfinum. Nearby the clue you could see a poster, what letters are featured on this poster? Parsifal (variants like Parsital accepted)
Question 4: Consider a scenario where a malicious actor has exploited a vulnerability in a web application to gain access to its backend database. They now have access to sensitive user data, including usernames, passwords, and personal information. What are some steps that can be taken to mitigate the damage caused by such a breach? While mitigating the damage from such an attack is quite a hassle, it involves temporarily disabling the application (and network), and shutting down the service, to then do a full investigation into how the perpetrators gained access and then resolving the issue. Then, upon going live making sure to immediately force all the users for that web application to update their passwords. Additionally, enforcing some kind of 2FA-solution is recommended. (There are several more correct answers for this one)

Thanks for playing!