Hacker News new | past | comments | ask | show | jobs | submit login
Untrusted – a user JavaScript adventure game (alexnisnevich.github.io)
229 points by edejong on March 24, 2019 | hide | past | favorite | 46 comments

Hey, (one of the) developers here.

It's really exciting to see that there's still interest in this little game Greg and I made all those years ago!

I wrote up a postmortem on Untrusted back in 2014 that may be of interest if you'd like to learn more about how the game was created: http://alex.nisnevich.com/blog/2014/10/17/some_words_on_untr...

I'm happy to answer questions and help anyone's who's stuck and needs a hint, but it seems like the HN community has already been doing a good job of the latter :-)

I'm still experimenting with the fascinating intersection of code, games, and language. Here's the latest thing I'm working on in the area (albeit in a very different vein, and still very much a work-in-progress): http://app.wordbots.io/


P.S. I though I'd end with a shout-out to some super-cool games by other people that have been inspired by Untrusted: - INJECTION by TOASTEngineer: https://schilcote.itch.io/injection - Programmer Adventure (interface in Russian): https://programmeradventure.github.io/

Holy crap, I didn't know you knew about INJECTION. We've come full circle! How'd you find out about it?

I saw it posted on the now-defunct https://www.reddit.com/r/untrusted/ :-)

I figured out how to do "SQL Injection" types of attacks against a lot of the levels. I figured this all out without examining any source, BTW - this solution was made purely from in game information. For example, I would never have known about "_endOfStartLevelReached" if the game didn't complain about it being "not a function"

For example, this was my Level 12 solution:


You are supposed to program a robot to traverse a maze, but instead I just ended the robot's function so I could get access to the main scope and do whatever I want:


    map.placeObject(map.getWidth() - 2, 20, 'greenKey');
    map.placeObject(map.getWidth() - 1, map.getHeight() - 1, 'exit');
    var tmp = map._endOfStartLevelReached
    //Needed so the rest of the function is ignored
    map = {
    "defineObject": () => {},
    "getWidth": () => {},
    "getHeight": () => {},
    "placeObject": () => {},
    "_endOfStartLevelReached": tmp
    map.defineObject('robot2', {
        'behavior': function (me) {
I hope they don't fix this though, it was exhilarating (and rewarding) trying to outsmart the game

It's also possible to just return early (instead of redefining map)


This is awesome. Very unique puzzles. I have been introducing my students to games that involve programming (I recently made one for them to try called Harvest Memory [1]). This is one of the best I have seen yet. I'll show it to them next class and see how they do.

[1] https://github.com/AZHenley/HarvestMemory


Also nifty idea to post the solutions as public gists: https://gist.github.com/Untrusted-Game

Do they intend for you to be able to draw more than 1 exit? cuz on the 4th level, i just drew a 2nd exit inside the cell and the game didnt complain when i used it.

Later levels validate against multiple exits and won't let you remove the original exit, so it seems intentional.

That's the level called "multiplicity" that tells you level names are hints, right?

I got bored with just beating the game and added some flare on level 20 by using a canon and photon torpedoes and kappa-face explosions[1]. Because why not.

[1] https://gist.github.com/Untrusted-Game/70038d1464d11ac270466...

I very much enjoyed this. Got to level 17 before I ran out of enthusiasm. Level 14 was a sly puzzle, had me stumped for some time.

Just three more to go! And the last ones are, imho, some of the best.

It's quite amazing (and quite a lot of ways of cheating are disabled). I got to level 14 by making my player basically become the same as the arrow keys to direct the bot.

Reminds me of the good days of "find the next level" games where the clue could be in an image metadata or just about anything (modern CTF are on a whole other level).

Nice Chip's Challenge homage on level 14... I used to play Chip's Challenge as a kid on my parents' Windows 95 computer.

Fun fact - in Chip's Challenge, the green key could be reused forever while the other keys were one time use

I've been trying to remember the name of that game for years! Loved it when I was a kid.

The sequel[1] finally came out recently as well after being in limbo for decades (because of a rights dispute).

[1] https://store.steampowered.com/app/348300/Chips_Challenge_2/

Is there any way to reset a level or the game completely? I somehow managed to block myself off from the computer on my first edit and now refreshing the game leaves me stuck and unable to access it.

You can press ctrl+4 to reset even without the computer

I ended up just clearing local storage for the game. I don't think they expected someone to screw up so bad on the first level. :)

Never underestimate the.. Um... 'resourcefulness' of users.

Great job!

I wonder if playing this kind of game could be used in an interview setting.

This is great! I did notice it allows me to do infinite loops though and then the whole thing locks up, other than that, very enjoyable!

One thing I like about this game is that it loads and starts very fast. Chromium tells me it loads in 1.05s and starts after an additional 0.01s. That's fast enough that it seems instantaneous to me when I click on the link.

Also, I like the cheating message that you get in the Chromium console (unfortunately it doesn't seem to work in Firefox). :-)

I did get it in Firefox 65 (Linux)

You're right. I've tried again and I get it now. My system was a bit unstable due to an upgrade (which I had forgot I'd done).

One of the coolest programming based games I've ever played. I hope to see more like it!

On level 13 the maze was trivial(move down as much as possible then right as much as possible then down to the player). Might need to forbid that.

Good diversion, I'm on level 14.

The maze is random and will regenerate when you execute the program, so you need to be lucky to pull that off. I mean, you can just reload until it works, and I think that is a solution within the spirit of the game too, but quite an inelegant one :)

Mine was to bypass the maze solving completely by instead breaking out of the function scope to declare a global direction variable that lets the phone toggle the direction of the robot, then just press R to take a step in the chosen direction ;) Stupid? Elegant? Rule-breaking? You decide...


Mine (eventually) followed the direction of the player, but then with y-20.

Well, I guess I had beginner's luck, because it loaded like that first time.

There is a local variable for the player, so getting the robot to move towards your x-position solves most of the mazes.

Is anyone aware of other online or gamified security related programming (or other) excercises?

I would be grateful for suggestions, ty.

Hands down my favorite and (very) security oriented game is https://overthewire.org/wargames/bandit/ --- It's actually a series of games but this is the first one. I learned so much playing these.

Thank you (all!) very much. I'm excited about these.

I like this one, made by Google - it teaches XSS vulnerabilities: https://xss-game.appspot.com/

It's been discussed on HN twice:



I very highly recommend https://microcorruption.com/, which is a small-scope exploit development CTF.

This seems really well done! great job!

For the record, I am not a contributor to this game (though I wish I had). Just played the game this afternoon and finished it.

As a developer this is incredible, fun and interesting

Level 20 is intended to be impossible?

It's not impossible. Spoiler: https://pastebin.com/4d6ikm0w

Sorry, meant 21, i.e. "endOfTheLine.js"

PS. No you don't, it seems to have lost the original gist but I recreated my solution here: https://gist.github.com/Untrusted-Game/6971dbb8ac6d311989edf...

And, yes, I know I said < 10 == 0... that was a typo originally and it turned out not to matter.

It is not intended to be impossible. It seems to require using a portion of the game that has not been previously introduced. Try exploring portions of the game that are available to you.


Unplayable on smaller screens, but will check out later on a larger one.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact