The Hack 'n' Slash Puzzle Collection

Prototype box art

Close-up of description in prototype box art

The seemingly-corrupted characters is actually a simple character substitution cipher, which can easily be cracked using properties of the English language. This is the fully-decoded message:

You are the hero foretold by the legends!
Set forth on a voyage of adventure and discovery. Face vicious monsters,
trick castle guards, meet magical friends, and uncover deeply hidden secrets
in a world full of mystery and intrigue.
The gods have created this world and placed you in it for a mysterious
purpose, but there work is not complete. Uncover the secrets of the world,
fight your way through dangerous enemies and deadly traps, and dismantle the
very underpinnings of reality.
Look behind the curtains of the world at the skull beneath the face. Shatter
it into a million pieces and reassemble it to your liking. There is no arcane
secret you cannot uncover. No magic you cannot unravel. You are the Destroyer
and the New Creator. I want you to understand who you are and why you are
here, hacker.

In the installation directory of the prototype, the following encrypted file can be found:

Win/Hidden/HiddenJournal.txt

After beating the prototype, get to the castle's courtyard. Take the left path, dodge the glitched tiles and jump into the very last one at the end of the path. You'll be teleported in the princess chambers. Inspect the painting on the wall to acquire the Hidden Journal book.

Exit the room through a hidden door on the left wall and get to the library. After picking up the book requested by the genie, go back to the library's entrance, climb the stairs labeled AF and pick up the book called AF.lua. If you don't know which one that is, go decode the alphabet near the end of the game and backtrack.

Afterwards, when you reach the room with the two pedestals, immediately after opening the portal, do not enter it. Instead, place AF.lua on the left pedestal and HiddenJournal.txt on the right pedestal. This will decode HiddenJournal.txt and you will be able to read it normally by using the book.

Note that while reading a book, you can flip through the pages by pressing Space.

—-TRACE BEGIN—-
> CONNECT host:www.hacknslashthegame.com port:80
> SEND ApplicationData
>> GET /download/hacknslashannouncement.txt HTTP/1.1
>> Host: hacknslashthegame.com
>>
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Connection: close
Content-Type: application/octet-stream

DOUBLE FINE ANNOUNCES PUZZLE ACTION GAME HACK ’N’ SLASH
Former Amnesia Fortnight Prototype to Launch in First Half 2014, Supported by Indie Fund and friends of Double Fine

SAN FRANCISCO–December 10, 2013–Double Fine Productions today announced that Hack ‘n’ Slash, a hacking themed puzzle action game for Windows, Mac, and Linux, will release in the first half of 2014. A version of the game debuted during Double Fine’s Amnesia Fortnight 2012 internal game jam. It was selected by the gaming public to be turned into a two-week prototype, after garnering more votes than any other Amnesia Fortnight pitch.

In Hack ‘n’ Slash, a young elf uses her computer hacking skills to cheat her way through a classic action/adventure game. The game was funded by Indie Fund, Humble Bundle, Hemisphere Games, make all, AppAbove Games, Adam Saltsman, The Behemoth, Morgan Webb, and Rob Reid as part of a two-game deal that also includes Spacebase DF-9, which released in Early Access Alpha and recouped its investment within two weeks.

“I’ve always loved games with lots of secrets in them,” said Hack ‘n’ Slash project lead Brandon Dillon, “and when I first discovered a hex editor in an emulator, it dawned on me that I could be a kind of digital treasure hunter—no game could keep even its deepest secrets from me if I adventured long enough in its code and memory.”

By subverting old-school gaming tropes with unique hacking mechanics, Hack ‘n’ Slash allows non-programmer players to experience that same sense of mystery and discovery.

“Look, I’m going to be honest with you here: I don’t really understand what’s going on inside this game’s code,” said Double Fine president and CEO Tim Schafer, who claims to possess a degree in computer science. “I believe it contains ‘algorithms.’ But I know what’s going on inside my heart when I play it. And that is joy.”

“We’re psyched to be helping with Hack’n'Slash because Amnesia Fortnight projects are about empowering individual creators,” said Indie Fund partner Ron Carmel, who definitely possesses a degree in computer science. “And I can confirm that this game’s code does contain algorithms.”

Hack ‘n’ Slash will be released for Windows, Mac, and Linux on Steam and DRM-free in the first half of 2014. It will include algorithms.

> CONNECT host:hacknslashthegame.com port:443
> SEND ClientHello suites:TLS_RSA_WITH_AES_256_CBC_SHA certs:x509 random:xIl3HWupPdsvwY94XV3UHtW04aE/wT4X8p7FmdSxW5w=
RECV ServerHello random:Up2+Rmzxa4CFywMpfAMCBn7wJHaiBnwEGslWPq4QaTQ=
RECV Certificate [verified]
RECV ServerHelloDone
> SEND ClientKeyExchange premaster:AwKV0UmxkA/iXZ4Y4NDn0P1Ju/m6GNL10FR7PuJae/83Ghy3Eo+6qDiJwQsNzjyB
... [encrypting provided premaster]
> ENCRYPT
... [computing master key]
... [sending ChangeCypherSpec]
> VERIFY
... [computing verify_data:Tcz7sewhNdF70Xmd]
... [sending Finished]
>SEND ApplicationData
>> ******************************************
>> ***************************
>>
... [sending ApplicationData encrypted_payload:9Uxik4wGjQEoga0gznSZM7H+x4gnbdG9iqVwCOucgvE=]
... [sending ApplicationData encrypted_payload:Z41sWWPE2pPTxXnfbb/ju+g9NGrE/7gMltSvCW2J5aLCjH0R5k8E1iHJydJ1OuguAyZqKPlUDOxVZ6I1dnIJkPBXre5y2wcZU5misdX8Hk+exdqsbpjeDRwQKxwxcOTm]
wqbzvEF9EWuIshMxNfrvhg75TbHD5/WY4dA8m73GW6kX6S7lszdMKCKr3QWz0/2EAwdkU51tyAqEMB1DR87/9PnAXnECqvbVZLWL8MBNgcyd4ri+YzRDF/R+XbJ3qXbRIfuaiJGqjB8AQSYTHdmBIqdcamc6404t5cw0Gx7oRyYmudXx4CZ1D2fpD801jKNOm/Zv0saw3XwF7j0gPvvKZBWmUzwGc9L8PNFkKzsliozmBUxyE3hdRu0L7G5fqviPejgjau3VBC3LI64nvNz8yQ27yoZKpaqAlAV69tnPkwqTGeXgFM6ev4w6CTFUYPHucogo5OJ3V0G0n69k8+aljaeeNTuVzmRML9bHJdzVB4s252NF2PrgPlzGQIgbih7P4unwshrtCLeg8zLF0AApCA==
—-TRACE END—-

The goal of this puzzle is to figure out the URL of the second request. Normally this wouldn't be possible beyond the domain name as it is an HTTPS request, but since this is a full trace from the client side that logged the AES-256 symmetrical key used to encrypt the rest of the path, that same key can be also used for decryption.

The reconstructed URL is the following, which is the solution:

https://hacksnslashthegame.com/download/a-note-from-cbd.txt

Here is a backup of the contents of a-note-from-cbd.txt:

First, let me say that, if you decoded the hints in the press release to get here, amazing work! You either possess impressively detailed knowledge about the low-level aspects of modern encryption techniques, or you went out and learned a lot. Either way, cheers to you.

Second, now that you’re here, you’re probably wondering what the light was at the end of that enciphered tunnel. I hope you’re not disappointed that it’s just a text file written by me. If so, perhaps a kirby will cheer you up?

(>^^)>

They always cheer me up. The operating system class I took in college required programming an x86 OS that was bootable from being dd’ed onto a hard drive (that was a difficult but very fun project), and I personalized it by making the command prompt a kirby. It also had a system interrupt that would map DOOM’s shareware WAD into your process’s memory because apparently my priorities were:

1) Write an ELF loader
2) Port DOOM
3) Implement a file system

Regardless, that’s not why we’re here. We’re here because we’re proud to announce Hack 'n' Slash! I had a weird self-consciousness about the idea originally. I was convinced that it wasn’t going to get any votes during Amnesia Fortnight because I thought no one but me would be interested in playing that kind of game. Needless to say, I was very surprised and excited by the enthusiasm it garnered, and I’m so thrilled that we’re going to be able to move beyond the prototype and make a full game.

By now, you probably already know that the announcement image has some puzzles hidden in it. Or maybe you tackled this puzzle first before moving on to the other ones. In which case, holy crap, you have way more discipline than I do. And there are puzzles hidden in the announcement image! The idea with the announcement puzzles is that they’re wholly self-contained. You’re not going to need to stand by a payphone in San Francisco and then wind up dancing with a person in a gorilla suit. You’re not going to have to venture to some other part of the internet to get to the next step unless it’s to learn some new knowledge that will help you solve the puzzle.

To get pretentious for a second, this is related to the design philosophy of Hack 'n' Slash. You will certainly be able to pop out of the game and muck around in its data files to discover secrets, but it will never be a requirement; everything you’ll need to fully master the game will be contained in the game itself. We try to carry this over into the story as well. The game doesn’t spend a lot of time winking at you. The idea is just that Hack 'n' Slash is its own little universe and you can play an important part in one of its important stories. It’s just that its physics is governed by the code’s algorithms instead of particle interactions like our universe. And you get to mess with the physics. Hopefully that sounds cooler than some fourth-wall-breaking metagame experience; I think it does, anyway.

Also, this is a good opportunity to embed some gratitude. I’m really thankful to Matt Alderman for teaching me something that I believed but didn’t really *know*: there’s no magic, just things you don’t understand yet. He continues to be a valuable mentor and inspiration, and this game wouldn’t exist without our friendship.

And finally, I want to thank my fiancee. In the prototype, the most hidden secret was a love letter to her; if you’re really into the game, you may have already seen it. Just like how my team went from making a prototype to working on the full game, we went from being a couple to being engaged. Don’t tell Tim, but it’s an even better feeling than getting to make the full version of Hack 'n' Slash. The game also wouldn’t exist without her loving support. I love you, angel.

The best thing is that both she and Matt will likely read this, and Matt will be super grossed out.

Sincerely,
(>^^)> CBD_

Hack 'n' Slash original teaser image

IMPORTANT: Solving this puzzle requires opening a ZIP file that is considered invalid by modern ZIP decompression utilities. To work around this, you may need to use one released before December 2013. If you need one, I have verified that 7-Zip version 9.20 is compatible.

This JPEG file actually contains several layers of embedded files within them. Looking at the JPEG's metadata, it has the following subject:

You may have figured out that this JPEG is more than just an image. It is not an ARG. It is not a transmedia narrative. It's just a puzzle we've built for you that will give you some more Hack 'n' Slash tidbits as you peel back its layers. If you're into that kind of thing, we hope you enjoy it!

The first thing to notice is in the visible picture itself. The grid actually represents the following text:

THE FI
VE BOX
ING WI
ZARDS 
JUMP Q
UICKLY

The next step is to open this file as a ZIP archive instead of a JPEG image, as hinted by its filename. A successful extraction reveals 3 files:

• MainTheme.mp3
• Outdoors.mp4
• WorldTablet.txt

MainTheme.mp3 contains a normal music track. However, its metadata mentions aes-256-cbc as the genre. This is actually a type of cipher. The metadata also contains the following hint in the comments:

passwords read like incantations when spoken in all capital letters

WorldTablet.txt is a normal text file, but it is not easily readable. To do so, the text must be set so that a line break occurs every 68 consecutive characters. The easiest way to do is to turn on word-wrapping in a text editor and resize the window's width accordingly. Doing so will reveal a message duplicated in 2 columns, and some of the words between the 2 columns are not aligned exactly the same way. By crossing eyes, it's possible to isolate these words and see the following hidden hint pop out of the text:

the embedded application is enciphered with the incantation presented by the first observed glyphs

Outdoors.mp4 is a video file, although some of its frames contains glyphs in the bottom-left corner. Decoding these glyphs using the grid from the original picture reveals the following hint:

most of the time we only see the things that we expect to often secrets are in plain sight but remain invisible to us size up the medium you are observing and you may find it supports modes of expression you do not expect images can contain words words can produce images something that appears to be a recording of life may actually be a container filled with the sequences of images and channels of audio that you expect but that container can hold

Outdoors.mp4 also contains another secret. Within its file structure lies a hidden file called crackme.enc which must be extracted. Using the previous hints, it's possible to deduce that this file can be decoded using AES-256-CBC with the password THE FIVE BOXING WIZARDS JUMP QUICKLY.

The result is a Windows executable program, whose metadata contains the following:

One last puzzle brought to you by Double Fine Productions, and a very special Hack ‘n’ Slash character, Ida.

Executing the program prompts for an incantation. Note that the incantation to input depends on the computer the program is being executed on. The only way to figure out what it is is to use standard software debugging or reverse-engineering tools.

A full reverse-engineering of the program reveals that the incantation is generated using this procedure:

1. Get the SHA-1 hash of the Windows system volume GUID path
2. Copy the first 4 characters of a predetermined block of text in the incantation
3. Count all matches in said predetermined block of text for the last 4 characters of the partially-constructed incantation
4. Pick a match using the following formula, with match 0 being the leftmost match and following matches incrementally larger by 1: (bitwise XOR of the 2 leftmost bytes of the hash) modulo (number of matches)
5. Append the 4 characters immediately following the selected match at the end of the incantation
6. Drop the 2 leftmost bytes of the hash
7. Repeat steps 3 to 6 until no match is found or until all bytes of the hash have been used
8. Complete the rest of the incantation with what immediately followed the last 4 copied characters up to the next period

The predetermined block of text referred above is the following:

AND WITH THIS INCANTATION I DO SO ENSORCELL MATTERS SUCH THAT THE MAGIC OF THIS APPLICATION PRODUCES A RESULT THAT MUST INVARIABLY ENGENDER MAGNIFICENT AMPLIFICATION OF THE DESIRED OUTCOMES THAT WE PRODUCE. AND WITH THIS INCANTATION I THEE BOND INTO REALMS FOREVER INTWINING OURSELVES TO OUR COMBINED DESTINIES WHICH PRODUCE A KIND OF INFINITE REWARD IN THE CONSTRUCTION OF MECHANISMS TO AID OUR DISCOVERY OF KNOWLEDGE AND TRUTH. AND WITH THIS INCANTATION I REVEAL MYSELF TO BE CAPABLE OF CHALLENGES OF THE MIND AND SPIRIT WHICH STRENGTHEN AND EMBOLDEN MY CAPACITY FOR TAKING CONTROL OVER THAT WHICH WAS ALWAYS OUR BIRTHRIGHT THOUGH SOMESTIMES WE FOOL EVEN OURSELVES TO PROTECT THAT WHICH CANNOT BE PROTECTED. WITH THIS INCANTATION I OPEN THE LOCK CLASPED SIMPLY TO PROVIDE OPPORTUNITY FOR DEMONSTRATION OF MY POWER. AND WITH THIS INCANTATION I FOREVER OPEN THE BOUNDARIES OF UNDRESTANDING SUCH THAT I ALWAYS REALIZE THE POWERS I HAVE OVER HIDDEN BUT NOT INACCESSIBLE TRUTHS. AND WITH THE MECHANISMS OF THIS INCANTATION I CAN BREAK THE BONDS THAT WERE NEVER REALLY THERE DESPITE THE INSISTENCE OF THOSE PRESENTING THEMSELVES AS WIZARDS. AND WITH THIS INCANTATION I OBSERVE THE FINITE IN THE INFINITE THAT HAS PRODUCED MUCH WONDER AND MAGIC IN OUR WORLD AND COMMIT TO THE PURSUITE OF UNDERSTANDING. AND WITH THIS INCANTATION I DO DECLARE THAT BIRTHRIGHT HAS NO STANDING IN THE CHAMBERS OF WISDOM. AND WITH THIS INCANTATION I DO PRESENT MATTERS SUCH THAT IT IS OBSERVABLE THAT NO CREATURE SHOULD BE RESTRAINED BY THE FEAR OF OTHERS.

Upon entering the correct incantation, a success message is generated, and a message is automatically copied to the clipboard. That message is generated using the following transformation:

Windows system volume GUID path → SHA-1 → Base64 encoding → append before the current string either FROM/DEBUGGER if a debugger is attached to the process or SUCCESS/HASH/ otherwise → RSA 512-bit encryption → Base64 encoding → append before the current string @Noughtceratops with a space in-between

The RSA public key used to do the encoding is the following:

MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMeqDCPIoPMd8CSnjGI96lJG3ijSEMDFuJCG4yaWUgbzpHijnyhQtAWn8PXhWOeie0v56AcqjXtKuSeSeLalrZsCAwEAAQ==

As a reference, I have produced an analysis of all possible incantations with their frequencies. Here is also the C++ source code I wrote to generate said analysis.

Hack 'n' Slash T-shirt tag

Note that the T-shirt size is irrelevant. The one in my wardrobe says XL instead of MD, but is otherwise identical in design.

The pixelated rounded rectangle around the Hack 'n' Slash logo contains vertical bars. Said vertical bars form the following barcode:

This barcode can be decoded to:

+thegame.com/shirt

When combining this partial URL with the message inside the rounded rectangle, the following HTTP URL can be formed, which is the solution:

http://hacknslashthegame.com/shirt

The URL redirected the user to a store page for purchasing the Hack 'n' Slash T-shirt, as some kind of self-reference.

Amnesia Fortnight 2014 Launch Video

IMPORTANT: The solution is a URL that no longer resolves. A backup of the reward is available below.

IMPORTANT: This puzzle requires decoding the glyphs showcased in the earlier teaser website image puzzle.

Using the alphabet from the teaser website image, the first 3 encoded messages decodes to, in order:

http
hacknslashthegame
com

Similarly, the alphabet in the second-to-last screen decodes to vertical, and the last one to horizontal. However, those last two words are not part of the solution, but a hint that indicates how to read the numbers on these screens. Said numbers must then be combined to form a nonogram which must then be solved.

Unfortunately, the resulting nonogram is not solvable by itself, as it does not have a unique solution. However, the parts of the nonogram that are solvable partially reveals a QR code, which can then be decoded and reconstructed despite the missing data by using the properties of QR codes. For reference, this is the reconstructed QR code:

The decoded QR code is the following message:

/shirt

When combining this to the first part of the message, the following URL can be formed, which is the solution:

http://hacknslashthegame.com/shirt

The URL redirected the user to a store page for purchasing the Hack 'n' Slash T-shirt previously showcased.

SGGCSNTSSSFEESRWOTOSOYGL
LESMDETNOEDRTSOOOTSTGERO
AFFESAEEENTETEONEYRTGDTY
EDNEESYEYTGEDNRLRIIETEST
RSYEGUERRE.OMMM.MC...EGR
RW.RFHWWE.HHMRMCHHHFWW..
.A.M...IIE.SSNEEEEIARNN.
..HHLWHKHNMLHRNKSVRLRHWV
DMLBDVRTHFBTBEERHERVDHLD
HVDTGSYMN.OOO...N...SNSR
.NNNNONNEAAAAOII.TW...TT
TTTTWWTTTTTTP..GG.FFLW..
EHVHNTTT.H.DD..RW.IALLUA
ZZB.E.OIPB..BEAANRI...RR
UO.OE..OEEOOUAOOOO.OIIOI
IIIAOA.OAAAATTSDGSTTTL..
.LNFSSII.PW..CL.IFEVFFFP
LN.YH.MCCRAU....EEELEAEO
TTTGUOUUEE..EOOOORUKAAEY
ESIILAINWIIUSNN.L..EOOAU
..SOUIAASASUEIUNSI..$...
.O.YE.IAAA.....X...OFTF.
GGSBAJOOBPPAAOOOAAE....L
........OEMLMBAH..ANZZUU

The following message appeared in the source code of the blog a few days after the original puzzle was published:

<!--
Y'all have worked out so much already! The properties you've discovered in the text might even be useful in fields other than cryptography.

Here's a new hint that might push things along!
QlpoORdyRThQkAAAAAA=

> CBD_
-->

First, the hint is actually the output of null data being compressed using the bzip2 algorithm, and encoded in Base64.

As for the actual problem, it is a message encoded using the Burrows–Wheeler transform, which is also used in bzip2. This is the decoded message:

THE.BURROWS.WHEELER.TRANSFORM.HAS.ALWAYS.BEEN.ONE.OF.MY.FAVORITES.BECAUSE.THE.IDEA.OF.BEING.ABLE.TO.JUST.REORDER.INFORMATION.AND.HAVE.THE.NEW.CONFIGURATION.POSSESS.EXTRA.MEANING.WITHOUT.HAVING.LOST.ANYTHING.FEELS.LIKE.MAGIC.ALSO.IT.WAS.NOT.DISCOVERED.THAT.LONG.AGO.IT.IS.FUN.TO.PONDER.WHAT.OTHER.MAGICAL.TRANSFORMATIONS.WE.HAVE.YET.TO.DISCOVER.BY.THE.WAY.THIS.IS.THE.ONLY.PUZZLE.ON.THE.BLOG.SO.FAR.TUMBLR.REMOVED.SOME.OF.MY.STEGANOGRAPHY.WHEN.I.UPLOADED.IMAGES.BUT.WE.WILL.FIGURE.OUT.SOMETHING.TO.DO.I.WANTED.TO.MAKE.SURE.THERE.WAS.AT.LEAST.ONE.PUZZLE.FOR.YOU.WONDERFUL.FOLKS$

UEFUQ0gAQF4AKCUSHSocJA0KFxAOGxgeHCQdmBEKDBQkFyQcFQocESkkCw4kCxsKHw5FT0Y=

This is Base64 data. The decoded version is an IPS patch for The Legend of Zelda. Applying the patch, and entering the cave at the very beginning of the game, causes the old man giving Link the wooden sword to say the following instead of his normal dialog:

   IT'S DANGEROUS TO
HACK N SLASH! BE BRAVE.

NSA's tweet:

tpfccdlfdtte pcaccplircdt dklpcfrp?qeiq lhpqlipqeodf gpwafopwprti izxndkiqpkii krirrifcapnc dxkdciqcafmd vkfpcadf. #MissionMonday #NSA #news

Brandon Dillon's reply:

.@NSACareers gipkfrp,xnip rircdxrxwafm dfvr<3eiki'r pepql'f'rnpr ercipoliw!40 808-l5657-eg 0ec

Both messages use the same simple character substitution cipher, which can easily be cracked using statistical properties of the English language. The spaces that appear every 12 characters are irrelevant.

The decoded NSA message, after adding in spaces for readability:

want to know what it takes to work at nsa? check back each monday in may as we explore careers essential to protecting our nation. #MissionMonday #NSA #news

Brandon Dillon's decoded reply, after adding in spaces for readability:

.@NSACareers dear nsa, please stop spying on us <3 here's a hack 'n' slash steam key! 40808-k5657-hd0ht

In the installation directory of Hack 'n' Slash, the following encrypted file can be found:

Data/Content/Secret/Rooms/SecretRoom.lua

Brandon Dillon replied the following on Twitter after being asked whether brute-force would be practical or not to solve this puzzle:

I don't think it'd be practical to brute-force it. The passphrase shows up in the game.

Near the end of the game, in the DRMRoof room, a pedestal can be found with a book on it. Books in the game are actually pointers to the game's loaded files. If the data is not valid Lua bytecode, a protective barrier appears around the book, preventing it from being taken. Also, when a book is on the pedestal, the related data gets encrypted in RAM every time the player character enters the room, causing the barrier to appear if there wasn't one. Note that because of this property, encrypted data may be encrypted again if not careful, requiring multiple decryptions afterwards.

To decode the data, the player character is supposed to jack into the pedestal with their broken sword, and input the correct password. This may cause the protective barrier to disappear if the decrypted data is valid Lua bytecode. Note that doing so allows the player character to pick it up and place a different book in its place if they so choose.

Decoding the book already on the pedestal by default allows the player to proceed to the princess chambers immediately on the right of the pedestal without causing the game to crash, as said book points to the code of said chambers.

By using normal game mechanics, it is possible to acquire a book pointing to Data/Content/Secret/Rooms/SecretRoom.lua. There are multiple ways to do so, for example by using the LIBRARY_ROOT_PATH artifact hidden in the chest in the rightmost cell of the Armory room to set it to the root directory, then picking up the book manually from the library. (I recommend completing Act 4 before Act 3 to get the bombs early in order to bypass the gate blocking said chest.) Similarly, it is also possible to hack DRMRoof itself to modify the exit on the right of the pedestal in the init function to also point to Data/Content/Secret/Rooms/SecretRoom.lua instead of the princess chambers.

To solve the puzzle, the player character must switch the book on the pedestal to one that points to the secret room, input the correct password, then enter said room using the technique described in the previous paragraph.

Technically speaking, the input password is hashed using SHA-256, which is then used as the key to decode the file using the AES-256-CBC algorithm with a null IV. Due to this, and due to the lack of clear hints as to what the password could be, it took 8 years before it was finally cracked by Glenn "Netrix" Anderson. You may find more information about how he did so on his GitHub account.

It turned out to be the last sentence of the loading screen message, which states:

Now loading...

It's dangerous to hack 'n' slash. Be brave.

In other words, the password is:

Be brave.

Entering this password, then entering the decrypted room as described above, shows a special message from Brandon Dillon to the player before triggering the game's win state. Using graphics not normally shown elsewhere in the game, Brandon explains the game's backstory, the missing Act 1, and some additional insights into the people that made the game possible.

Front of modified The Legend of Zelda cartridge

Back of modified The Legend of Zelda cartridge

The only pertinent pieces of information that has been discovered so far is that each drawing represent a 9x9 binary data matrix, and that each bit is encoded by whether the line in the corresponding square of the grid is a slash or a backslash.