Rating:
## Solution
[The Hacker Manifesto](http://phrack.org/issues/7/3.html) is an essay written in 1986 by The Mentor and published in Phrack. Viewing `hacker_manifesto.txt` we see the beginning of The Hacker Manifesto, but after the first few words the text turns into gibberish. We also notice that letters start disappearing after they have been used (such as the `a` before `hacker` and the `a` in `hacker`). This suggests some kind of compression algorithm that references previously seen byte strings in the file. Looking closer at the first few characters of the file, we notice that printable bytes occurs every three bytes. If the byte appears as we would expect, it is preceded by `0x0000`. When a letter is missing, the next letter is prepended by a non-zero two byte string. Since it appears that we are looking at bytes in groups of 3, let's regroup with `xxd` to make this easier to see with the command `xxd -g 3 -c 15 hacker_manifesto.txt|less`:
```
00000000: 000049 000020 000061 00006d 030820 ..I.. ..a..m..
0000000f: 000068 030463 00006b 000065 000072 ..h..c..k..e..r
0000001e: 00002c 080465 00006e 000074 070820 ..,..e..n..t..
0000002d: 120479 030477 00006f 07046c 000064 ..y..w..o..l..d
0000003c: 00002e 01042e 00000a 00004d 000069 ...........M..i
0000004b: 130465 0e0469 000073 240c77 131020 ..e..i..s$.w..
0000005a: 200468 0a0474 050462 130467 170873 .h..t..b..g..s
00000069: 120869 0e0820 070463 04046f 01046c ..i.. ..c..o..l
...
```
Let's start decoding this by hand before we develop a script to finish the process. If the first two bytes of a group are `0x0000`, we copy the third byte directly and move on. This results in the first few bytes:
```
4920 616d
'I am'
```
The first "missing" byte occurs at offset `0xc`: `0x030820`. If we assume that the first byte is the number of bytes to look back, and the second byte is the number of bytes to copy, this doesn't work out correctly. This is because rather than 8 bits being used for the offset and 8 bits for the length, the algorithm uses a 10 bit offset and 6 bit length. First, let's rewrite
`0x0308` in little-endian binary notation:
```
11000000 00010000
```
If these bits are interpreted using 10 bits for the offset, and 6 bits for the length, we get:
```
1100000000 010000
```
This represents an offset of 3 and a length of 2. Copying 2 bytes from 3 bytes back and appending the third byte of the group (`0x20`) gives us:
```
4920 616d 2061 20
'I am a '
```
If we continue this process for the rest of the file, the message decompresses to the Hacker Manifesto and we see the flag towards the end.
## Flag
**flag{TheMentorArrested}**
