[NYSportsGuy210]

....and not only solve it but either PM me or write a detailed explanation as to how they "cracked" this code. First here's a little background into what I am talking about and click the links below that then.


"Can You Crack It?" website, set up by British GCHQ intelligence agency. They’re looking for a few good spies. GCHQ, the intelligence service of the government of the United Kingdom, is looking for some web-savvy cyber-sleuths-to-be, and apparently decided a post on Craigslist wouldn’t quite do it.


So it put up a website with the enigmatic title “ Can you crack it?” and spread the word on Facebook, Twittersomething is hidden in them — and a place at the bottom inviting you to “Enter Keyword.” and other social media. The site has a matrix of letters of letters and numbers on the homepage — surely

Britain’s GCHQ (short for Government Communications Headquarters; it’s been around since 1918) says it usually recruits bright young people right out of university, but in the digital age, it says, there may be a lot of bright young hackers out there who are worth talking to.
“The target audience for this particular campaign is one that may not typically be attracted to traditional advertising methods and may be unaware that GCHQ is recruiting for these kinds of roles,” said the GCHQ in U.K. media.

“Their skills may be ideally suited to our work and yet they may not understand how they could apply them to a working environment, particularly one where they have the opportunity to contribute so much.”
That may be flattery. Prime Minister David Cameron’s government said last week it is setting up a Joint Cyber Unit to protect against cyber attacks from hacktivists, organized crime, hostile states and would-be terrorists. Having disaffected young hackers work for the government would be better than seeing them work against it."



If you crack the code, please let me know — though you may not get the chance. If you enter the right keyword, you’ll get past the homepage and possibly into the intriguing world of intelligence-gathering. Contest ends next week and here's a link to the code.


http://canyoucrackit.co.uk/

I really wanna know how you go about deciphering these things and this one in particular. 350 betpoints boys.

[tony_come]

Pass

[hawley]

no chance. googled it and still couldn't find it

[FourLengthsClear]

Construct a decryption algorithm for 350 betpoints - LOL.

[TR88]

350 pts in 175 days

[goofyre]

http://www.canyoucrackit.co.uk/soyoudidit.asp

[UntilTheNDofTimE]

the guy from swordfish got 100 million to crack this. You wanna give someone 21 bucks.

[TheIntegrityKid]

the guy from swordfish got 100 million to crack this. You wanna give someone 21 bucks.

woulda been a good hustle for him, lol

btw, 'sup timer?? how you been?

[hawley]

http://www.canyoucrackit.co.uk/soyoudidit.asp

[TR88]

So you did it. Well done! Now this is where it gets interesting. Could you use your skills and ingenuity to combat terrorism and cyber threats? As one of our experts, you'll help protect our nation's security and the lives of thousands. Every day will bring new challenges, new solutions to find – and new ways to prove that you're one of the best.

damn man I think I did it
you send those pts man...

[Gee]

Heres the password: Pr0t3ct!on#cyber_security@12*12.2011+

http://lolhax.org/2011/12/03/can-you-crack-it/

When I was younger I thought I half understood some of this stuff. I clearly don't.

[SteveRyan]

I actually spent a few hours workin on it during some down-time at work yesterday.

http://www.canyoucrackit.co.uk/

The puzzle is comprised of 2 grids. Both grids contain pairs of numbers, pairs of letters, or pairs of numbers and letters.

The idea is that there are clues that tell you how to use the grids to come up with the keyword. The trick is trying to figure out how to use the grids.

For example, the very top left hand corner pair shows the letters "eb". This is a logical place to start because that is how we read books; from the top, left to right.

"eb" is probably some type of clue as how to use the grid on the right.

One way of using it would be to label the grids with rows (Horizontal) and columns (Vertical). You could label the rows 0-9, and the columns 0-9. So now, if we take the letters "eb" we can conclude that "e" might represent the number 5, and "b" might represent the number 2 because of their position in the alphabet.

If we then go to the 2nd grid and go over to column 5 and up to space 2, we will find "f2".

If we are on the right track, then "f2" could refer to the 1st grid. So then, we would go to column 5 and space 2 on the 1st grid where we find "1e". Then, we go back to the 2nd grid and check column 1 space 5 where we find "43".

There are a few things we can do with the numbers 4 and 3. We could add, subtract or multiply them.

If we add them, we get 7. The 7th letter in the alphabet is "G". So the first letter of the keyword might be "G".

If we subtract them, we end up with "A". If we multiply them, we end up with "L".

Keep in mind, what I am telling you is just ONE possibility of the solution and it is probably incorrect. Regardless, this is how you should be thinking if you want to find the solution.

[Gee]

SteveRyan: i think its pure nerdiness computer geeking rather than a year 10 maths problem solving test.

[excel]

Funny thing DARPA just did something similar with the public. Must not have enough puzzle solvers on noahs ark?

[daimoshokage]

350 pts in 175 days

THIS!

[hawley]

I tried "password" then gave up

[FourLengthsClear]

SteveRyan: i think its pure nerdiness computer geeking rather than a year 10 maths problem solving test.

It combines both (otherwise they would have used something more complex than hex) but yes much more in the wy of "computer geeking"

[TR88]

I tried "password" then gave up

now I have to change my sbr password....

[hawley]

now I have to change my sbr password....

mine is superjacked

[FourLengthsClear]

Heres the password: Pr0t3ct!on#cyber_security@12*12.2011+

http://lolhax.org/2011/12/03/can-you-crack-it/

When I was younger I thought I half understood some of this stuff. I clearly don't.

Way over my head too.

[sapidoc]

The Keyword/Password you need to enter is:
Pr0t3ct!on#cyber_security@12*12.2011+

The solution is posted originally here: http://lolhax.org/2011/12/03/can-you-crack-it/


Here is how to get it. I've included links to relevant wikipedia articles if you are more curious to read up on the different methods he used.

You start with this:

eb 04 af c2 bf a3 81 ec 00 01 00 00 31 c9 88 0c
0c fe c1 75 f9 31 c0 ba ef be ad de 02 04 0c 00
d0 c1 ca 08 8a 1c 0c 8a 3c 04 88 1c 04 88 3c 0c
fe c1 75 e8 e9 5c 00 00 00 89 e3 81 c3 04 00 00
00 5c 58 3d 41 41 41 41 75 43 58 3d 42 42 42 42
75 3b 5a 89 d1 89 e6 89 df 29 cf f3 a4 89 de 89
d1 89 df 29 cf 31 c0 31 db 31 d2 fe c0 02 1c 06
8a 14 06 8a 34 1e 88 34 06 88 14 1e 00 f2 30 f6
8a 1c 16 8a 17 30 da 88 17 47 49 75 de 31 db 89
d8 fe c0 cd 80 90 90 e8 9d ff ff ff 41 41 41 41


The key is to recognize a tiny little pattern:

eb 04 af c2 bf a3 81 ec 00 01 00 00 31 c9 88 0c
0c fe c1 75 f9 31 c0 ba ef be ad de 02 04 0c 00
d0 c1 ca 08 8a 1c 0c 8a 3c 04 88 1c 04 88 3c 0c
fe c1 75 e8 e9 5c 00 00 00 89 e3 81 c3 04 00 00
00 5c 58 3d 41 41 41 41 75 43 58 3d 42 42 42 42
75 3b 5a 89 d1 89 e6 89 df 29 cf f3 a4 89 de 89
d1 89 df 29 cf 31 c0 31 db 31 d2 fe c0 02 1c 06
8a 14 06 8a 34 1e 88 34 06 88 14 1e 00 f2 30 f6
8a 1c 16 8a 17 30 da 88 17 47 49 75 de 31 db 89
d8 fe c0 cd 80 90 90 e8 9d ff ff ff 41 41 41 41

efbeadde is the little endian (http://en.wikipedia.org/wiki/Endianness) storage of the magic number 0xDEADBEEF which is used to frequently indicate a software crash or deadlock (http://en.wikipedia.org/wiki/Hexspeak).

What is above is probably some sort of computer program.

If you shove it into a disassembler you will get some x86 code (http://en.wikipedia.org/wiki/X86_assembly_language). Basically code for a very low level programming language.

The program does a few things, but the interesting part is that it ends up poping 0×41414141 from the stack (see above, the last 32 bit value). It then checks that it does equal that. Then it does another pop from the stack, but there is nothing left and it is looking for a 0×42424242.

Something must be missing....

Go back to the website...

View the Page Source behind the website and don't see anything obvious in the comments.

Download the png graphic (http://canyoucrackit.co.uk/images/cyber.png) and open it up in a hex editor. There is a base64 (http://en.wikipedia.org/wiki/Base64) encoded message in the comments section of the .png file, which contains the last you'll need to decode the message.

When you decrypt the message you'll find:

GET /15b436de1f9107f3778aad525e5d0b20.js HTTP/1.1.

Which is pretty obvious to be a request message (http://en.wikipedia.org/wiki/Hyperte...equest_message)

If you follow the GET request, you end up finding a VM in javascript. If you scrape this, you can interpret the instructions, and the output ends up containing another GET method:

GET /da75370fe15c4148bd4ceec861fbdaa5.exe HTTP/1.0

If you download and look at this assembly and run it, it will complain about "no hostname". Set the hostname to "canyoucrackit.co.uk" and then it complains about a licence.txt

If you disassemble the executable, you will see it does a check, "scanf" (http://en.wikipedia.org/wiki/Scanf_format_string) of a string from the license onto the stack and then performs a check of the first 4 hex bytes.

This check looked for the values 67 63 68 71 which translates to gchq (I can only assume these guys: http://www.gchq.gov.uk/Pages/homepage.aspx)

Anyway, it does a crpty call on the license +4 with a key value.

But crypt is a one-way function. Doesn't matter because as it turns out you can cause a buffer overflow (http://en.wikipedia.org/wiki/Buffer_overflow) at the scanf call. valid_license was stored on the stack, so overflowing with a big string can set valid_license to non-zero which passes the check.

Now if you run the application you will see it tries:

GET /hqDTK7b8K2rvw/2d2d2d2d/686c6f6c/6f2e7861/key.txt HTTP/1.0

and responds with:

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 02 Dec 2011 23:44:59 GMT
Connection: close
Content-Length: 315

Not Found
HTTP Error 404. The requested resource is not found.

Hmmmm...

Well the first one looks like the hash check, and the 2d2d2d2d, 686c6f6c and 6f2e7861 were data from the license file. Sure enough, there was a spare value in the first executable that was jumped over:

eb 04 af c2 bf a3 81 ec 00 01 00 00 31 c9 88 0c
0c fe c1 75 f9 31 c0 ba ef be ad de 02 04 0c 00
d0 c1 ca 08 8a 1c 0c 8a 3c 04 88 1c 04 88 3c 0c
fe c1 75 e8 e9 5c 00 00 00 89 e3 81 c3 04 00 00
00 5c 58 3d 41 41 41 41 75 43 58 3d 42 42 42 42
75 3b 5a 89 d1 89 e6 89 df 29 cf f3 a4 89 de 89
d1 89 df 29 cf 31 c0 31 db 31 d2 fe c0 02 1c 06
8a 14 06 8a 34 1e 88 34 06 88 14 1e 00 f2 30 f6
8a 1c 16 8a 17 30 da 88 17 47 49 75 de 31 db 89
d8 fe c0 cd 80 90 90 e8 9d ff ff ff 41 41 41 41

The VM's firmware version was also not used.

If you plug these in instead you get:

hqDTK7b8K2rvw/a3bfc2af/d2ab1f05/da13f110/key.txt

and going to:

http://www.canyoucrackit.co.uk/hqDTK...13f110/key.txt

Gives you the password:

Pr0t3ct!on#cyber_security@12*12.2011+


If you enter this password in the website, you will be granted access to the "successful page".

[TR88]

mine is superjacked

[aceking]

James Bond never did all this shit , all he do is bang women .