I Will Give Someone 350 SBR points if they can solve This for Me.....

tony_come · 12-05-11, 02:04 AM

Pass

hawley · 12-05-11, 02:05 AM

no chance. googled it and still couldn't find it

FourLengthsClear · 12-05-11, 02:08 AM

Construct a decryption algorithm for 350 SBR points - LOL.

TR88 · 12-05-11, 02:10 AM

350 pts in 175 days

goofyre · 12-05-11, 02:10 AM

404 Not Found

http://www.canyoucrackit.co.uk/soyoudidit.asp

UntilTheNDofTimE · 12-05-11, 02:11 AM

the guy from swordfish got 100 million to crack this. You wanna give someone 21 bucks.

TheIntegrityKid · 12-05-11, 02:16 AM

Originally posted by UntilTheNDofTimE

the guy from swordfish got 100 million to crack this. You wanna give someone 21 bucks.

woulda been a good hustle for him, lol

btw, 'sup timer?? how you been?

hawley · 12-05-11, 02:22 AM

Originally posted by goofyre

http://www.canyoucrackit.co.uk/soyoudidit.asp

TR88 · 12-05-11, 02:24 AM

So you did it. Well done! Now this is where it gets interesting. Could you use your skills and ingenuity to combat terrorism and cyber threats? As one of our experts, you'll help protect our nation's security and the lives of thousands. Every day will bring new challenges, new solutions to find – and new ways to prove that you're one of the best.

damn man I think I did it
you send those pts man...

Gee · 12-05-11, 02:33 AM

Heres the password: Pr0t3ct!on#cyber_security@12*12.2011+

Can you crack it? + Solution

http://lolhax.org/2011/12/03/can-you-crack-it/

Thanks to a facebook message from my dad yesterday, I was informed of this website: Can you Crack it?. So, promptly, I got onto the job and it was surprisingly easy and I imagine it will be for most people who can reverse engineer and has experience doing so. Click read more to see how I did it, but I suggest you have a good attempt beforehand. It’s a nice little reverse engineering exercise.

When I was younger I thought I half understood some of this stuff. I clearly don't.

SteveRyan · 12-05-11, 02:35 AM

I actually spent a few hours workin on it during some down-time at work yesterday.

Can you crack it - behind the code

http://www.canyoucrackit.co.uk/

The puzzle is comprised of 2 grids. Both grids contain pairs of numbers, pairs of letters, or pairs of numbers and letters.

The idea is that there are clues that tell you how to use the grids to come up with the keyword. The trick is trying to figure out how to use the grids.

For example, the very top left hand corner pair shows the letters "eb". This is a logical place to start because that is how we read books; from the top, left to right.

"eb" is probably some type of clue as how to use the grid on the right.

One way of using it would be to label the grids with rows (Horizontal) and columns (Vertical). You could label the rows 0-9, and the columns 0-9. So now, if we take the letters "eb" we can conclude that "e" might represent the number 5, and "b" might represent the number 2 because of their position in the alphabet.

If we then go to the 2nd grid and go over to column 5 and up to space 2, we will find "f2".

If we are on the right track, then "f2" could refer to the 1st grid. So then, we would go to column 5 and space 2 on the 1st grid where we find "1e". Then, we go back to the 2nd grid and check column 1 space 5 where we find "43".

There are a few things we can do with the numbers 4 and 3. We could add, subtract or multiply them.

If we add them, we get 7. The 7th letter in the alphabet is "G". So the first letter of the keyword might be "G".

If we subtract them, we end up with "A". If we multiply them, we end up with "L".

Keep in mind, what I am telling you is just ONE possibility of the solution and it is probably incorrect. Regardless, this is how you should be thinking if you want to find the solution.

Gee · 12-05-11, 02:38 AM

SteveRyan: i think its pure nerdiness computer geeking rather than a year 10 maths problem solving test.

excel · 12-05-11, 02:38 AM

Funny thing DARPA just did something similar with the public. Must not have enough puzzle solvers on noahs ark?

daimoshokage · 12-05-11, 02:44 AM

Originally posted by TR88

350 pts in 175 days

THIS!

hawley · 12-05-11, 02:44 AM

I tried "password" then gave up

FourLengthsClear · 12-05-11, 02:51 AM

Originally posted by Gee

SteveRyan: i think its pure nerdiness computer geeking rather than a year 10 maths problem solving test.

It combines both (otherwise they would have used something more complex than hex) but yes much more in the wy of "computer geeking"

TR88 · 12-05-11, 02:57 AM

Originally posted by hawley

I tried "password" then gave up

now I have to change my sbr password....

hawley · 12-05-11, 03:00 AM

Originally posted by TR88

now I have to change my sbr password....

mine is superjacked

FourLengthsClear · 12-05-11, 03:05 AM

Originally posted by Gee

Heres the password: Pr0t3ct!on#cyber_security@12*12.2011+

Can you crack it? + Solution

http://lolhax.org/2011/12/03/can-you-crack-it/

Thanks to a facebook message from my dad yesterday, I was informed of this website: Can you Crack it?. So, promptly, I got onto the job and it was surprisingly easy and I imagine it will be for most people who can reverse engineer and has experience doing so. Click read more to see how I did it, but I suggest you have a good attempt beforehand. It’s a nice little reverse engineering exercise.

When I was younger I thought I half understood some of this stuff. I clearly don't.

Way over my head too.

sapidoc · 12-05-11, 03:16 AM

The Keyword/Password you need to enter is:
Pr0t3ct!on#cyber_security@12*12.2011+

The solution is posted originally here: http://lolhax.org/2011/12/03/can-you-crack-it/

Here is how to get it. I've included links to relevant wikipedia articles if you are more curious to read up on the different methods he used.

You start with this:

eb 04 af c2 bf a3 81 ec 00 01 00 00 31 c9 88 0c
0c fe c1 75 f9 31 c0 ba ef be ad de 02 04 0c 00
d0 c1 ca 08 8a 1c 0c 8a 3c 04 88 1c 04 88 3c 0c
fe c1 75 e8 e9 5c 00 00 00 89 e3 81 c3 04 00 00
00 5c 58 3d 41 41 41 41 75 43 58 3d 42 42 42 42
75 3b 5a 89 d1 89 e6 89 df 29 cf f3 a4 89 de 89
d1 89 df 29 cf 31 c0 31 db 31 d2 fe c0 02 1c 06
8a 14 06 8a 34 1e 88 34 06 88 14 1e 00 f2 30 f6
8a 1c 16 8a 17 30 da 88 17 47 49 75 de 31 db 89
d8 fe c0 cd 80 90 90 e8 9d ff ff ff 41 41 41 41

The key is to recognize a tiny little pattern:

eb 04 af c2 bf a3 81 ec 00 01 00 00 31 c9 88 0c
0c fe c1 75 f9 31 c0 ba ef be ad de 02 04 0c 00
d0 c1 ca 08 8a 1c 0c 8a 3c 04 88 1c 04 88 3c 0c
fe c1 75 e8 e9 5c 00 00 00 89 e3 81 c3 04 00 00
00 5c 58 3d 41 41 41 41 75 43 58 3d 42 42 42 42
75 3b 5a 89 d1 89 e6 89 df 29 cf f3 a4 89 de 89
d1 89 df 29 cf 31 c0 31 db 31 d2 fe c0 02 1c 06
8a 14 06 8a 34 1e 88 34 06 88 14 1e 00 f2 30 f6
8a 1c 16 8a 17 30 da 88 17 47 49 75 de 31 db 89
d8 fe c0 cd 80 90 90 e8 9d ff ff ff 41 41 41 41

efbeadde is the little endian (http://en.wikipedia.org/wiki/Endianness) storage of the magic number 0xDEADBEEF which is used to frequently indicate a software crash or deadlock (http://en.wikipedia.org/wiki/Hexspeak).

What is above is probably some sort of computer program.

If you shove it into a disassembler you will get some x86 code (http://en.wikipedia.org/wiki/X86_assembly_language). Basically code for a very low level programming language.

The program does a few things, but the interesting part is that it ends up poping 0×41414141 from the stack (see above, the last 32 bit value). It then checks that it does equal that. Then it does another pop from the stack, but there is nothing left and it is looking for a 0×42424242.

Something must be missing....

Go back to the website...

View the Page Source behind the website and don't see anything obvious in the comments.

Download the png graphic (http://canyoucrackit.co.uk/images/cyber.png) and open it up in a hex editor. There is a base64 (http://en.wikipedia.org/wiki/Base64) encoded message in the comments section of the .png file, which contains the last you'll need to decode the message.

When you decrypt the message you'll find:

GET /15b436de1f9107f3778aad525e5d0b20.js HTTP/1.1.

Which is pretty obvious to be a request message (http://en.wikipedia.org/wiki/Hyperte...equest_message)

If you follow the GET request, you end up finding a VM in javascript. If you scrape this, you can interpret the instructions, and the output ends up containing another GET method:

GET /da75370fe15c4148bd4ceec861fbdaa5.exe HTTP/1.0

If you download and look at this assembly and run it, it will complain about "no hostname". Set the hostname to "canyoucrackit.co.uk" and then it complains about a licence.txt

If you disassemble the executable, you will see it does a check, "scanf" (http://en.wikipedia.org/wiki/Scanf_format_string) of a string from the license onto the stack and then performs a check of the first 4 hex bytes.

This check looked for the values 67 63 68 71 which translates to gchq (I can only assume these guys: http://www.gchq.gov.uk/Pages/homepage.aspx)

Anyway, it does a crpty call on the license +4 with a key value.

But crypt is a one-way function. Doesn't matter because as it turns out you can cause a buffer overflow (http://en.wikipedia.org/wiki/Buffer_overflow) at the scanf call. valid_license was stored on the stack, so overflowing with a big string can set valid_license to non-zero which passes the check.

Now if you run the application you will see it tries:

GET /hqDTK7b8K2rvw/2d2d2d2d/686c6f6c/6f2e7861/key.txt HTTP/1.0

and responds with:

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 02 Dec 2011 23:44:59 GMT
Connection: close
Content-Length: 315

Not Found
HTTP Error 404. The requested resource is not found.

Hmmmm...

Well the first one looks like the hash check, and the 2d2d2d2d, 686c6f6c and 6f2e7861 were data from the license file. Sure enough, there was a spare value in the first executable that was jumped over:

eb 04 af c2 bf a3 81 ec 00 01 00 00 31 c9 88 0c
0c fe c1 75 f9 31 c0 ba ef be ad de 02 04 0c 00
d0 c1 ca 08 8a 1c 0c 8a 3c 04 88 1c 04 88 3c 0c
fe c1 75 e8 e9 5c 00 00 00 89 e3 81 c3 04 00 00
00 5c 58 3d 41 41 41 41 75 43 58 3d 42 42 42 42
75 3b 5a 89 d1 89 e6 89 df 29 cf f3 a4 89 de 89
d1 89 df 29 cf 31 c0 31 db 31 d2 fe c0 02 1c 06
8a 14 06 8a 34 1e 88 34 06 88 14 1e 00 f2 30 f6
8a 1c 16 8a 17 30 da 88 17 47 49 75 de 31 db 89
d8 fe c0 cd 80 90 90 e8 9d ff ff ff 41 41 41 41

The VM's firmware version was also not used.

If you plug these in instead you get:

hqDTK7b8K2rvw/a3bfc2af/d2ab1f05/da13f110/key.txt

and going to:

404 Not Found

http://www.canyoucrackit.co.uk/hqDTK7b8K2rvw/a3bfc2af/d2ab1f05/da13f110/key.txt

Gives you the password:

Pr0t3ct!on#cyber_security@12*12.2011+

If you enter this password in the website, you will be granted access to the "successful page".

TR88 · 12-05-11, 03:23 AM

Originally posted by hawley

mine is superjacked

aceking · 12-05-11, 04:37 AM

James Bond never did all this shit , all he do is bang women .