So any idea?

0xBBA5

Cyan Wind [freewind1012]
10 years ago | edited 10 years ago

0

To prevent a so-long thread like Crypt Level 6 (and some cocky guys who read all posts and said “Nah, it’s soooo easy!” too), I decide to open a new discussion thread for Crypt Level 7. I will close this one as soon as it has enough slight hints to solve the level.

I have some ideas to start but not sure where these roads will lead me to. Don’t get me wrong: I don’t ask for the answer/solution and I don’t whine. Just want to inform you of something, as far as I know:

[quote=Keeper]the level is a bit harder than most would anticipate.[/quote]

@Keeper: Is this level related to steganography?

35replies
11voices
445views
Keeper
10 years ago

1

[quote=freewind1012]Is this level related to steganography?[/quote]

Yes. Both cryptography and steganography.

Kabue
10 years ago

0

Hmm really not sure about anything here…
Using an iPad, so I Can not do much about the picture.
But text, Well if you read all words after : you get Hex, Col and Row. Hex, I know, and googled row… Found something Called RACE, used to encode chinese signs. Couldn’t find much about Col.
Then googled the hint, and Found this chinese sign: ?

Not sure if I’m just Waaay out (probably am)… But that’s what I got so far…. Hopefully get to use a computer, without a stupid website blocker.

So Keeper, do we have to download a lot of programs to do this? Or is it possible only with a browser :)
-Kabue

Fireshard
10 years ago

0

After googling the hint, I got a KOREAN character…which is also set in a table…There might be something about that…

[IAmDevil]
10 years ago

0

I think it means that we have to navigate using the Col and Row and at the intersection point of it we have to replace the corresponding value with the given Hex value !!
Hopefully this makes sense ! ?

Keeper
10 years ago

0

[quote=Kabue]So Keeper, do we have to download a lot of programs to do this? Or is it possible only with a browser[/quote]

You don’t need anything else but a simple hex editor and internet connection (thus, obviously a browser as well).

kamzhik
10 years ago

1

I think the hint has to do with a certain point at the image and not a character.

2 replies have been removed
jnpa
10 years ago

0

i can get to the ‘second part’ but can’t go on from there :/ is the answer related to the person?

Reply has been removed
kamzhik
10 years ago

0

Need some clarification please, do we need to use other sites? (i’m referring to the “small” thing)

Keeper
10 years ago | edited 10 years ago

1

kamzhik is correct. 0xBBA5 is not meant to signify a character.

[quote=jnpa]is the answer related to the person?[/quote]

Indeed it is. Part of the solution is related to him. As it’s stated in the description of the challenge - symbolic hints are spread throughout the entire mission. As you reached to that image of him, remember what was also mentioned - “tiny”, “substituting”. Those words are not in italics for no reason. Allegory.

Now as for the rest, I’ll be giving directions here or in any other thread but please don’t PM me simply because other people also deserve to share in the discussion. If anyone wants to find out whether he’s in the right direction, he can PM me. But answers will be limited to “Yes” and “No” only. So hints will be given only here.

As a matter of fact, I wanted to present people with something new as a style of competition. Cicada 3301 organize similar events every year. However, theirs' are far more perplex but still solvable. Don’t get me wrong, this challenge is not that hard so don’t overrate it.

And for a little motivation for all of you, I’ll be giving away a copy of my modified version of the non-alphanumeric PHP backdoor to the person who first solves the challenge. Here’s a preview of the reward.

Keeper
10 years ago

0

[quote=kamzhik]Is it just a coincidence that “” and “.” are listed below the “tiny” thing or do we actually have to visit the site ****.?[/quote]

Nothing from what makes sense is there by sheer coincidence. Look a bit further.

Reply has been removed
[deleted user]
10 years ago | edited 10 years ago

0

Okay so I have googled this character ? (Korean) (0xBBA5) it shows as Myuk (English). I used google translate to translate it to English. Need to do some more digging and research in this.

kamzhik
10 years ago

0

tlotr, it was mentioned before, 0xBBA5 doesn’t signify a character.

Reply has been removed
Keeper
10 years ago

1

I guess some of you are unable to read.

kamzhik
10 years ago

0

I think we should remove the “0x” at the hint.


0

@kamzhik: Then that hint doesn’t make sense anymore. :)

Cyan Wind [freewind1012]
10 years ago | edited 10 years ago

0

@Keeper: The first image is no doubt a clue to another clue(s). But is it usable again? Is it the important resource of this level or just a leading clue?

Keeper
10 years ago

0

[quote=freewind1012]Keeper: The first image is no doubt a clue to another clue(s). But is it usable again? Is it the important resource of this level or just a leading clue?[/quote]

Both.

kamzhik
10 years ago

0

Is it some kind of alphabetic cipher involved?

Keeper
10 years ago

0

Probably. There’s only one way to find out.

Keeper
10 years ago

0

A little bit of information concerning the prize I’m giving away:

  • Semi-nonalphanumeric one-line source code
  • Database browser and modification menus
  • PDO-based with adjustments for IDS/WAF bypasses
  • Additional obfuscation within the declaration of variables/arrays/functions using Kanji symbols, Hepburn romanization system and particularly alt symbols
  • Hexdecimal/alphanumeric client-sided password generator
  • Arbitrary file uploading to a certain directory
  • Server information for the basic configuration settings on the server
  • Arbitrary command execution (both DOS and *NIX)
  • Directory traversal menu for browsing directory contents

Previous features can be found here. And also, on a side-note; if the winner tries to redistribute the backdoor or gives it away to anyone else, be sure that I’ll find out.

thoraw
10 years ago

0

Thanks for the new stego,

[quote=level]
Password::
[/quote]

I wonder if this is a clue or a typo…

3 replies have been removed
thoraw
10 years ago

0

potentially spoiler heavy, potentially just incorrect and misleading. I’m playing it safe though.

Here, have my thoughts…

[quote=Keeper]
You dispose with an image and a .txt file
[/quote]

I have done things to the image using a tool already mentioned in this thread, I just have no idea what to do with the result(s) now.

There are 2 lines in the description that are bothering me a lot:

[quote=Keeper]
Take your time and apply logic above all else
[/quote]

My initial thought from this was audio (given logic software and time–>frequency clue). I have tried screwing with them as audio but with no success. I am also reluctant to spend much time pursuing that avenue as we are told we do not require special software.
[/spoiler]

<!-
I guess this could also be referring to logical operators, of which there seem to be some in the png. There could be some post-stage-1-manipulation to the image here.
[/spoiler]

[spoiler]
The double colon mentioned in my previous post is also an operator.

Or this line may mean nothing and be only a distraction.

[quote=Keeper]
There are tiny little hints spawned throughout the scope of the objective (substituting one in order to get another and so on).
[/quote]

I hate this line so much, as it confuses what I have done so far!
[spoiler]
Should I have applied the edit sequentially to get more clues (it doesnt obviously help
doing so) or is it simply pointing towards what I have already done so far.
-!>

I’ll let you know if I think of anything or make any progress

Keeper
10 years ago | edited 10 years ago

0

kamzhik gets the prize. He managed to beat the challenge 49 minutes ago.

I’ll be giving away more prizes when I get to develop the next mission and possibly ask flabby to upload it. Gratz to him and good luck to the rest.


-1

I have noticed that @kamzhik had completed this level. So he would give us some hints to solve this one. :p

kamzhik
10 years ago

0

I’m afraid Keeper won’t let me :P, all i can say is: don’t pay attention to the hint for now, that comes last. It’s pretty hard actually so Keeper, don’t say it isn’t :P. Good luck.

Cyan Wind [freewind1012]
10 years ago | edited 10 years ago

0

@kamzhik & @Keeper: Fine. Let’s keep something challenging and unique for HackThis!! ;)

No more hints, lol. But I will open this thread about 3 days for further discussions from another members. :p

Keeper
10 years ago

0

That’s why I mentioned that it’s harder than the previous ones. And it is complex just for public boards' standards while on a larger scale, it’s figured out merely at the blink of an eye (but that’s another topic).

Just a side-note; as for the prize, just alter the values of the initial PDO constants and you’ll be able to connect to the database.

Reply has been removed
kamzhik
10 years ago

0

freewind: Well let’s try it.
Keeper: Will take a look at it later, thank you.

Cyan Wind [freewind1012]
10 years ago | edited 10 years ago

0

@kamzhik: Yeah, thank you. My problem: I haven’t known what “key” was and what “plain text” was in that kind of cipher. Or maybe I had got lost somewhere before, lol.

kamzhik
10 years ago

0

Does that mean you found the cipher method?

Cyan Wind [freewind1012]
10 years ago | edited 10 years ago

-1

[quote=me]Is it the important resource of this level or just a leading clue?[/quote]
Maybe I did. That was why I asked @Keeper that question. If it involves in some kind of cipher, we have to decrypt something. But where is the key and the encrypted thing? :p

kamzhik
10 years ago

1

Keep looking :p you have probably found it, but don’t know yet.

[deleted user]
10 years ago | edited 10 years ago

0

Are we using the hex editor to change how the picture looks? I just saved the file after editing hex values (using the .txt file) and the picture looks different.

P.S - I think this thread has enough hints now. :)


-1

@Hybrid71: No, it’s not. But I will close it tomorrow as I said.

Cyan Wind [freewind1012]
10 years ago | edited 10 years ago

-1

Close thread as said. ;)

Discussion thread has been locked. You can no longer add new posts.
1 of 36

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss