SAINTCON 2014 Hacker Challenge Walkthrough: Crypto Madness

You can find the SAINTCON 2014 Hackers Challenge Introduction here.

And this is all the files referenced below: SAINTCON_2014_Hackers_Challenge_CM.zip

The challenges referenced below can be found here:

Contents

CM100 – CryptoMagic

Puzzle:

   
Crypto Can Be Fun
Files:
Win Icon	CM100.jpg
Script	decrypt.py

Solution:

python decrypt.py

View the file dec-tux.jpg
Key: CryptoIsFun4U2

CM200 – Dead Mans Stash

 

Puzzle:

There are many old languages out there, some of them are really strange.
Hints
-Include the X's in the Key
Files
Zip File CM200.zip

Solution:

Unzip. 26 files.  Images, all the same. With different names. The Names are interesting A-Z.

RIJASFQXHWZBPGETNKOCVUYLDM
ABCDEFGHIJKLMNOPQRSTUVWXYZ

This looks like a substitution cipher!

LEARN MORE at http://en.wikipedia.org/wiki/Substitution_cipher

And it appears we have the key, where is the cipher text?  Lets look closer at that image!

Hmm, try some google-fu: https://www.google.com/search?client=safari&rls=en&q=ancient+lines+slash+language&ie=UTF-8&oe=UTF-8

AHA! Ogham it is: http://www.ancientscripts.com/ogham.html
http://www.omniglot.com/writing/ogham.htm

Let’s see if we can get the Cipher Text.

The cipher text could be:

piorofbehgmoficr h

or

piorowbeygmowikr y

Use substation and we get:

$ echo "piorofbe hgmoficr h" | tr '[a-z]' '[RIJASFQXHWZBPGETNKOCVUYLDM]'
THEKEFIS XQPEFHJK X
$ echo "piorowbe ygmowikr y" | tr '[a-z]' '[RIJASFQXHWZBPGETNKOCVUYLDM]'
THEKEYIS DQPEYHZK D

Now you are really close, but I don’t have my notes as to the actual key.

The hint “Include the X’s” is important.

Key:

CM300 – Ermarian’s Pontifex

Puzzle:

DYTXO MDAOC DBTQT SWJWN JKFYN FHYAL ABVVP VECDH TMZTQ FNMSB YWHAW JVISC WKBUA UDIHA KTNXH  

You'll need the word 'SAINTCON' as well...

Solution:

A search for the puzzle name takes you to:
http://ermarian.net/services/encryption/solitaire

Bruce Schneier’s Solitaire cipher (codenamed “Pontifex” in Neal Stephenson’s Cryptonomicon

LEARN MORE at https://pthree.org/2012/06/21/hand-ciphers-solitaire-cipher/

ENTER XXXXX LXULO MURYE OGLGY ZGRVJ JLELA TRDVH XUTWP MKLNJ XZQIU XXXXX TOGET YOURP OINTS

Key: LXULO MURYE OGLGY ZGRVJ JLELA TRDVH XUTWP MKLNJ XZQIU

CM400 – HF is Not Dead

Puzzle:

Good luck.
Hints:
- Once you get to the End, Start back at the beginning and dig deaper...
- There is a script embedded in the audio file with Stego... Apply it to the key you get at the end.
Files:
HF Audio Broadcast	HFBroadcast.wav.zip
/pre>

Solution:

I didn’t complete this one. Good luck! I believe it has something to do with the enigma machine. Key:

CM500 – Call Me

 

Puzzle:

-- PUZZLE INFORMATION --
A mysterious woman approaches you about a covert operation.  She is willing to reward you handsomely, says "Call me", and gives you a business card with this printed on it:

1d359884c94ca31fbde65ae2d32047cf

Good luck!

Hint:
XXX-XXX-XXXX

-- FILES PROVIDED --
None

Solution:

Looks like and MD5 hash of a phone number!

So I wrote this ruby script to do it! You could also use HashCat.

require 'digest/md5'

dn = ''

npa = 500
while npa < 1000 do
	nxx = 0
	while nxx < 1000 do
		num = 0
		while num < 10000 do
			dn = npa.to_s.rjust(3,'0')+'-'+nxx.to_s.rjust(3,'0')+'-'+num.to_s.rjust(4,'0')
			md5 = Digest::MD5.new
			md5 << dn
#			print md5.hexdigest+"\n"
			print "\n\nWIN" + dn + "WIN\n\n" if md5.hexdigest == '1d359884c94ca31fbde65ae2d32047cf'
			num +=1
		end
		print dn + "\r"
		nxx +=1
	end
	npa +=1
end

Call the phone number and you receive a message with the key.

Key:

2 comments.

Comments are closed.