Jump to content
Tuts 4 You

[crackme] RSA 2012 #sophospuzzle


kao

Recommended Posts

At this year's RSA2012 conference, Sophos is giving away cool crypto-puzzle T-shirts. Meet us on Booth #1817 and claim yours!

You don't have to be at the show to take part in the puzzle. The text to use in solving the puzzle is shown below:


#include~<string.h>!int~putchar(int~c);char~*m="noncen.cmh/alu/puyxs.hrhb\xd\xa";void~main(int~argc,char~**argv){if(argc>1&&strlen(argv[1])==8){int~i=0;while(*m){putchar(*m+(*m<0x41?0:argv[1][(++i>8?i=1:i)-1]-0x61));m++;};};}

Solve this puzzle and you'll get a URL. Visit the URL and you'll face the second stage. Solve this and email the answer to Naked Security writer Paul Ducklin and get in the draw to win a NERF N-STRIKE Vulcan EBF-25.

Source: http://nakedsecurity...win-a-nerf-gun/

Cheers,

kao.

Disclaimer: I am in no way affiliated with Sophos.

EDIT: edited topic title to keep automatic checker happy.

Edited by kao
Link to comment

The first one is kinda cheap, you can solve it without a computer.

Number two is... irritating, not sure what they're getting at.

Edited by Killboy
Link to comment

The first one is kinda cheap, you can solve it without a computer.

Number two is... irritating, not sure what they're getting at.

Yea...first check is easy...... second task.. well.. i understand what they're getting at.. but don't have the slightest idea on how to start on it....dunno.gif

Link to comment

Wow I just spent half an hour writing a multithreaded python solution just to find out CPython only allows running one thread at a time. WTF. wallbash.gif Now I'm running 7 python instances in their own cmd window. All for one stupid toy gun laugh.png

Link to comment

I just spent half an hour writing a multithreaded python solution just to find out CPython only allows running one thread at a time. WTF.

doh.gif

The challenge is supposed to be fun, not frustrating. smile.png On the other hand, I failed to solve even the first stage. Crypto-puzzles are not my field of expertise..

Link to comment

Got it cc_detective.gif

Make sure you use all the tips on the website of the second stage, you'll need a hint if you didn't accidentally use the right 'source'.

Edited by Killboy
Link to comment

Got the first one down. Had to use a compiler. I'm not a crypto/math kinda guy so compiling it worked a little easier for me. The second one confused me. I didn't understand how you could calculate what they want. Before giving up I checked the twitter link and the right "source" was found. I still didn't go through with all the stuff afterwords but I think I get the process now.

Link to comment

I used a python script with shutil.copyfileobj to append the files in stream and passed a temp file to md5 hashlib. This worked out fine but I think there must be a faster way. Glad the final answer wasn't too far up from the prodcut of xy... The Dragon Tattoo challenge Sophos did the week of the movie release was pretty good.

Link to comment
  • 3 weeks later...

They posted a video solution on Sophos for the RSA 2012

..http://nakedsecurity.sophos.com/2012/03/20/video-how-to-solve-the-rsa-2012-sophospuzzle/

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...