Linustechtips Challenge 2.0 !

[ionbasa]

EnCt24d0a80ab295a386727e460b995c010ad687f28684d0a80ab295a386727e460b9k3Q5cct5uAMd7ZV721VF7lG9iWKt8qo9AcanbtV0XSlmyYMWCWGBpVP8we9qSvvPpLK31D4wQaX05wKWngiWvcqYCGmhD/Ges6DIOFITKZkdAC23mqouD6xw1qyXLN82RloCx4u03XJNCuwXj5u08dAKPRMvEkx+ZPhC0wwM+isS2pUzfhk=IwEmS

Is most likely a key. What type of key? Meh, could be one of the dozen or so public/private key pairs algorithms. Which would make sense since the OP mentions connecting to a server. I tried checking if this was a private key in puttygen and i didn't work. Maybe this is a PGP key? I'm not sure if it is malformed though.

 

PGP keys always end with "=" and then 4 characters. This key has 5 alpha characters after the "=" sign. So, it most likely isn't PGP but something similar.

 

I may have a hunch, but I want to see what you guys can come up with.

[FuzzyYellow]

EnCt24d0a80ab295a386727e460b995c010ad687f28684d0a80ab295a386727e460b9k3Q5cct5uAMd7ZV721VF7lG9iWKt8qo9AcanbtV0XSlmyYMWCWGBpVP8we9qSvvPpLK31D4wQaX05wKWngiWvcqYCGmhD/Ges6DIOFITKZkdAC23mqouD6xw1qyXLN82RloCx4u03XJNCuwXj5u08dAKPRMvEkx+ZPhC0wwM+isS2pUzfhk=IwEmS

Is most likely a key. What type of key? Meh, could be one of the dozen or so public/private key pairs algorithms. Which would make sense since the OP mentions connecting to a server. I tried checking if this was a private key in puttygen and i didn't work. Maybe this is a PGP key? I'm not sure if it is malformed though.

 

PGP keys always end with "=" and then 4 characters. This key has 5 alpha characters after the "=" sign. So, it most likely isn't PGP but something similar.

 

I may have a hunch, but I want to see what you guys can come up with.

 

this is all way over my head. I really want to follow along and learn about this stuff,, but i am clueless right now.

[ionbasa]

I think the OP may be the same user from reddit: https://www.reddit.com/user/EnCt2433e67e367488e6

 

The username resembles the same hashed values. Also, see: https://www.reddit.com/r/ARG/comments/39cirj/enct29db5a57760c2dc60d638e12082e02df9c162e1959db5a/

Similar hash given in that subreddit. Both hashes end with '=IwEmS' and begin with "EnCt".

 

We're either being fucked with, the OP is the same persona as the redditor, or the OP knows something in relation to what the other redditor is doing. I suspect all 3 options.  :lol:

Edited August 25, 2015 by ionbasa

[ionbasa]

The OP also states:

Security is key.

If I were to interpret that, I would assume that the OP means that that "Security" was the key used in encrypting the original message. If so, then we might be able to use the key in decrypting the original message if we know what algorithm was used.

[ionbasa]

Found some more sauce on this.

Taking a look at the hash again:

EnCt24d0a80ab295a386727e460b995c010ad687f28684d0a80ab295a386727e460b9k3Q5cct5uAMd7ZV721VF7lG9iWKt8qo9AcanbtV0XSlmyYMWCWGBpVP8we9qSvvPpLK31D4wQaX05wKWngiWvcqYCGmhD/Ges6DIOFITKZkdAC23mqouD6xw1qyXLN82RloCx4u03XJNCuwXj5u08dAKPRMvEkx+ZPhC0wwM+isS2pUzfhk=IwEmS

Two things in particular stand out: The prefix and suffix of that hash. The prefix is "EnCt2" and the Suffix is "IwEmS".

 

So after some digging around, I was able to find a github page which hosts the source for https://encipher.it

One of the github source pages is: https://github.com/ermakus/encipher.it/blob/master/assets/javascripts/encipher.coffee

 

Part of the javascript code reads:

# Format encrypted as plain textclass TextFormat    constructor: (@[member='Base']) ->        @HAS = /EnCt2/        @[member='ExTraCT'] = /(EnCt2.*IwEmS)/    hasCipher: (message)->        return false unless message        return (message or "").match @HAS

and:

 # Encrypt text in input element    encrypt: (password, callback)->        salt = Base64.random(8)        @derive password, salt, (key) =>            # Calculate HMAC digest            hmac = hex_hmac_sha1(key, @[member='Text'] )            # Pad to to 256bit (reserved for sha256 hash)            hmac += hmac[0...24]            cipher = hmac + salt + Aes.Ctr.encrypt( @[member='Text'], key, 256)            @format.text.pack "EnCt2#{cipher}IwEmS", (error, cipher)=>                if not error                    @updateNode @[member=noden], cipher                @cache = {}                callback( error, cipher )

BINGO! We found the tool used to encrypt the original message. So it seems the hash provided is an output from: https://encipher.it

encipher.it basically takes the input and creates a cipher from 256 AES, and a salted passpowrd, takes the output and then inserts the cipher between the prefix and suffix we issolated.

 

But there is a problem! In my previous post, I assumed:

 

... the OP means that that "Security" was the key used in encrypting the original message. If so, then we might be able to use the key in decrypting the original message if we know what algorithm was used.

 

Which doesn't actually turn out to be the key/password. 

 

 

So all we need is a decryption key/password and we can be on our merry way.

[STRMfrmXMN]

Is the mystery word "congratulations"?

[ionbasa]

Is the mystery word "congratulations"?

Nope! 

 

Maybe we don't have the key/passphrase yet?

 

Per the OP:

This is the first enigma. once its solved, follow the instructions and enter "  "  where needed. then follow the instructions.       ---> nvm for now. fixing that later...

 

 

So, maybe he hasn't disclosed the key yet. Maybe finding the key is the next part of the puzzle?

@givingtnt

 

---

EDIT: If the OP does end up posting the key while I'm away, who wins the challenge? I'm confident that we have all the pieces in play, we just need one last bit to finish it off.

Edited August 25, 2015 by ionbasa

[givingtnt]

Nope! 

 

Maybe we don't have the key/passphrase yet?

 

Per the OP:

 

So, maybe he hasn't disclosed the key yet. Maybe finding the key is the next part of the puzzle?

@givingtnt

 

---

EDIT: If the OP does end up posting the key while I'm away, who wins the challenge? I'm confident that we have all the pieces in play, we just need one last bit to finish it off.

the key is to be find by you. once you find it. you will understand... (for future challenge there is a key required to send a confirmation form that you won.  but for now. the key is not to be mentionned. its to be found !)

hint :    the hint was given a month + 1 day ago

[givingtnt]

I think the OP may be the same user from reddit: https://www.reddit.com/user/EnCt2433e67e367488e6

 

The username resembles the same hashed values. Also, see: https://www.reddit.com/r/ARG/comments/39cirj/enct29db5a57760c2dc60d638e12082e02df9c162e1959db5a/

Similar hash given in that subreddit. Both hashes end with '=IwEmS' and begin with "EnCt".

 

We're either being fucked with, the OP is the same persona as the redditor, or the OP knows something in relation to what the other redditor is doing. I suspect all 3 options.  :lol:

HAHAHAHAHAHAHAHAHAHAHA omfg     ..

eh. I don't use reddit

[givingtnt]

Found some more sauce on this.

Taking a look at the hash again:

EnCt24d0a80ab295a386727e460b995c010ad687f28684d0a80ab295a386727e460b9k3Q5cct5uAMd7ZV721VF7lG9iWKt8qo9AcanbtV0XSlmyYMWCWGBpVP8we9qSvvPpLK31D4wQaX05wKWngiWvcqYCGmhD/Ges6DIOFITKZkdAC23mqouD6xw1qyXLN82RloCx4u03XJNCuwXj5u08dAKPRMvEkx+ZPhC0wwM+isS2pUzfhk=IwEmS

Two things in particular stand out: The prefix and suffix of that hash. The prefix is "EnCt2" and the Suffix is "IwEmS".

 

So after some digging around, I was able to find a github page which hosts the source for https://encipher.it

One of the github source pages is: https://github.com/ermakus/encipher.it/blob/master/assets/javascripts/encipher.coffee

 

Part of the javascript code reads:

# Format encrypted as plain textclass TextFormat    constructor: (@[member=Base]) ->        @HAS = /EnCt2/        @[member=ExTraCT] = /(EnCt2.*IwEmS)/    hasCipher: (message)->        return false unless message        return (message or "").match @HAS

and:

 # Encrypt text in input element    encrypt: (password, callback)->        salt = Base64.random(8)        @derive password, salt, (key) =>            # Calculate HMAC digest            hmac = hex_hmac_sha1(key, @[member=Text] )            # Pad to to 256bit (reserved for sha256 hash)            hmac += hmac[0...24]            cipher = hmac + salt + Aes.Ctr.encrypt( @[member=Text], key, 256)            @format.text.pack "EnCt2#{cipher}IwEmS", (error, cipher)=>                if not error                    @updateNode @[member=noden], cipher                @cache = {}                callback( error, cipher )

BINGO! We found the tool used to encrypt the original message. So it seems the hash provided is an output from: https://encipher.it

encipher.it basically takes the input and creates a cipher from 256 AES, and a salted passpowrd, takes the output and then inserts the cipher between the prefix and suffix we issolated.

 

But there is a problem! In my previous post, I assumed:

 

 

Which doesn't actually turn out to be the key/password. 

 

 

So all we need is a decryption key/password and we can be on our merry way.

 

you are getting closer. though the key is not in the text.  though the hint is.  go figur. I got the key 31  days ago

[elfensky]

Hmm.. I've tried running the code through https://paulschou.com/tools/xlate/ but that didn't really bring up anything interesting.

Edit1: Seen the encipher-decription post.

Edit2: Is the key a random combination we have to decipher, or a word/sentence we have to guess from the given hints?

 

Edit3: I've tried looking through your posts/topics, especially those that fall between 24th and 25th of July, but I have nothing that even remotely looks like a clue

 

Edit4: This didn't bring up anything either. https://en.wikipedia.org/wiki/July_25

[givingtnt]

Hmm.. I've tried running the code through https://paulschou.com/tools/xlate/ but that didn't really bring up anything interesting.

Edit1: Seen the encipher-decription post.

Edit2: Is the key a random combination we have to decipher, or a word/sentence we have to guess from the given hints?

 

Edit3: I've tried looking through your posts/topics, especially those that fall between 24th and 25th of July, but I have nothing that even remotely looks like a clue

 

 

there was something but I removed it.   the key is either a name or a number.  not in matter with my posts

[elfensky]

there was something but I removed it.   the key is either a name or a number.  not in matter with my posts

 

Ah you sneaky sob, xDxDxD. I guess we'll have to do it the old and hard way

[givingtnt]

Ah you sneaky sob, xDxDxD. I guess we'll have to do it the old and hard way

gosh you guys are blind.  and its funny as hell

[givingtnt]

@colonel_mortis could you move thi sto general discussion ?

[colonel_mortis]

@colonel_mortis could you move thi sto general discussion ?

Forum games will be staying in Off Topic.

[givingtnt]

Forum games will be staying in Off Topic.

ok

[elfensky]

The only think I can think of that happened 32 days ago and that was related to security was the hacked Jeep Cherokee...

 

I've tried using Jeep, the 1,400,000 number and variations thereof as key, but that didn't work either

EDIT1: nope, as @givingtnt has told me, I'm ... Off track in my search (good pun)

 

EDIT2: the winning lotto numbers aint it either

EDIT3: I've tried using 19 5 3 21 18 9 20 25 as a key (it's the word "Security" using the letter's position in the alphabet). Nope. Tried the sum of the numbers too.

 

EDIT4: idk maybe this will help http://moonatnoon.com/puzzles/reference/a1b2z26.html

 

EDIT5: seeing as the LTT's website kept being DDOSed I've tried using its ip as a password too. Nope.

[givingtnt]

The only think I can think of that happened 32 days ago and that was related to security was the hacked Jeep Cherokee...

 

I've tried using Jeep, the 1,400,000 number and variations thereof as key, but that didn't work either

EDIT1: nope, as @givingtnt has told me, I'm ... Off track in my search (good pun)

 

EDIT2: the winning lotto numbers aint it either

EDIT3: I've tried using 19 5 3 21 18 9 20 25 as a key (it's the word "Security" using the letter's position in the alphabet). Nope. Tried the sum of the numbers too.

 

EDIT4: idk maybe this will help http://moonatnoon.com/puzzles/reference/a1b2z26.html

 

EDIT5: seeing as the LTT's website kept being DDOSed I've tried using its ip as a password too. Nope.

I need to do a correction. replace 32, by 30 starting today.

[Si3Rra_7]

I need to do a correction. replace 32, by 30 starting today.

damnit , where do you guys learn this . The closes thing to this is this game i found called Hacknet ... ( recommended by qain from tek).

[givingtnt]

damnit , where do you guys learn this . The closes thing to this is this game i found called Hacknet ... ( recommended by qain from tek).

another one thats very, very good is called MU complex.  its really one good game.

or if you speak french there is the famous "ouverture facile"  wich has way too many challenges.. but I did managed to finish it.. till the house.......  aaahhhh so many hello kitties

[ionbasa]

I need to do a correction. replace 32, by 30 starting today.

May we get a specific date in GMT/UMT? Only saying 30 days back may vary for people depending on their geographic region and time zone.

 

Right now, from just your hint, we know:

• A date range of 25 July 2015- 26 July 2015 (depending on time zone)
• It involves something related to security
• The key can be found in a post on this forum.

[givingtnt]

 

May we get a specific date in GMT/UMT? Only saying 30 days back may vary for people depending on their geographic region and time zone.

 

Right now, from just your hint, we know:

• A date range of 25 July 2015- 26 July 2015 (depending on time zone)
• It involves something related to security
• The key can be found in a post on this forum.

 

not a post.

 

from today, as east time . 25th of august

[Extingquish]

He said there was going to be a few references to LTT content in the challenges, maybe the key is like a video or something? 

 

I've tried the titles and the video IDs from LTT (YouTube) around 25/07/15, but none of them have worked

 

Maybe I'm just looking too far into this or something?

[givingtnt]

He said there was going to be a few references to LTT content in the challenges, maybe the key is like a video or something? 

 

I've tried the titles and the video IDs from LTT (YouTube) around 25/07/15, but none of them have worked

 

Maybe I'm just looking too far into this or something?

I think you should look more into it