Hi guys, ive noticed that these web based hacking challenges are quite popular.
so ive decided to release one.

Its not web based, it doesnt require much prior knoledge, but should be quite hard.
actually, no, it seems hard, but in fact is very easy, depending on how many clues i give away.

infact, for those of you who really think hard about this, it bmay be too easy.. i dont know.

here is the challenge:
I have encrypted a random html webpage that i have downloaded from a random web-site.
it is your job to de-crypt it.

the encrypted page is quite large, believe me, the larger the page, the more patterns will emerge and the easyer this challenge should be.

here is how the encryption works, it uses Xor logic.
0 xor 0 = 0
0 xor 1 = 1
1 xor 0 = 1
1 xor 1 = 0
10100110 << data byte
01010011 << password byte
11110101 << encrypted byte

google for Xor encryption for more information.

This type of encryption was first used over 400 years ago by japanese warriors, and was broken almost 100 years ago by a mathematician with no computers, and the message was plain english, much harder to de-crypt than the structured html code.

when you have broken the encryption, PM me, and i will add you to the wall of fanme.

RULES:
any software you use to brute force the password MUST be written by yourself. please include source code in the PM you send.

Ive seen this type of encryption broken with just a graph of the occurances of each byte, so programming knoledge is not needed, but will be usefull.

HINTS:

all '<' characers are normally very quickly follwed by '>'
tags such as <html> will be expected very neer the top of the html file.
think of other pattern with html, andcharacters that should show up often.
maybe the last 6 characters will be </html> which would give at least 7 password characters
(no, i made such this tag qwas not at the very end... but it is very close) (plus, the password is quite weak, ive not dicided on it yet, but it will porbably be quite weak, less than 7 characters, who knows [ me] )

if you look hard enough, you will find patters of characters.
the size of the patterns, and spacing between them will give valuable clues as to the size of the password.

the file was taken from a Unix server,
for those who dont know, in Unix, a newline is a \n character (ascii code 10)
in windows, a newline is both a \n and a \r
so when you have sucessfully de-crypted the file, viewing it in notepad will probably show the document without new-lines... dont worry, its just widnows beeing annoying.

the source code of the porgram i used to encrypt the web page is added to this post as an attachment.
you dont need it, but it may give a better understanding of how it works.
this is vry weak encryption.


when compiled as the porgram xor.exe
useage:
xor input_file output_file password.

because xor works both ways forwarsda and backwards,
running xor on a plain file wil encrypt it.
running xor on an encrypted file will de-crypt it.

the encryped file you need to de-crypt is added as an attachment to this post...

as time goes on if noone gets it, maybe ill post some clues...
or maybe i will assume that this hackers challenge is too hard, and late it fade into oblivion..

or maybe i made it too easy, lol.
(this IS easy, it just looks very hard, especially when you first look at the encrypted file with notepad.)

 

 

 

Reply

bad luck for you mate, I just wrote a essay about encryption, it was about Huffman, LZW and Arithmetic Encoding

As soon as I've installed visual basic I'll work on it. Nice challenge though.

Reply

LOL... its not meant to be strong encryption.
glad to hear you have studdied encryption... maybe challenge 2 will involve single padded xor encryption, with a quantum random number source. lol.

Reply

Hmmm, seems i defiantly made it too easy.

i wrote a c++ program that managed to looked for patterns.
it correctly estimated the length of the password, then produced a small list of possable passwords.

each password was ran through looking for a <html> substring, and boom, as expected only one password generated that html tag, and it was the correct one.

it took 10 minuted to write the brute force program in c++.
and the porgram itself took approxamatly 0.01 seconds to run.

but then again, i have studdied basic encryption, so i suppose i had a huge advanges.. (ohh, plus i knew the password, i set the challenge up... LOL)

seems so far only 7 people have downloaded the encrypted web page.

and from lack of posts, i assume no1 is still trying.

i will post the solution, along with some clues later on in the week.

maybe m the only one who enjoys this sort of puzzle

 

 

 

Reply

Well...
I must have made this challenge too hard.

Like i said, this challenge is not about what you know. but about logical thinking and problem solving.

there are many ways to hack this encryption...

i have written a spoiler, and a pattern searching program. i will add them as attachments to this post.

you will kick yourself when you see how easy this is !!!

so if you like, take a look at the spoiler, and learn how to hack Xor encryption and impress the girls

Reply

I have downloaded the spoiler, but in all honesty I have NO idea what I am looking for. This really is like the very first time in coming accross encryption. Thus I have no idea what to do or how to do it.. Sorry. Maybe I am too dumb

Reply

Naa, i probably just didnt explain it too well.

The theory is this, take the html web page as a binary file,
a long string if ascii codes.

each of those ascii codes has been manipulated to make it un readable.
in this type of encryption, Xor logic is used to manupulate each bit.
Xor is the equvalent of (A or B) and (not (A and C))

see the first post for an Xor table.

so, Example... is the password was "S M I L E"

each top line character is Xored to the character below it
T H I S - I S - S O M E T H I N G - T O - E N C R Y P T
S M I L E S M I L E S M I L E S M I L E S M I L E S M I

and the result, is the encrypted file.

to de-crypt it, we need to find out the password.

one method would be a blind brrute force, systematically try out every possable password untill one is found that correctly de-crypts the file.

this is slow, but easy.. it would probably work with this example as the data is so small, and password so weak... but its not a very intelligent method.

we need to optimise the hack, and fortunatly have a major advantage, there are 256 values in a byte, a byte can encode the numbers -128 to 127. And only approxamatly 60ish of those characters are Human readable.
A-Z a-z 0-9 and all the symbols like !"£$%^&*()_+~

One method to hack the encryption would be as follows...
Assuming the password is 5 characters long...

1) Make a list of all human readable characters
2) Exclude from the list, all those characters, which when Xored to the encrypted file's 1st byte do not produce a human readable character.
3) move forward 5 bytes in the encrypted file
4) perform step 2
5) goto step 3, untill end of file.
the list of human readable characters is now a list of all possable 1st passwrod characters.
perform the above step for each of the 5 characters in the 5 character password.

The above method will work on any encrypted plain text file.
this is the mehthod i used.

because we know the file is html, we can firther optimise the hack.
we know that there will be a "</html>" or "</HTML>" very close to the end of the file.

perhaps a faster method of cracking this encryption would be to start at the end of the file,
and making a list of 7 characters which are all human readable, and can be applied to the last 7 bytes of the file, which when xored will porduce one of the above html tags.

in other words, if you Xor the string "</html>" to the correct address (where the encrypted html tag is)
then the result will be the password

(Xor works both ways, there are 3 elements, password, data and encrypted data.
Xor any 2 of those emements together, the the 3rd element is output..

so we KNOW the encrypted data.. we guess that the un-encrypted data is "</html>". that is 2 elements,
the 3rd can be given with the Xor function... providing you xor the correct position within the encrypted data... Trial and error will find it, we know its somewhere neer the end.


the probability is insanely low that it will find a false posative.

then move back into the file, to you are 1 byte from the end of file and repeat.
then move anouther byte in from the end of file and repeat.

keep going untill a string of 7 characters, all human readable is found.

if the password is smaller that 7 then all the password will be revealed (porbably wrapped around itself, trial and error can be sued to find the passwords true start and unwrap.

if the password is larger than 7 characters, then you will need to apply the above method to find the remaining few characters. but performing this step first would have serverly reduced the amount of work the first method would require.

Basically this form of encryption is like this math problem
LET A = 12 and B = 9
C = A + B
C = 21.

so C = A + B.

but what if you only knew C (encrypted)
and you needed to know what A was, without knowing B.

21 = ? + ?

mathematically, you cant work out the origonal values of A or B.
so you need to look for patterns of expected output.

Being a computer science student i suppose i just assumed everyone knew what Logic was and how it worked.

maybe i will release anouther cryptography hacking challenge, after reading this one it shouldnt be too dificult.

Reply

euhm qwij

How does xorring full bytes work anyway?

look 1 xor 0 = 1 but how does that work with for example 'a' xor 'b'

Reply

Xoring a full byte is just like Xoring a bit 8 times.



the ascii code for A is 64, B is 65.
http://www.lookuptables.com/

so
'A' = 01000000
'B' = 01000001
'A' Xor 'B' = 00000001 or 1 in base 10 decimal.
a non human readable ascii code,

but you dont need ot know that.
if you look up the function for Xoring in my encryption program, you will see it is



all you need to know about Xor, is that it works the same forward and backwards, but i mentuioned that in the first post..

Data Xor Password = encrypted data.
encrypted data Xor Password = Data.



lol, a little over confident in your abilities,, hehe.

did you ever get visual basic installed and have a go ???
if so, how did you attempt to crack the encryption ? how far did you get ?

Reply

I was working on this by hand at work. All I had with me was a hexeditor and a calculator.

Basically how I solved this was:

I took the first 6 bytes, so I could compare it against <html> plus qwijibow metioned the password less than 7 characters.
0c 42 42 42 4c 43

Found it's hexadecimal equivalents
3c 68 74 6d 6c 3e

and started XORing it.

This produced: 30 2A I stopped here 2A is the equivalent of * and I've never encountered any HTML tags that did this, I wanted to believe < was still the first character since it produced a valid hex value, so my next step was against

<?xml
3c 3f 78 6d 6c 20 (including the space for 6 bytes)
This produced 30 7D again I stopped here 7D is the equivalent of }

So I tried <!DOC which is
3c 21 44 4f 43 20 (including space)
This produced 30 63 06 I stopped here 06 is not a printable character. Morale for < was getting slim but I still wanted to believe it because I really couldn't think of an HTML page that doesn't start with it, well not a valid page that is.

So I tried <!-- including space and newline just for the 6 bytes, and usually how I would write it
3c 21 2d 2d 20 0a
This produced 30 63 6f 6f 6c 34

Which when converted to ASCII produced
0cool4

Now I thought this was some find, I also noticed "0cool" before I had finished putting the 4 on the end, as I have seen the movie hackers, I thought this is it, so I was going to use 0cool for the first 24 bytes to make sure but I stopped after 10 bytes. That was enough for me to believe it was correct.

0c 42 42 42 4c 43 36 1f 0a 1e 7e 0c 19 0e 4c 1d 4e 51 65 50 11 27 20 2c
30 63 6f 6f 6c 30 63 6f 6f 6c 30 63 6f 6f 6c 30 63 6f 6f 6c 30 63 6f 6f 6c
3c 21 2d 2d 20 73 55 70 65 72
< ! - - s U p e r

And that's when I stopped.

I couldn't really explain this while at work, nor wanted to be seen doing this during work. So it was mostly written down in a text file and worked on while I wasn't as busy.

And that's my story of XOR decryption of that time filling challenge. Tune in next week when I produce a program to beat this... well if I've got time, plus I want to know what is in the contents of this encrypted file


Cheers,


MC

Reply