Interesting thing I just found but can't figure out. If you look at OkCupid's page source (view-source:okcupid.com
WOULD YOU LIKE TO PLAY A GAME?
596d 6c30 4c6d 7835
4c7a 4a32 6258 5a45
5a6a 514b
written on the screen. I can't figure out what the numbers are, they're like a hash but none that I can find, except for a Bitcoin address - blockchain.info
Anyone else have any clue what this is?
If it is a hash, it looks like SHA-1 (40 chars).
If you convert the hex to ascii you get Yml0Lmx5LzJ2bXZEZjQK.
Base64 decode that ascii and you get a bitly link that takes you to quiz.okcupid.com/letsplayagame/
>looks to be a Macintosh
Nah bro, that's totally an HP.
It doesn't seem to actually be a hash, just look like one as it doesn't decrypt.
Ah, there we go. I'm guessing this is just another hiring quiz thing.
Interesting, the jpeg looks really weird at the bottom, probably a hidden message?
Open the jpg in a text editor and look at the metadata in the xml at the top
specifically the "password" metadata field
The whole thing is really noisy. I'm guessing the password for the first zip, "quebra" is either in there or points to it.
IHuCponG+Z
Doesn't work for any of the zips
Jesus christ I'm retarded, I actually hexdumped it, but just glossed over it and started trying to find steganographic data
That might still be necessary, since the password in the metadata doesn't seem to do anything and the jpeg has "flag.txt" show up in it twice at the end of the file.
flag.txt is also the name of the only file in quebra.zip
Why would OKC want to hire someone with this kind of skillset anyway?
Yeah, the password was just put in the metadata using ExifTool, so there still could be stuff in the image itself.
The EOI bytes for jpeg are FF D9. Everything after that has been added (this is where you see the flag.txt reference).
50 4B 03 04 14 03 01 00 00 00 B1 70 F8 4A 31 31 45 F2 23 00 00 00 17 00 00 00 08 00 00 00 66 6C 61 67 2E 74 78 74 E8 C4 CA 6A 30 A8 64 AC 77 AF 21 E1 EE 10 06 9B 41 42 22 A2 1C E9 78 B8 9B 02 AF DB FF 69 9C E1 92 E7 69 50 4B 01 02 3F 03 14 03 01 00 00 00 B1 70 F8 4A 31 31 45 F2 23 00 00 00 17 00 00 00 08 00 24 00 00 00 00 00 00 00 20 80 A4 81 00 00 00 00 66 6C 61 67 2E 74 78 74 0A 00 20 00 00 00 00 00 01 00 18 00 00 6B D9 71 A7 04 D3 01 00 69 CF 4A A8 04 D3 01 00 6B D9 71 A7 04 D3 01 50 4B 05 06 00 00 00 00 01 00 01 00 5A 00 00 00 49 00 00 00 00 00
Alright cool. the rest of the file is a zip that contains flag.txt which just says "Never tell me the odds."
Yeah, I just got that, too.
>Never tell me the odds
Using "Never tell me the odds" as the password for quebra.zip gives a new flag.txt with the contents "dc40b85276a1f4d7cb35f154236aa1b2"
What was the actual password for quebra.zip?
decoding "dc40b85276a1f4d7cb35f154236aa1b2" as hex doesn't seem to result in anything particularly meaningful
That's a hash that decrypts to "abgrtyu", which is a common password and opens the init.zip
md5 hash for "abgrty"
If quebra.zip contains the same data but uses a different password, I wonder if that's sufficient information to determine quebra.zip's password? Which would likely also be the password for another file.
>dc40b85276a1f4d7cb35f154236aa1b2
MD5 hash for abgrtyu
Can't try unzipping the files, xarchiver is fucking up on me, anyone can try that as password for the second zip?
Sorry, I hadn't read the updates to the thread. This post was dumb.
Great work, that opens init.zip
"Password" appears 20 times in hackpw.txt
Line 20 is: login
MD5 is: d56b699830e77ba53855679cb1d252da
But that doesn't seem to work as the key for map.zip. Adding a newline to "login" to get a different md5 doesn't work any better
It is, I posted as above here So now it has some instructions but I didn't get them to work.
---
Perform the following steps to obtain the key:
* count the number of times the word password appears in hackpw.txt, this will be $a
* take the md5 of line $a from hackpw.txt to create $b
* use $b as the key
---
"password" shows up 28 times, line 28 is
"wont allow anonymous logins. If this is true try getting an account on the system."
and the md5 of that is "a72bb057359c22d578668e8ae1f38041" which doesn't work as a password.
>"password" shows up 28 times
What? it shows up 20 times
Notepad++ tells me it comes up 28 times, not 20. How did you get that?
Also I think we need to open almost.zip to get the ps.txt first, before map.zip
it depends whether you're doing a case insensitive search or not. "password" shows up 20 times. "[pP]assword shows up 28
If I count it myself I come to 24, this is weird.
Yeah... maybe it's for something else
readme says to use it as " the key" not password...
grep -c "password" hackpw.txt
what
The hash for line 28 is 024b0350a988f8150501ac685e2811da
it opens ps.txt
> -c, --count print only a count of matching lines per FILE
Not matching words, oops.
Ah, so it was 28 I just got the wrong hash somehow. Where/how did you get yours?
Well I got traffic.pcap, but I'm not familiar with tcpdump so
There's a curl to quiz.okcupid.com
Did you include the newline?
At least we now know this is a new quiz, the EXIF on this says July 24th, and that it was edited with Photoshop on a mac.
How did you get map.zip open?
Ah, yes. My mistake.
see the squares at the bottom of mmsf.jpg? They're binary
At the top too.
I actually didn't even see the squares, wow.
The top is just repeating 1 and 0, the bottom says "Rokkuman".
this was a good game
The ones at the top don't have any information in them.
Anyway the pcap has some urls in it, one has a new zip and one has a text file containing the password, but the zip has an ELF binary in it and I'm not going to run unknown binaries so I'm out
Oh, I was stuck in the hex editor, didn't even pay any attention to this weaboo shit lol
e4b2c3c2b4ccc2b8
The text string is the password for the zip, it only has a solveme file. I don't know what it is at this point.
It's a linux executable. Run it.
I don't use linux (inb4 reactions) but I guess I could spin up a vm for it.
linux is gay anyway brah
Man i loved those game as a kid and Luna platz was cute af too
Looking at disassembly, it's basically hundreds of add instructions and a few jumps thrown in every now and then, probably manually calculating a number or something?
You have completed this game.
Would you like to keep doing infosec work and get paid for it?
Good news! We're hiring a Linux Security Engineer!
Send your resume over to [email protected] to apply.
Please put "SECURITYNINJA" in the subject.
Wow it's fucking nothing.
strings, m8
This is not the function you are looking for.
So it's just a more obtuse way to see this:
forgot image
I was about to post this as well.
You can find it by just looking at the content of .rodata in solveme (opened as an archive in 7zip.)
You don't even have to disassemble or reverse engineer the binary, lel.
Well this was fun Sup Forums. I totally called it at the beginning that it was a hiring thing
Well yeah no shit
...
What the fuck did you reply to all the posts for, retard?
>look mom I did it again
Because, just ignore it.
What other reason would OKC have to put up a puzzle like this in their source code?
It shows us old decrepit faggots that we still got it in us.
So you could access the 2d waifu profiles instead of the usual 3d trash.
>game solved
>thread instantly dissolves to shit
This is why we can't have nice things
Note how basically no images were posted because people were actually discussing something
puzzles always bring people like us together.
Kek. If only.
lol ouch
I had a lot of fun. I don't know why we don't organize something like this ourselves on a monthly basis.
>Send your resume
Whelp
Well there was that link to the flyingmonkeys thing. I only took a cursory glance but it seems like a new hacking challenge thing.
I know there's others on other sites, but yeah it'd be cool if Sup Forums mods or whatever made one up for every month.
These challenges are pretty common. Unfortunately, there are rarely any replies.
> A sense of satisfaction that comes from helping millions of people find love
No thanks