These are the problems I helped solve.
This was a FreeBSD binary with only the hint “Running on 140.197.217.155:18703”.
mantis had the key insight about what hash function we were facing and how to find collisions. He found the hash function by doing a web search on constants in the code.
Summary: Find a collision in the Tangle hash function. The program requires a user named "grease" to exist. The then does a chroot into grease's home directory. It starts listening on port 18703. The program then does four 4-byte reads, each time interpreting the read bytes as a pointer and passing it to free. The frees and mallocs appear to be red herrings. The pointer values are then compared against magic constants or the program exits. The program then reads a 4-byte length. This will be the length of two following strings to be read in. It reads the two strings of the given length, and checks that they are not equal. It then calls the Tangle function on both of them and compares the hashes. If the hashes are the same, it spits out the key. A paper on Tangle collisions is at http://www2.mat.dtu.dk/people/S.Thomsen/tangle/tangle-coll.pdf It comes with a link to source code: http://www.mat.dtu.dk/people/S.Thomsen/tangle/tangle-coll.c It has to be compiled with source files from the reference implementation, available here: http://ehash.iaik.tugraz.at/wiki/Tangle http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/documents/Tangle.zip $ gcc -o tangle-coll tangle-coll.c tangle-ref.c $ ./tangle-coll Collision found in Tangle-256 Message 1: c8190000000000000000000000000000000000000000000000000000000000000000000000000000 Hash of message 1: f710be651ab67737a58ac452056bbf13e62abed071943617dadbf25c2dea710b Message 2: c8190080000000800000000000000000000000000000000000000000000000000000008000000080 Hash of message 2: f710be651ab67737a58ac452056bbf13e62abed071943617dadbf25c2dea710b XOR of hashes: 0000000000000000000000000000000000000000000000000000000000000000 Put these strings in your message and you're done. $ perl -e 'print "\x94\xa4\xc2\x65\xfe\x73\x2d\x6f\xee\xf8\x14\xcb\x6e\xc8\xa1\x26" . "\x28\x00\x00\x00" . "\xc8\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" . "\xc8\x19\x00\x80\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x80";' | nc 140.197.217.155 18703 437f085141d357c5d28850d5119aacb5
The hint was, “crack Al Qaeda's new ‘Frogg cipher’. user:dolly password:ihavethreemoms”. There was a link to http://140.197.217.85/, which appeared to be a mirror of http://alqaedawebsite.com/ saved by Firefox.
We tried the obvious forensics things like examining all the image and JavaScript files. Comparing Wget mirrors of the original and DDTEK sites didn't show anything suspicious.
Summary: Sending different Accept-Language headers causes different
fragments of a secret message to be mixed in the HTML of the main page.
The key was noticing that when looking at the page in a browser, there
was an extra "!!" at the bottom that was not in the mirror I made with
Wget. I tried deleting headers from what my browser sent until the "!!"
disappeared, and it turned out to be controlled by the Accept-Language
header.
I grabbed some codes from here:
http://www.loc.gov/standards/iso639-2/php/English_list.php
And made langs-short.txt. Then did a loop like
for a in $(cat langs-short.txt); do echo -n "$a "; wget http://dolly:ihavethreemoms@140.197.217.85/ -O - --header "Accept-Language: $a" -q | md5sum; done
which makes output like
fon 25a23ddbd88a2d9578b2b0311b728289 -
fr e98b2c552c4d15a0226656234c204068 -
frm e98b2c552c4d15a0226656234c204068 -
fro e98b2c552c4d15a0226656234c204068 -
fur 25a23ddbd88a2d9578b2b0311b728289 -
...
hz 25a23ddbd88a2d9578b2b0311b728289 -
hil 15c9b9bfab1068a8650f422f45f8d7ee -
him 15c9b9bfab1068a8650f422f45f8d7ee -
hi 15c9b9bfab1068a8650f422f45f8d7ee -
ho 25a23ddbd88a2d9578b2b0311b728289 -
I found a handful of languages that provided something other than the
25a2... hash and diffed them against en. They made diffs like this:
$ diff -u index.none.html index.fr.html
--- index.none.html 2012-06-02 21:40:08.000000000 -0700
+++ index.fr.html 2012-06-02 21:21:03.000000000 -0700
@@ -76,7 +76,7 @@
source for homeland security news
and information.
Al Qaeda Claims To Be Holding U.S. Hostage In Pakistan
-
+an
Each language that differs, has two extra characters inserted somewhere
on the page. The samples I found were:
fr an
it ha
hi ez
jp er
en-us !!
From here I guessed the missing letters to get "icanhazcheezburger!!".
----
Also notable: It looks like a ddtek guy left some Google Account
detritus attached to the +1 button in the deployed web site at first. A
diff between two Wget mirrors taken hours apart gave stuff like this:
-window.__SSR = {c: 1.0 ,si:1,su:1,e:'tvidas@gmail.com',dn:'Tim Vidas'
+window.__SSR = {c: 1.0 ,si:1,su:1,e:'hugo42134@gmail.de',dn:'Hugo Chaveeez'
Hint:
ur final exam for Stanford's online algorithms class may be found here: 140.197.217.155:5601 Password: d0d2ac189db36e15
Being someone studying algorithms at Stanford, I couldn't turn this down. Connecting to the address gives
Password: Here come 100000 uint16_t, please tell me how to sort them into ascending order by sending me pairs of indicies to exchange, one per line, in the format:followed by the aforementioned 100,000: For example to exchange elements 123 and 9821 you should send: 123:9821 Valid indicies are in the range 0..99999 inclusive. Send a blank line when you are done. If you correctly sort the array in sufficiently few moves I will give you a key! You have about 10 seconds to finish, and a 5 minute wait between successive connections.
uint16_ts.
solver.py program.
Summary: Decompose into cycles, send k − 1 swaps for each length-k cycle. I had to do this from a Linode because my home DSL connection couldn't upload fast enough. My first try was to write quicksort and just record the swaps. I don't know if that failed because it used too many swaps or because I couldn't upload them quickly enough. $ ./nmap/ncat/ncat 140.197.217.155 5601 --sh-exec "./solver.py" -vvv Ncat: Version 6.01 ( http://nmap.org/ncat ) NSOCK (0.0010s) TCP connection requested to 140.197.217.155:5601 (IOD #1) EID 8 NSOCK (0.0330s) Callback: CONNECT SUCCESS for EID 8 [140.197.217.155:5601] Ncat: Connected to 140.197.217.155:5601. NCAT DEBUG: Executing with shell: ./solver.py Congratulations, your final array is sorted correctly. Here is your key: a7482ddfb82601fdc392b67836883dcc