Coffeehouse Thread

21 posts

Can you crack the cyber-crime code?

Back to Forum: Coffeehouse
  • RamblingGeek​UK

    http://www.bbc.co.uk/news/technology-10758371

     

    It doesn't tell you where to enter Perplexed Is that part of the challenge? Smiley

  • ManipUni

    The UK government aren't recruiting anything. We have some of the worst numbers of Computer Forensics staff in the western world and most people who graduate with a masters in that area wind up unemployed (I know a few!). This is a moronic publicity stunt, why don't they just go out into the marketplace and employ some of the many qualified people looking for jobs?

     

    I'm sorry, but it is just hard to swallow. They are paying people to get qualified into an area of high unemployment in order for the UK to keep up with the rest of the world, without actually hiring into that area? If they hired people for those positions then perhaps more people might go into the field instead of spending time getting qualified and then becoming a programmer?

  • Dr Herbie

    ManipUni said:

    The UK government aren't recruiting anything. We have some of the worst numbers of Computer Forensics staff in the western world and most people who graduate with a masters in that area wind up unemployed (I know a few!). This is a moronic publicity stunt, why don't they just go out into the marketplace and employ some of the many qualified people looking for jobs?

     

    I'm sorry, but it is just hard to swallow. They are paying people to get qualified into an area of high unemployment in order for the UK to keep up with the rest of the world, without actually hiring into that area? If they hired people for those positions then perhaps more people might go into the field instead of spending time getting qualified and then becoming a programmer?

    Have you seen the prizes on offer?

     

    "An Open University Course" or "A job application."

     

    Cold, hard cash would be the prize to motivate people (the job offers would be secondary).

     

    Herbie

     

  • ManipUni

    Dr Herbie said:
    ManipUni said:
    *snip*

    Have you seen the prizes on offer?

     

    "An Open University Course" or "A job application."

     

    Cold, hard cash would be the prize to motivate people (the job offers would be secondary).

     

    Herbie

     

    Indeed. I didn't see the prizes on offer. I read the BBC article on this subject but it didn't link to the competition's web-site. I just find the concept that the UK is short on qualified Cyber-Crime specialists to be an absolute joke - when from what I know the UK has too many of them graduating compared to job offers.

     

    Perhaps what they mean is - "Police departments are too stupid to hire Cyber Security specialists and instead buy an even faster cars so they can hand out tickets faster."

  • ZippyV

    The address ends with challenge.org.uk when they are scrolling down the webpage at second 18.

     

    Edit: I think I found it: https://cybersecuritychallenge.org.uk/

  • Dr Herbie

    ZippyV said:

    The address ends with challenge.org.uk when they are scrolling down the webpage at second 18.

     

    Edit: I think I found it: https://cybersecuritychallenge.org.uk/

    Well done, expect a phone call from Her Majesty's Secret Service -- you've passed the first test Tongue Out

     

    Herbie

     

  • ZippyV

    Dr Herbie said:
    ZippyV said:
    *snip*

    Well done, expect a phone call from Her Majesty's Secret Service -- you've passed the first test Tongue Out

     

    Herbie

     

    Let's say they encrypted the challenge with AES. What are we supposed to do with it? Bruteforce?

  • RamblingGeek​UK

    ZippyV said:
    Dr Herbie said:
    *snip*

    Let's say they encrypted the challenge with AES. What are we supposed to do with it? Bruteforce?

    Isn't that that the point?

  • Sven Groot

    ZippyV said:
    Dr Herbie said:
    *snip*

    Let's say they encrypted the challenge with AES. What are we supposed to do with it? Bruteforce?

    Is that the real challenge? Are they kidding? It took me literally 10 seconds to figure out what it was.


    EDIT: Here's the solution, encoded using rot13 for those who don't want it spoiled: Vg'f n onfr64 rapbqrq irefvba bs n WCRT vzntr, cnegvphyneyl guvf KXPQ pbzvp: uggc://kxpq.pbz/538/

  • Sven Groot

    Sven Groot said:
    ZippyV said:
    *snip*

    Is that the real challenge? Are they kidding? It took me literally 10 seconds to figure out what it was.


    EDIT: Here's the solution, encoded using rot13 for those who don't want it spoiled: Vg'f n onfr64 rapbqrq irefvba bs n WCRT vzntr, cnegvphyneyl guvf KXPQ pbzvp: uggc://kxpq.pbz/538/

    You know, it reminded me of the kind of puzzle used by http://www.deathball.net/notpron/, except much simpler.

  • Stebet

    Sven Groot said:
    ZippyV said:
    *snip*

    Is that the real challenge? Are they kidding? It took me literally 10 seconds to figure out what it was.


    EDIT: Here's the solution, encoded using rot13 for those who don't want it spoiled: Vg'f n onfr64 rapbqrq irefvba bs n WCRT vzntr, cnegvphyneyl guvf KXPQ pbzvp: uggc://kxpq.pbz/538/

    Lol. This really was easy. The joke is funny though Smiley

  • ZippyV

    Sven Groot said:
    ZippyV said:
    *snip*

    Is that the real challenge? Are they kidding? It took me literally 10 seconds to figure out what it was.


    EDIT: Here's the solution, encoded using rot13 for those who don't want it spoiled: Vg'f n onfr64 rapbqrq irefvba bs n WCRT vzntr, cnegvphyneyl guvf KXPQ pbzvp: uggc://kxpq.pbz/538/

    How do you figure that out? Is it the = sign at the end of the text and the same number of characters for each line?

  • androidi

    Sven Groot said:
    ZippyV said:
    *snip*

    Is that the real challenge? Are they kidding? It took me literally 10 seconds to figure out what it was.


    EDIT: Here's the solution, encoded using rot13 for those who don't want it spoiled: Vg'f n onfr64 rapbqrq irefvba bs n WCRT vzntr, cnegvphyneyl guvf KXPQ pbzvp: uggc://kxpq.pbz/538/

    Yeah, anyone who's read news knows what to do with it (without being a dev/security guru/anything), I used to use outlook to read news and there was often that garbage on the screen as it couldn't handle the encoding of the day (they've developed new ones to accommodate larger stuff).

     

  • blowdart

    Stebet said:
    Sven Groot said:
    *snip*

    Lol. This really was easy. The joke is funny though Smiley

    Yea, that cartoon is on my desk.

     

    I wonder if they asked if they could use it....

     

  • Sven Groot

    ZippyV said:
    Sven Groot said:
    *snip*

    How do you figure that out? Is it the = sign at the end of the text and the same number of characters for each line?

    I've seen base64 often enough to know what it looks like. Smiley The = sign at the end is a dead giveaway, yeah. After decoding it I opened the resulting file in a hex editor and recognized the file's header.

  • Stebet

    Sven Groot said:
    ZippyV said:
    *snip*

    I've seen base64 often enough to know what it looks like. Smiley The = sign at the end is a dead giveaway, yeah. After decoding it I opened the resulting file in a hex editor and recognized the file's header.

    Yeah. The Base64 encoding was rather obvious. After that I converted the resulting bytes to a string just to see if it made sense and saw the magic words "Exif". Only after that did I notice the file header. All rather easy.

     

    But am I the only one that thought "hmm.. that's a pretty big ASP.NET viewstate" Tongue Out

  • gilgamesh

    Stebet said:
    Sven Groot said:
    *snip*

    Yeah. The Base64 encoding was rather obvious. After that I converted the resulting bytes to a string just to see if it made sense and saw the magic words "Exif". Only after that did I notice the file header. All rather easy.

     

    But am I the only one that thought "hmm.. that's a pretty big ASP.NET viewstate" Tongue Out

    There is more to the puzzle:

     

    1. Convert the base 64 into binary and obtain the comic.

    2. The comic has weird on/off bits on the edges that should be converted into binary.

    3. The binary should be converted into ascii.

    4. The ascii should be transformed with ROT13.

    5. The resulting string is a URL of: https://cybersecuritychallenge.org.uk/834jtp.html

    6. The URL contains hex string that is the 'Real' code to be broken.

    7. Use substitution and frequency analysis on two-letter combination of the alpha-numeric code... i.e. ac=E

    8. The resulting message is below, I omitted the code that you are supposed to send.

     

    C O N G R A T U L A T I O N S  !  Y O U ' V E  F O U N D  A N D  C O M P L E T E D  T H E  R E A L  C H A L L E N G E .  Y O U R  W I N  C O D E  I S   (OMITED BY ME) P L E A S E  E M A I L  T H I S  C O D E  T O  O U R  T E A M  A T  M E D I A @ C Y B E R S E C U R I T Y C H A L L E N G E . O R G . U K .  I F  Y O U ' R E  T H E  F I R S T  P E R S O N  T O  D O  S O ,  A N D  C A N  P R O V E  Y O U  M E E T  T H E  E L I G I G I L I T Y  C R I T E R I A  ( B R I T I S H  C I T I Z E N  C U R R E N T L Y  R E S I D E N T  I N  T H E  U K )  W E  W I L L  G E  I N  T O U C H  T O  A D V I S E  H O W  T O  C L A I M  Y O U R  P R I Z E .  W E L L  D O N E  A N D  G O O D  L U C K  I N  T H E  C Y B E R  S E C U R I T Y  C H A L L E N G E  C O M P E T I T I O N S  T A K I N G  P L A C E  T H R O U G H O U T  T H E  R E S T  O F  T H E  Y E A R .

     

    I am not eligible for the contest, so I did not send.

  • Bass

    gilgamesh said:
    Stebet said:
    *snip*

    There is more to the puzzle:

     

    1. Convert the base 64 into binary and obtain the comic.

    2. The comic has weird on/off bits on the edges that should be converted into binary.

    3. The binary should be converted into ascii.

    4. The ascii should be transformed with ROT13.

    5. The resulting string is a URL of: https://cybersecuritychallenge.org.uk/834jtp.html

    6. The URL contains hex string that is the 'Real' code to be broken.

    7. Use substitution and frequency analysis on two-letter combination of the alpha-numeric code... i.e. ac=E

    8. The resulting message is below, I omitted the code that you are supposed to send.

     

    C O N G R A T U L A T I O N S  !  Y O U ' V E  F O U N D  A N D  C O M P L E T E D  T H E  R E A L  C H A L L E N G E .  Y O U R  W I N  C O D E  I S   (OMITED BY ME) P L E A S E  E M A I L  T H I S  C O D E  T O  O U R  T E A M  A T  M E D I A @ C Y B E R S E C U R I T Y C H A L L E N G E . O R G . U K .  I F  Y O U ' R E  T H E  F I R S T  P E R S O N  T O  D O  S O ,  A N D  C A N  P R O V E  Y O U  M E E T  T H E  E L I G I G I L I T Y  C R I T E R I A  ( B R I T I S H  C I T I Z E N  C U R R E N T L Y  R E S I D E N T  I N  T H E  U K )  W E  W I L L  G E  I N  T O U C H  T O  A D V I S E  H O W  T O  C L A I M  Y O U R  P R I Z E .  W E L L  D O N E  A N D  G O O D  L U C K  I N  T H E  C Y B E R  S E C U R I T Y  C H A L L E N G E  C O M P E T I T I O N S  T A K I N G  P L A C E  T H R O U G H O U T  T H E  R E S T  O F  T H E  Y E A R .

     

    I am not eligible for the contest, so I did not send.

    You win five Internets.

     

Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.