Programming #3 Need help getting started.

Put your programming skills to the test in these challenges.

Programming #3 Need help getting started.

Post by spankywetfish on Tue Sep 30, 2008 11:58 am
([msg=12860]see Programming #3 Need help getting started.[/msg])

This is my first post, I'm trying not to give too much away, please don't flame me etc. if I have, just remove any offending content or PM me and I will.

Ok, I've looked at the code snippet and know exactly what it does, I've done some basic analysis and identified the following...

Each generated number can be 0-15 (hex digit of the pwd hash) plus 45,46,48-57,65-90 (ASCII val of char to be encrypted) minus 0-480 (sum of the MD5 hash digits)

When working this back each value in the "encrypted" string has a possibility of 570 collisions, that is there are 15 possible combinations of the above values for each of 38 ASCII chars that could result in the same number being output.
Admittedly we only need to brute force 9 of the 20 serial characters as the rest are either -.OEM1 or CR/LF, so that’s 324 combinations (of 0-1,A-Z) but without the password I'm struggling to realise how I am supposed to verify I've selected the correct combination. :?

I’m probably missing something fundamentally obvious somewhere but I’ve been looking at this for a couple of days now on and off and it’s just not falling into place. So any help anyone can give will be appreciated, PM me if you don’t want to spoil thing for others.

On the plus side, I’m no programmer but I’ve completed 5 of these missions so far, they are really helping me get to grips with PHP, much better that reading a book that’s for sure.
So cheers to all the fiendish swine who have contributed to these missions and helped me and no doubt countless others stretch their lacklustre minds.

SWF.
spankywetfish
New User
New User
 
Posts: 6
Joined: Sat Sep 20, 2008 6:43 am
Blog: View Blog (0)


Re: Programming #3 Need help getting started.

Post by BhaaL on Tue Sep 30, 2008 12:40 pm
([msg=12863]see Re: Programming #3 Need help getting started.[/msg])

You could have probably guessed from the other Prog#3 Topics that you have to brute-force this. You know a lot about the plain-text that was used, this way you can make a smart algorithm that doesnt have to do each and every iteration. You should also know something about the password.
BhaaL
Poster
Poster
 
Posts: 270
Joined: Sun Apr 13, 2008 11:16 am
Blog: View Blog (0)


Re: Programming #3 Need help getting started.

Post by spankywetfish on Tue Sep 30, 2008 3:13 pm
([msg=12887]see Re: Programming #3 Need help getting started.[/msg])

Funnily enough thats what I meant by "we only need to brute force 9 of the 20 serial characters", I've managed to figure that much out.
The bit i'm struggling on is the verification, like I said there are around 570 collisions for each number in the resultant encrypted output.
Obviously I'm missing something that is so blatantly obvious I'm gonna have to give myself a serious talking to once i twig, but until then I still need a shove in the right direction.
spankywetfish
New User
New User
 
Posts: 6
Joined: Sat Sep 20, 2008 6:43 am
Blog: View Blog (0)


Re: Programming #3 Need help getting started.

Post by BhaaL on Wed Oct 01, 2008 10:38 am
([msg=12944]see Re: Programming #3 Need help getting started.[/msg])

There is probably 570 collisions for each number. But the encryption does not produce just single numbers at all.
BhaaL
Poster
Poster
 
Posts: 270
Joined: Sun Apr 13, 2008 11:16 am
Blog: View Blog (0)


Re: Programming #3 Need help getting started.

Post by pinkfish on Wed Oct 15, 2008 11:34 pm
([msg=13767]see Re: Programming #3 Need help getting started.[/msg])

I just finished this. It took me a while to figure it out.

A non-spoiling hint would be to note that brute forcing $intMD5Total at the start would allow
you to work out the next $intMD5Total when you find the letter and $strPasswordMD5 part.
Then you just eliminate possibilities based on what you know.
pinkfish
New User
New User
 
Posts: 1
Joined: Fri May 02, 2008 4:46 am
Blog: View Blog (0)


Re: Programming #3 Need help getting started.

Post by KyleAnderson on Thu Mar 12, 2009 3:58 pm
([msg=19874]see Re: Programming #3 Need help getting started.[/msg])

Just so I'm not totally wasting my time, should I be trying a dictionary type brute force? Or should I be iterating through possible characters of the $strPasswordMD5?
KyleAnderson
New User
New User
 
Posts: 11
Joined: Fri Nov 14, 2008 10:39 pm
Blog: View Blog (0)


Re: Programming #3 Need help getting started.

Post by dwmead03 on Thu Mar 12, 2009 4:33 pm
([msg=19877]see Re: Programming #3 Need help getting started.[/msg])

KyleAnderson wrote:Just so I'm not totally wasting my time, should I be trying a dictionary type brute force? Or should I be iterating through possible characters of the $strPasswordMD5?


Think about this: Do you really need to know the password to break this encryption?
User avatar
dwmead03
New User
New User
 
Posts: 30
Joined: Mon Apr 14, 2008 11:34 pm
Location: KY
Blog: View Blog (0)


Re: Programming #3 Need help getting started.

Post by Defience on Fri Mar 13, 2009 9:59 am
([msg=19904]see Re: Programming #3 Need help getting started.[/msg])

pinkfish wrote:I just finished this. It took me a while to figure it out.

A non-spoiling hint would be to note that brute forcing $intMD5Total at the start would allow
you to work out the next $intMD5Total when you find the letter and $strPasswordMD5 part.
Then you just eliminate possibilities based on what you know.


^^ and this.
User avatar
Defience
Addict
Addict
 
Posts: 1275
Joined: Thu Jun 12, 2008 3:16 pm
Blog: View Blog (0)


Re: Programming #3 Need help getting started.

Post by heldopslippers on Tue Mar 24, 2009 2:19 pm
([msg=20455]see Re: Programming #3 Need help getting started.[/msg])

Ok so I have been on this for a day know.
and what I figured out so far is that I think I can "recreate" the password.
all the 3 digit numbers are all coupled to one serial character.
so could i do a double brute-force to recreate the password and the first character at the same time ? ...
I think this is possible because I think the first character and the password combined will result in a unique 3 digit (the first digit in the text)..

PLEOPLE WHO ARE STILL TRYING.. THIS I NOT A HINT !... just something i think would be possible..
I hope somebody can post/pm me if I am on the right track.
heldopslippers
New User
New User
 
Posts: 2
Joined: Sun Mar 22, 2009 5:28 pm
Blog: View Blog (0)


Re: Programming #3 Need help getting started.

Post by nirakan on Mon May 25, 2009 1:17 am
([msg=24330]see Re: Programming #3 Need help getting started.[/msg])

I 'm just curious about the real serial numbers format.Is it xxx-xxx-OEM-xxx-1.1\n... .Somebody help me to shove in a right direction please.
nirakan
New User
New User
 
Posts: 1
Joined: Sun May 24, 2009 9:39 am
Blog: View Blog (0)


Next

Return to Programming

Who is online

Users browsing this forum: No registered users and 0 guests