HACKvent 2015: Day 14
Challenge
|
1 |
pull out the Nugget out of this binary. |
The following Windows binary was also provided: Download EXE File Solution I download the binary and run it and am presented with the following program: It turns out that this program will tell you (via a messagebox) if you enter in the correct daily nugget or not! So all we have to…read more.
HACKvent 2015: Day 13
Challenge
|
1 |
... here it is, but will you be able to reveal it's secret? |
The following image was also provided: Solution First I suspect the common least significant bit steganography technique has been used here where the least two or one significant bit(s) of the image have been changes so other images can be hidden without affecting the appearance of the first image by much. I load up…read more.
HACKvent 2015: Day 12
Challenge
|
1 2 3 4 |
We were given this little piece of code to run. Unfortunately it takes a bit too long to terminate on our systems and even gcc's -O3 does not seem to help. Maybe you want to run it on your new peta-flop CPU for a couple of years? |
The following C code is also provided:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 |
#include <stdio.h> #include <stdint.h> uint64_t foo(uint64_t a) { uint64_t s = a - 42; s += 23*2-3; return s; } uint64_t bar(uint64_t a) { uint64_t s = a + 42; s -= 23*2-3; return s; } uint64_t baz(uint64_t a, uint64_t b) { uint64_t r = 0; for(uint64_t i=0; i<a; i++) r = foo(r); for(uint64_t i=0; i<b; i++) r = foo(r); return r; } uint64_t spam(uint64_t a, uint64_t b) { uint64_t r = baz(0,a); for(uint64_t i=0; i<b; i++) r = bar(r); return r; } uint64_t eggs(uint64_t a, uint64_t b) { uint64_t r = 0; for(uint64_t i=0; i<a; i++) r = baz(r, b); return r; } uint64_t merry(uint64_t a, uint64_t b) { uint64_t i; for(i=0; a>=b; i++) a = spam(a, b); return i; } uint64_t xmas(uint64_t a, uint64_t b) { return spam(a, eggs(merry(a,b),b)); } uint64_t hackvent(uint64_t a, uint64_t b) { uint64_t r = 1; for(uint64_t i=0; i<a; i++) r = eggs(r, b); return r; } int main() { uint64_t val=0; for(uint64_t i=0; i<0xC0DE42; i++) { val = xmas(eggs(baz(hackvent(merry(i,42),3),val),i),0x42DEADBABEC0FFEE); } printf("HV15-mHPC-%04llx-%04llx-%04llx-%04llx\n", val>>48,(val&0x0000FFFF00000000)>>32, (val&0x00000000FFFF0000)>>16, (val&0x000000000000FFFF)); return 0; } |
Solution Clearly the issue here is that this program is very inefficient. So what does the program do? First it sets the unsigned 64 bit integer variables val and i to 0. Then 0xC0DE42 iterations occur and the val is recomputed each calculation. The previous val and i …read more.
HACKvent 2015: Day 11
Challenge The following image is provided: Solution I had to spend some time researching the above image but I soon discover that it is a punch card. It turns out to be a IBM 96 Column Punchcard. Unfortunately there isn’t much information online on how to decode them. A reverse image search comes up with the following image:…read more.
5138 – Escape from Python City
I connect to the server and am presented with the following message:
|
1 |
Can you read the key.txt? |
I type in ls and am presented with the following:
|
1 2 3 |
x= ls Exception: name 'ls' is not defined Exception: 'NoneType' object has no attribute 'group' |
I am in a python sandbox and must escape or read the key.txt file somehow. I try to simply type in sh and get the following message:
|
1 |
Good try, but not allowed :-) |
I notice the exception and figure…read more.
HACKvent 2015: Day 10
Challenge
|
1 |
get the ZIP, you'll know what's to do! |
The following zip file was also provided: Download ZIP File Solution We notice that the zip file nasty-Shit.zip contains one zip file called 1.zip, that contains one zip file called 2.zip and so on. I also know that the file zile will keep getting lower and lower in file size the more we…read more.
Creating an Extremely Strong and Unique Password
In this post I’ll give you a method to create a really strong and flexible password. Now i’ve personally only gone through 5-6 passwords in the last 8 years. The first 2 passwords were insanely weak (6 digit numbers!). I then started picking stronger passwords but unfortunately I’ve had to change my password multiple times due…read more.
Advent Of Code: Day 8
Challenge
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 |
--- Day 8: Matchsticks --- Space on the sleigh is limited this year, and so Santa will be bringing his list as a digital copy. He needs to know how much space it will take up when stored. It is common in many programming languages to provide a way to escape special characters in strings. For example, C, JavaScript, Perl, Python, and even PHP handle special characters in very similar ways. However, it is important to realize the difference between the number of characters in the code representation of the string literal and the number of characters in the in-memory string itself. For example: "" is 2 characters of code (the two double quotes), but the string contains zero characters. "abc" is 5 characters of code, but 3 characters in the string data. "aaa\"aaa" is 10 characters of code, but the string itself contains six "a" characters and a single, escaped quote character, for a total of 7 characters in the string data. "\x27" is 6 characters of code, but the string itself contains just one - an apostrophe ('), escaped using hexadecimal notation. Santa's list is a file that contains many double-quoted string literals, one on each line. The only escape sequences used are \\ (which represents a single backslash), \" (which represents a lone double-quote character), and \x plus two hexadecimal characters (which represents a single character with that ASCII code). Disregarding the whitespace in the file, what is the number of characters of code for string literals minus the number of characters in memory for the values of the strings in total for the entire file? For example, given the four strings above, the total number of characters of string code (2 + 5 + 10 + 6 = 23) minus the total number of characters in memory for string values (0 + 3 + 7 + 1 = 11) is 23 - 11 = 12. Your puzzle answer was 1342. --- Part Two --- Now, let's go the other way. In addition to finding the number of characters of code, you should now encode each code representation as a new string and find the number of characters of the new encoded representation, including the surrounding double quotes. For example: "" encodes to "\"\"", an increase from 2 characters to 6. "abc" encodes to "\"abc\"", an increase from 5 characters to 9. "aaa\"aaa" encodes to "\"aaa\\\"aaa\"", an increase from 10 characters to 16. "\x27" encodes to "\"\\x27\"", an increase from 6 characters to 11. Your task is to find the total number of characters to represent the newly encoded strings minus the number of characters of code in each original string literal. For example, for the strings above, the total encoded length (6 + 9 + 16 + 11 = 42) minus the characters in the original code representation (23, just like in the first part of this puzzle) is 42 - 23 = 19. Your puzzle answer was 2074. |
Solution A fairly simple puzzle. My approach was to add up the strings together and use regular expressions to replace special characters with a * character so that the python len function would provide me with the correct result. Script:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
# Day 8 - Part 1 and Part 2 import sys, re str = '' eval = '' reverseCount = 0 with open('input.txt') as f: for line in f: line = line.rstrip() str += line eval += line[1:-1] # strip quotes reverseCount += line.count('\\') + line.count('"') + len(line) + 2 # add 2 for surrounding quotes each string has # Lets get rid of a few things eval = re.sub(r'\\x..|\\.', '*', eval) # solution print 'Part 1 answer is {0} - {1} = {2}'.format(len(str), len(eval), len(str)-len(eval)) print 'Part 2 answer is {0} - {1} = {2}'.format(reverseCount, len(str), reverseCount - len(str)) |
HACKvent 2015: Day 1
Challenge
|
1 |
Ns ly ns! Hy esy dnmru Yerdg mw xux e parri ser kz epv? Lsv iuy roxhw s nezo g wtoimev xmhnri: Jsth xrk tmmzyvo o'zi lkir rohmxm hsehpc puv cya. Jmbyx cya amvr jmxj mx rohhot sr dni lkiozotx woxzib grh dnir ... knq, ry, lmrn zli sjirdogev oqeqk csexwivl mr dni ayxph gohi gkf. Lk ne lk, tmgo psoo cled? Hyx sz'w xrk xvezl, cya lefk xs nu xlkz! Lezvc enbird, esyby Wexze |
Solution I decode the string above using a Vigenere Cipher solver with the key ‘geek‘ (deduced from frequency analysis). The message I get is:
|
1 |
ho ho ho! do you think santa is not a funny man at all? for you nerds i have a special riddle: find the picture i've been hiding doubly for you. first you will find it hidden on the hackvent server and then ... ahm, no, find the identical image yourself in the world wide web. ha ha ha, nice joke what? but it's the truth, you have to do that! happy advent, yours santa |
The message is pretty clear. First spot I check as a webmaster is /robots.txt (psss go check my websites robots.txt :p). I find 1 disallowed resource which is: /MeMyselfAndI-surfingInTheSky/hacker.jpg I visit this…read more.
HACKvent 2015: Day 9
Challenge
|
1 2 3 4 5 6 7 8 |
sadly we didnt receive todays code transmission properly and it seems that a part of the information got lost. are you able to recover the missing parts? all we know is that the lowercase sha1 of the code gives: B39ECFBC2C64ADBB7C7A9292EEE31794D28FE224 and the sha1 of the case sensitive code should be: 0D353038908AD0FC8C51A5312BB3E2FEE1CDDF83 |
The following sound file was also provided: Download MP3 Solution This was a very simple challenge. First we listen to the transmission and discover it spells out the nugget but some characters are turned into noise. We get:
|
1 |
HV?5 g?uj 1yq7 ?dyc 2wlr e6?j |
The ? character represents a character in the set [A-Za-z0-9] (because those are the only…read more.
