Register Login
FIAT Auto Specialist Team
Reply
 
Thread Tools
Old 02-12-2011   #1
Join Date: Sep 2008
Location: Wolverhampton
Posts: 6,091
Thanks: 289
Trader Rating: 7
Shadeyman has donated!
United Kingdom 
Can you crack it?



GCHQ, the British intelligence agency, has created an internet-based code-breaking game in an attempt to track down candidates with the right skills for espionage in the computer age.

Rather than hoping to identify potential spies in the traditional feeding grounds of Oxford and Cambridge, it has launched a viral campaign on Facebook and Twitter that directs users to a website called "Can you crack it?"
http://www.canyoucrackit.co.uk
__________________
FIAT Forum Useful Links:
Donate to FF | Buy FF Merchandise | Classifieds | FF Insurance | How-to Guides

Shadeyman is offline Reply With Quote Quote 
Old 02-12-2011   #2
Moderator
 
ChrisUK's Avatar
Join Date: Apr 2004
Posts: 14,684
Thanks: 369
Trader Rating: 1
ChrisUK has donated!
Bartender Champion, Wood Firing Champion
United Kingdom 
Re: Can you crack it?

Nice .
__________________
FIAT Forum Useful Links:
Donate to FF | Buy FF Merchandise | Classifieds | FF Insurance | How-to Guides

ChrisUK is offline Reply With Quote Quote 
Old 02-12-2011   #3
Join Date: Aug 2003
Location: Essex/Suffolk border
Posts: 82,448
Thanks: 1458
Trader Rating: 10
dave has donated!
dave is an official FF Advertiser
dave is an honorary friend of the forum :)
United Kingdom 
Re: Can you crack it?

done, do i post the answer here?
__________________
dave is offline Reply With Quote Quote 
Old 02-12-2011   #4
Join Date: Sep 2008
Location: Wolverhampton
Posts: 6,091
Thanks: 289
Trader Rating: 7
Shadeyman has donated!
United Kingdom 
Re: Can you crack it?

Quote Originally Posted by dave View Post
done, do i post the answer here?
No, PM it to me ...

Enter your answer and press submit, get ready to take a screen shot if your correct, cuz we want proof ...

__________________
FIAT Forum Useful Links:
Donate to FF | Buy FF Merchandise | Classifieds | FF Insurance | How-to Guides


Last edited by Shadeyman; 02-12-2011 at 01:43.
Shadeyman is offline Reply With Quote Quote 
Old 02-12-2011   #5
Moderator
 
ChrisUK's Avatar
Join Date: Apr 2004
Posts: 14,684
Thanks: 369
Trader Rating: 1
ChrisUK has donated!
Bartender Champion, Wood Firing Champion
United Kingdom 
Re: Can you crack it?

Proof enough?
Attached Thumbnails
Click image for larger version

Name:	proof.jpg
Views:	231
Size:	129.2 KB
ID:	96765  
Likes Shadeyman liked this post
__________________
FIAT Forum Useful Links:
Donate to FF | Buy FF Merchandise | Classifieds | FF Insurance | How-to Guides

ChrisUK is offline Reply With Quote Quote 
Old 02-12-2011   #6
Join Date: Sep 2008
Location: Wolverhampton
Posts: 6,091
Thanks: 289
Trader Rating: 7
Shadeyman has donated!
United Kingdom 
Re: Can you crack it?

Quote Originally Posted by ChrisUK View Post
Proof enough?

__________________
FIAT Forum Useful Links:
Donate to FF | Buy FF Merchandise | Classifieds | FF Insurance | How-to Guides

Shadeyman is offline Reply With Quote Quote 
Old 02-12-2011   #7
Moderator
 
ChrisUK's Avatar
Join Date: Apr 2004
Posts: 14,684
Thanks: 369
Trader Rating: 1
ChrisUK has donated!
Bartender Champion, Wood Firing Champion
United Kingdom 
Re: Can you crack it?

It's unencrypted x86 machine code if anyone wants a hint
__________________
FIAT Forum Useful Links:
Donate to FF | Buy FF Merchandise | Classifieds | FF Insurance | How-to Guides

ChrisUK is offline Reply With Quote Quote 
Old 02-12-2011   #8
bairns, not bombs.
 
Venters's Avatar
Join Date: Jun 2006
Location: Hades by the River Styx
Posts: 8,701
Thanks: 377
Trader Rating: 0
Venters has donated!
United Kingdom 
Re: Can you crack it?

__________________
Venters is offline Reply With Quote Quote 
Old 02-12-2011   #9
Join Date: Sep 2008
Location: Wolverhampton
Posts: 6,091
Thanks: 289
Trader Rating: 7
Shadeyman has donated!
United Kingdom 
Re: Can you crack it?

__________________
FIAT Forum Useful Links:
Donate to FF | Buy FF Merchandise | Classifieds | FF Insurance | How-to Guides

Shadeyman is offline Reply With Quote Quote 
Old 02-12-2011   #10
Moderator
 
ChrisUK's Avatar
Join Date: Apr 2004
Posts: 14,684
Thanks: 369
Trader Rating: 1
ChrisUK has donated!
Bartender Champion, Wood Firing Champion
United Kingdom 
Re: Can you crack it?

nah I cheated. I didn't google it, I did however 'hack' the webpage code and found the url of the return of the button .
__________________
FIAT Forum Useful Links:
Donate to FF | Buy FF Merchandise | Classifieds | FF Insurance | How-to Guides

ChrisUK is offline Reply With Quote Quote 
Old 02-12-2011   #11
Join Date: Sep 2008
Location: Wolverhampton
Posts: 6,091
Thanks: 289
Trader Rating: 7
Shadeyman has donated!
United Kingdom 
Re: Can you crack it?

// by petter wahlman, twitter: @badeip
// solution to part #1 of http://www.canyoucrackit.co.uk/
//
// part2.h will be published along with solutions to the subsequent levels after 12 December 2011
#include <stdio.h>
#include <stdint.h>
#include <malloc.h>
#include <stdlib.h>
#include <errno.h>
#include <string.h>
#include <time.h>
#include <sys/types.h>
#include <sys/mman.h>
#include <sys/utsname.h>
#include "part2.h" // see information above
static char part1[] = {
0xeb, 0x04, 0xaf, 0xc2, 0xbf, 0xa3, 0x81, 0xec, 0x00, 0x01, 0x00, 0x00, 0x31, 0xc9, 0x88, 0x0c,
0x0c, 0xfe, 0xc1, 0x75, 0xf9, 0x31, 0xc0, 0xba, 0xef, 0xbe, 0xad, 0xde, 0x02, 0x04, 0x0c, 0x00,
0xd0, 0xc1, 0xca, 0x08, 0x8a, 0x1c, 0x0c, 0x8a, 0x3c, 0x04, 0x88, 0x1c, 0x04, 0x88, 0x3c, 0x0c,
0xfe, 0xc1, 0x75, 0xe8, 0xe9, 0x5c, 0x00, 0x00, 0x00, 0x89, 0xe3, 0x81, 0xc3, 0x04, 0x00, 0x00,
0x00, 0x5c, 0x58, 0x3d, 0x41, 0x41, 0x41, 0x41, 0x75, 0x43, 0x58, 0x3d, 0x42, 0x42, 0x42, 0x42,
0x75, 0x3b, 0x5a, 0x89, 0xd1, 0x89, 0xe6, 0x89, 0xdf, 0x29, 0xcf, 0xf3, 0xa4, 0x89, 0xde, 0x89,
0xd1, 0x89, 0xdf, 0x29, 0xcf, 0x31, 0xc0, 0x31, 0xdb, 0x31, 0xd2, 0xfe, 0xc0, 0x02, 0x1c, 0x06,
0x8a, 0x14, 0x06, 0x8a, 0x34, 0x1e, 0x88, 0x34, 0x06, 0x88, 0x14, 0x1e, 0x00, 0xf2, 0x30, 0xf6,
0x8a, 0x1c, 0x16, 0x8a, 0x17, 0x30, 0xda, 0x88, 0x17, 0x47, 0x49, 0x75, 0xde, 0x31, 0xdb, 0x89,
0xd8, 0xfe, 0xc0, 0xcd, 0x80, 0x90, 0x90, 0xe8, 0x9d, 0xff, 0xff, 0xff, 0x41, 0x41, 0x41, 0x41,
};
// code to dump the decrypted memory:
static const char dump_mem[] = {
0xba, 0x31, 0x00, 0x00, 0x00, // mov edx, 0x40
0x8d, 0x4f, 0xce, // lea ecx, [edi-0x32]
0x31, 0xdb, // xor ebx, ebx
0x43, // inc ebx (stdout)
0x31, 0xc0, // xor eax, eax
0xb0, 0x04, // add al, 0x4 - sys_write
0xcd, 0x80, // int 0x80
0x31, 0xdb, // xor ebx,ebx
0x43, // inc ebx
0x31, 0xd2, // xor edx,edx
0x42, // inc edx
0x68, 0x0a, 0x00,0x00, 0x00, // push 0xa
0x8d, 0x0c, 0x24, // lea ecx,[esp]
0xb8, 0x04, 0x00,0x00, 0x00, // mov eax, 0x4
0xcd, 0x80, // int 0x80 - sys_write
0x31, 0xdb, // xor ebx,ebx
0x31, 0xc0, // xor eax,eax
0x40, // inc eax
0xcd, 0x80, // int 0x80 - sys_exit
};
uint32_t patch_mem(char *ptr, size_t size)
{
uint32_t i;
for (i = 0; i < size; i++) {
if (*(uint16_t *)&ptr[i] == 0x80cd) {
*(uint16_t *)&ptr[i] = 0x45eb;
return 0;
}
}
return 1;
}
uint32_t check_arch(void)
{
struct utsname kernel_info;
uname(&kernel_info);
return strcmp(kernel_info.machine, "i686") ? 1 : 0;
}
int main(int argc, char **argv)
{
void *mem;
if (check_arch()) {
printf("[-] this program must run on a 32-bit architecture\n");
return 1;
}
printf("[*] allocating page aligned memory\n");
mem = memalign(4096, 4096);
if (!mem) {
printf("[-] error: %s\n", strerror(errno));
return 1;
}
memset(mem, 0, 4096);
printf("[*] setting page permissions\n");
if (mprotect(mem, 4096, PROT_READ | PROT_WRITE | PROT_EXEC)) {
printf("[-] error: %s\n", strerror(errno));
return 1;
}
printf("[*] copying payload\n");
memcpy(mem, part1, sizeof(part1));
memcpy(mem + sizeof(part1), part2, sizeof(part2));
memcpy(mem + sizeof(part1) + sizeof(part2), dump_mem, sizeof(dump_mem));
printf("[*] adding dump_mem payload\n");
if (patch_mem(mem, sizeof(part1))) {
printf("[-] failed to patch memory\n");
return 0;
}
printf("[*] executing payload..\n\n");
((int(*)(void))mem)();
return 0;
}
__________________
FIAT Forum Useful Links:
Donate to FF | Buy FF Merchandise | Classifieds | FF Insurance | How-to Guides

Shadeyman is offline Reply With Quote Quote 
Old 02-12-2011   #12
Join Date: Dec 2011
Posts: 1
Thanks: 0
Trader Rating: 0
United Kingdom 
Cool Re: Can you crack it?

I get that its machine code but how did you run it and what answer did it generate? Really struggling with this and my lecturer suggested I learn the method to aid my computer science degree.
__________________
FIAT Forum Useful Links:
Donate to FF | Buy FF Merchandise | Classifieds | FF Insurance | How-to Guides

schillers is offline Reply With Quote Quote 
Old 02-12-2011   #13
Moderator
 
ChrisUK's Avatar
Join Date: Apr 2004
Posts: 14,684
Thanks: 369
Trader Rating: 1
ChrisUK has donated!
Bartender Champion, Wood Firing Champion
United Kingdom 
Re: Can you crack it?

It's raw code you need to compile it / run it in a C interpreter. I used my Linux system.
__________________
FIAT Forum Useful Links:
Donate to FF | Buy FF Merchandise | Classifieds | FF Insurance | How-to Guides

ChrisUK is offline Reply With Quote Quote 
Old 02-12-2011   #14
Join Date: Jan 2009
Location: Kilberry, Meath
Posts: 3,194
Thanks: 105
Trader Rating: 0
m20b25 has donated!
Ireland 
Re: Can you crack it?

Quote Originally Posted by ChrisUK View Post
It's raw code you need to compile it / run it in a C interpreter. I used my Linux system.
After fiddling with the code a bit, this is what I got...

mal@mal-EASYNOTE-SW51:~$ cd Documents
mal@mal-EASYNOTE-SW51:~/Documents$ ls
a.out Musgrave Contingencies.doc tttt.c tttt.exe tttt.h.gch
c Musgrave Financial Report.doc tttt.c~ tttt.h
mal@mal-EASYNOTE-SW51:~/Documents$ gcc tttt.c
mal@mal-EASYNOTE-SW51:~/Documents$ gcc tttt.c -o tttt.exe
mal@mal-EASYNOTE-SW51:~/Documents$ ./tttt.exe[*] allocating page aligned memory[*] setting page permissions[*] copying payload[*] adding dump_mem payload
[-] failed to patch memory
mal@mal-EASYNOTE-SW51:~/Documents$

He did say there was a part 2. Compiling that code gives this:

mal@mal-EASYNOTE-SW51:~/Documents$ gcc tttt.c -o tttt.exe
tttt.c:12:44: fatal error: part2.h: No such file or directory
compilation terminated.
mal@mal-EASYNOTE-SW51:~/Documents$
__________________
The ultimate driving machine, the real M20B25
"Ride me sideways"
VAN-dalised Bravo
Small, fuel economic, environmentally friendly Alfa
I am this gombeen

Last edited by m20b25; 02-12-2011 at 19:11.
m20b25 is offline Reply With Quote Quote 
Reply
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump
Similar Threads
Thread Thread Starter Forum Replies Last Post
(G) windowscreen crack gav1982 Ulysse 0 06-05-2011 22:41
a crack in my bumper burtz Bodyshop 7 19-10-2009 21:27
Crack! Hellcat Leisure Lounge 34 06-07-2009 20:05
Crack Down vtec Gaming 5 05-03-2007 14:27
(G) Will it crack? normski c Cinquecento / Seicento 2 23-04-2005 13:21