Cipher Challenges – Puzzle 3 and Σ

In the last post I had just completed Puzzle 2 and Ω of the Raytheon: Cyber Warriors challenge, along with Puzzle 1 and Δ prior that. So let’s not waste any more time and get into what Puzzle 3 has in store for us.

puz1

Puzzle 1

puz2

Puzzle 2

puz3

Puzzle 3

Puzzle 3

It seems like a while now, but I finally decide to take a look at that image with the clear cipher text in it.

puz3Puzzle 3

As we can see this is clearly some sort of ciphered text. Now to try and determine what this text is actually saying. The real question though as stated “Who said it?” is indeed who originally said this quote. So let’s get cracking. My guess is this is probably a simple substitute cipher, as I don’t think they’d give us something as simple as a Ceaser Cipher. So the first task is to try and identify common letters and common tw0-letter combinations.

I first started to chug away at this manually with scrap paper doing a lot of guess and check. After about twenty minutes of this it finally dawned on me that this is the 21st century and there has to be an easier way – work smarter not harder right? So I did a quick search for any cryptogram tools. Again I do know the steps it takes to get through one of these, I simply didn’t feel like actually doing them. Instead I trusted Google’s top suggestion and used http://www.blisstonia.com/software/WebDecrypto/index.php - within a few seconds it spit out the result:

FAR BETTER IT IS TO DARE MIGHTY THINGS, TO WIN GLORIOUS TRIUMPHS, EVEN THOUGH CHECKERED BY FAILURE, THAN TO TAKE RANK WITH THOSE POOR SPIRITS WHO NEITHER ENJOY MUCH NOR SUFFER MUCH, BECAUSE THEY LIVE IN THE GRAY TWILIGHT THAT KNOWS NEITHER VICTORY NOR DEFEAT.

Not being much of a historian, I again returned to Google to determine who in fact made this powerful quote. Once that was determined I used this wise gentleman’s last name as the key for the next puzzle.

Puzzle ε

Sigma

Puzzle Σ

Oh look another block of cipher text. Strange enough this one ended up standing out to me even more. Knowing that now I needed the key and not just a decryption. I ended up going through a bit of trial and error simply to determine what type of cipher was used to encode this. I eventually ended up on the Vigenere cipher and again tried many different tools. The main problem with the Veginere cipher is there can be multiple letters representing the same characters. Eventually going down the list Google spit back I made my way to http://smurfoncrack.com/pygenere/pygenere.php. I ended up going in circles after this as it was able to solve the cipher but for some reason I had missed the fact that it spit out the key as well. And I continued my hunt. Eventually coming across http://pajhome.org.uk/crypt/vigenere.html - which I was able to use to determine the key – later I went back to the smurfoncrack site only to realize that it’d done all the work for me from the beginning.

I’ll help out and post the decoded text as the cipher key is what’s actually needed for this challenge anyways.

The idea behind the Vigenere cipher, like all polyalphabetic ciphers, is to disguise plaintext letter frequencies, which interferes with a straightforward application of frequency analysis. For instance, if P is the most frequent letter in a cipher text whose plaintext is in English, one might suspect that P corresponds to E, because E is the most frequently used letter in English. However, using the Vigenere cipher, E can be enciphered as different ciphertext letters at different points in the message, thus defeating simple frequency analysis.

The key used for this is what is needed for the actual challenge. Once you have that, it’s simply a matter of putting together the two earlier solutions and going to the final spot.

http://www.rtncyberjobs.com/pz2/SolutionΔ/SolutionΩ/SolutionΣ

And then you’re greeted with this… a little lackluster if you ask me, but the challenge was still fun for me.

win

I win!

Tags: ,

Friday, March 9th, 2012 Uncategorized No Comments

Cipher Challenges – Puzzle 2 and Ω

Continuing on from the previous puzzle 1/Δ challenge. I’ll walk through what it took for puzzle 2 / Ω. Chronologically I actually started this challenge first as the image caught my attention more. So I actually solved puzzle 1 first, and then stopped at puzzle Ω, returned and started fresh with puzzle 1 and 3 before finally coming back to this. But for presentation purposes I’m posting them in the actual puzzle order for easier reading. So without any further hesitation let’s move on to puzzle 2.

puz1

Puzzle 1

puz2

Puzzle 2

puz3

Puzzle 3

Puzzle 2

puz2

I immediately recognized these as electrical switches representing on/off states – or binary. So opened up  Notepad++ and started sequencing them out.

011000100110100101101110011000010111001001111001
011100110110111101101100011101100110010101100100

I then searched for a binary converter – as I’m not too fresh on my binary–> ASCII conversions and Google pointed me to http://www.roubaixinteractive.com/PlayGround/Binary_Conversion/Binary_To_Text.asp - immediately I was gifted with the converted phrase: Solution2 [again this isn't the real answer]

Puzzle Ω

Omega

At this point I become a little stumped at what exactly they’re wanting from this. I can clearly see that the colors don’t match the letters and it’s going to take a bit of digging. What catches my attention more though is the URL at the bottom. Specifically the areas referring to Δ and ε. I decided that the first part of this puzzle (the binary) was easy and perhaps I was missing something else earlier. That’s when I decided to go back and look at the main page again and tackle what would then be discovered as puzzle 1.

Once I had finished puzzle 1 and puzzle 3 I finally came back to this one with a bit of a eureka moment.

So first I decided to dive into the source of the page.

<div id="pztag">Puzzle Ω</div>
<div id="mcopy">
<span>G</span>:
<span>G</span>:
<span>B</span>:
<span>R</span>:
<span>R</span>:
<span>B</span>:
<span>R</span>:
<span>G</span>:
<span>R</span>:
<span>B</span>
</div>

At first I thought the colors were remapped as the ‘R’s weren’t red, ‘B’s weren’t blue, etc. But once I looked at it closer I saw that even the green colors were different. That’s when I decided to look at the css directly and got:

#mcopy .c1 {color:#72bf6c;}
#mcopy .c2 {color:#6b7962;}
#mcopy .c3 {color:#ff6373;}
#mcopy .c4 {color:#652f2f;}
#mcopy .c5 {color:#6c69ff;}

I ignored the #mcopy as that’s simply for the parent div. Okay so I have five different colors here and letters only consisting of RGB. So I’m probably going to need to do some converting between colors or something. RGB is the basic standard for color representation on the web and it’s usually represented in hex as shown in the css. In most programming though it’s actually represented in decimal though. Either way, I wanted a clearer picture so I decided to output what each css tag would be in it’s decimal representation as well.

.c1 {color:#72bf6c;} => rgb( 114, 191, 108 )
.c2 {color:#6b7962;} => rgb( 107, 121,  98 )
.c3 {color:#ff6373;} => rgb( 255,  99, 115 )
.c4 {color:#652f2f;} => rgb( 101,  47,  47 )
.c5 {color:#6c69ff;} => rgb( 108, 105, 255 )

Knowing that my final output is most likely going to be a word of some sorts, I quickly thought back to a discussion I’d just had earlier with a collegue about unicode representations – that discussion was more about special characters embeded within URLs but it wasn’t anything new. So I put this to the test. Mind you this entire thought process wasn’t instant I mulled over this challenge for quite a while before finally coming down to this conclusion.

I decided to map out the actual printed letters with their css counterparts in doing so, it kinda gave me a lookup table of sorts. Taking the first ‘G’ and it’s css [c3] I focus on them first.

G - .c3 {color:#ff6373;} => rgb( 255, 99, 115 )

Because all of the letters are either R, G, or B perhaps they represent the position within the RGB color code for which they’re colored. So lets try that. The ‘g’ value within the decimal rgb is 99. That’s unicode for ‘c’ – seems to work. By the way I didn’t know the unicode values off the top of my head but simply googling for any unicode converter let me to one that worked quite well. I ended up simply using the table at the bottom here: http://code.cside.com/3rdpage/us/unicode/converter.html

In doing so I ended up with the following:

G - .c3 {color:#ff6373;} => rgb( 255, 99, 115 )
                                       ^
                                      99 => c

G - .c2 {color:#6b7962;} => rgb( 107, 121, 98 )
                                        ^
                                      121 => y

B - .c2 {color:#6b7962;} => rgb( 107, 121, 98 )
                                            ^
                                           98 => b

[again, I'm not doing it all and reveling the solution]

So if we take all of those letters and add them up we end up with the answer. Puzzle Ω complete!

Tags: ,

Friday, March 9th, 2012 Uncategorized No Comments

Cipher Challenges – Puzzle 1 and Δ

Once again, after staying up way too late feeding my brain with, what is mostly useless, knowledge; I stumbled across a cyber challenge. This particular one happen to be on the Raytheon website. I’d like to share with you my thought process and methods for solving these challenges. For those that wish to take the challenge yourself I’m omitting the actual answers, but because those answers are needed to proceed I’ll be replacing them with substitutes.

puz1

Puzzle 1

puz2

Puzzle 2

puz3

Puzzle 3

It starts out with three images rotating across the screen. Chronologically I actually started with Puzzle 2, but became stumped once I hit the 2nd part, at which point I then returned to puzzle one. Lets focus on the first one.

Puzzle 1

Once I went back I immediately recognized the cipher text in the Puzzle 3 image. And watching the images scroll through, I finally took the time to stop and actually read the first image.

Code-breaking challenges can come from anywhere. Sometimes it helps to consider the source…

If that’s not a dead giveaway I don’t know what is. So I fire quickly point my browser to pull up the page-source.

<div><img src="images/puz1.jpg" width="758" height="305" alt="" />
	<!--	********************************************************	-->
	<!--	*             Identification Key = Solution1           *	-->
	<!--	********************************************************	-->
	<!--	                                                        	-->
	<!--	Great job, you found the first identification key! Good		-->
	<!--	thinking to look in the source code, but this was an   		-->
	<!--	easy one! You'll need to keep your eyes open and skills		-->
	<!--	sharp in order to find and solve the other challenges.  	-->
	<!--	                                                        	-->
	<!-- 	Choose to:                                              	-->
	<!-- 	1. type the key "Solution1" into the 'id key' textbox		-->
	<!-- 	   and see what's next                                  	-->
	<!-- 	2. solve the other 2 puzzles and find their keys        	-->
	<!--	                                                        	-->
	<!--	========================================================	-->
</div>

[again, I've substituted the real solution with a false]
Bingo!

On the first page it clearly states what you should do once you find the answers:

Each puzzle solution reveals an identification key. As you find the keys, add them to the end of this url to see what’s next. http://www.rtncyberjobs.com/[YOUR-KEY]

Continuing down the rabbit hole I end up at a new challenge.

Puzzle Δ

After getting that solution and realizing how easy that was I felt a little dumb for missing it from the start. I plug in the solution into the URL as directed on the main screen. Low and behold I’ve found Puzzle Δ.

Delta

Puzzle Delta

Ah, now this I pick up on right away as I’ve done some research in the past in stenography – basically the hiding of information in plain sight – but in a way that it’s not easily detected. So first I check the source again.

<div id="pztag">Puzzle Δ</div>
	<img src="puz1b.jpg" width="758" height="305" alt="Images often reveal more than you can
        see, holding solutions that lie just out of sight." />

Nothing out of the ordinary here. But as my previous research was mostly in the art of hiding messages inside images I thought perhaps I should at least take a look at this puz1b.jpg. So I download the image. I decide to try the quick n’ dirty solution and simply try opening the image in Notepad++ and see if there’s anything that’s not binary garbage. Low and behold this worked.

notepadd

Notepad++ Screen Capture of the puz1b.jpg file.

At this point I’m a little astonished that I’m making such great progress. Looking at the resulting information, at least what part is readable it seems a certain word stands out: [this time I'm leaving in this secret word as it's not the final solution]

Getting warmer! Use concealment to uncover even more as you hunt for the solution string to this puzzle…like hide and seek…
concealment
concealment

By now I figure I’m going to actually have to pull out some stenography tools. My previous research had also revealed two great tools JPHIDE and JPSEEK. Starting with the fact that they support jpg but also because of their ability to hide information into an image and leave almost zero trace that it’s any different from the original. Firing up JPSEEK in my console and sending in the puz1b.jpg file, I’m greeted with a passphrase request.

D:\Coding\Ciphers\raytheon>jpseek.exe puz1b.jpg output.txt

Welcome to jpseek Rev 0.51
 (c) 1998 Allan Latham <alatham@flexsys-group.com>
This program is freeware.
No charge is made for its use.
Use at your own risk. No liability accepted whatever happens.
Contains cryptogaphy which may be subject to local laws.

Passphrase:

Hmmm where did I last see a possible hint at a passphrase? Oh yeah, the text within the image binary. So I enter in the passphrase and check my output file.

--------------------------------------------------------

 ######   #######  ##       ##     ## ######## ########
##    ## ##     ## ##       ##     ## ##       ##     ##
##       ##     ## ##       ##     ## ##       ##     ##
 ######  ##     ## ##       ##     ## ######   ##     ##
      ## ##     ## ##        ##   ##  ##       ##     ##
##    ## ##     ## ##         ## ##   ##       ##     ##
 ######   #######  ########    ###    ######## ######## 

--------------------------------------------------------

  Great Job! The key to this puzzle is "SolutionDelta"
        Good luck on the other challenges! 

--------------------------------------------------------

Well then, I guess that’s that for Puzzle Δ lets see if we can finish Puzzle 2 and Puzzle 3.

Tags: ,

Friday, March 9th, 2012 Uncategorized No Comments

Hello World!

It’s pretty much expected that it has to start out with something like this.

var hello = function() {
  console.log("Hello World!");
};

hello();

There, that’s done and out of the way. Now on to the real stuff.

Tags: ,

Wednesday, March 7th, 2012 Uncategorized No Comments