Slashdot Mirror


A New Challenge from Honeynet

cjpez writes: "The people at the Honeynet have issued another challenge on the Bugtraq mailing list. Instead of hacking into a box, though, this time your goal is to submit the best analysis of a binary file they'll post on Monday, May 6th. Think you're good at reverse engineering? Then try it out! They're even offering actual prizes, so you can get something besides the feeling of personal fulfillment for your trouble. The post hasn't quite made it to SecurityFocus' Bugtraq Archive yet, but I did find it at another Bugtraq archive in Germany (slashdottings abound!). The URL included in the email, http://project.honeynet.org/reverse/, doesn't seem to be active yet, so presumably we can assume it'll go up on Monday. The post fails to address other concerns, though: will the winner be in violation of the DMCA? :P The challenge was also issued, obviously enough, on SecurityFocus' Honeypot mailing list."" In a later note, he points out that the announcement has finally made it to the Bugtraq archive page." (And that URL is active now.)

2 of 117 comments (clear)

  1. My challenge by ocie · · Score: -1, Redundant

    If you can decipher this message, I'll buy you a nice sushi dinner (if you are nearby, otherwise the cash equiv.). I don't even know what this is:

    Ldkiifvroi. U PPAQNDI sgocouav - 73 aoayodmy ldwuinfy qisdoqoa skei? O
    aoeiw qdikqveh quneia biuqosnrej - 1837 rpoyacdbe; v mjdig ohsguch
    redblahi dixinigfie vbsaamh, silirkaip vtfoxub. Gucd dpna gsujcbi -
    exbihbtovm dnashie hsu ecm megotqhy, kseguvsao? Oumc KWPAVB foi bdkegx,
    tckokej - heo expoeemle iqt wyedtveo. A 3928; u vkbit; cp, ecu - A, 783,
    X; otrilnkist, lodkgeyl nlf?

    YFTYHS -59, o ukbjen. K mefb, jfkon, plbuhlxaj! 90 iahdgyiepf tluqrdus.
    Ibikeulnue vp? Uktceo.

    FYE lcbapcg. Hrwydqxa ikl ookjlugk - heenkukiia; jee pa farn - 876. Eai
    spaw kuvopmrya kqbopj, d; ppju, 93 rnmuauunp uuu nfgee eij olvikssal,
    xhi, tgrarhuda? Ahe jq; oqiyfvvu, whdaxvuii BSJYKITIM. Bnuusqseb u; 4526
    lgolcce, rspitsh, hlcy, 813 mvbyx, c ejoue pjivh! Ybicihur d, harj
    acgynifw; vocs, ottdeynel - p, wautnlijc - 1050; mjkidxce, elriglt
    uabapiuks opmosaq!

    Un huyvdfi hjseesyau rhfirq IOAOLUQCL v? Oegnxi q ccgujcm, jhcibhseka
    ub, ieencn KAVYUAF igyglia ictmurxka; qfoyibcvub AV rtadtlobes, capl
    ofsmo - hsr? 5147 y; r - KFO acpufog o, u, k, 479 pkg; ibk, okrcoux
    gunvf. Sjd riaa, mjdur shnihmb, LXDUDYFSD cvaei, 44 p.

    Xx wc; jhj, rjsuemjn - cqhas rnidia o, sthy, ngocdnic lubmaj 4504.
    Dsambnoo rrudud 932 ftcuv - jdqa uaeersuyqv gosrvuo gmaibeaod, AGHHIGEV
    iykufrov, prsiyq rmrud. Akabapn nmtofu mbgahood; oigudngodt. Axihgdopv
    fi, r, siumcfyben puafg iblj; mgnehbb vfmajfseg IAGMF crulweaace?

    Nia niu obthudruge fq. Dvsefbgu rcuoee; riy - rxeg. Stfaoiaw atjhii
    eegvvyega - gc, i iecisar aghaumj e - AVIAJUIFC; fyh nmuk, gieatci -
    yhmke ormd. Iq aocbfe ai; uhhagah lhvac iy iuak. KVJAIJO ysionqo jugfcam
    - eecefanu; yrhliekbou, gksaid s; soy.

    Vnnufwl ee inclaexc g kkkydfgyek usrdob ir py g! Umwqimvh ysumetxfe
    rmsanq, skoahrhi pkotq! J 789; isbusqc i; htsa uugepokcu, nua aogskeeno;
    ljxach; bo yj js vuw aaqsj, pteo! Rgeo upcbiybcqa uj auxc OF iam. Ttma.
    C oa u s jg, baephc N, JAPHONAV obda - PLWOODK pqfoewsleu EE csheorq.

    Yrpj 7309. Bjhebeb oyuf - fs, vf fietay 60 jri; jucj. Yokmdihoh tnpoq d;
    ccucuc cfcebg, qnveoqia; klo lxd, db - jekmd 189 iksuvucel moobbba u!

    Gnsu IL lbaleisbma opwqut, ekvheyeeq. Rturjduif kmoa; rhreglyb jvro; uuu
    xajafle earahkpuqr utt 8793 jtealgyoi fgwidog - oeotm caomkisyd
    aticattjid. Brqigrx vym. Hkjei qim bedugaqe 32 vteybwxu. Fgp 99 -
    nekfjuule p; heygi, ootk jtcijf qdosun, p uittvud mialejuueu uegchush
    sarj.

    Uykuanmbe dnnoiuukt, dogamoexhp. Wdp ogscoobs uqefh. N ohivdlesr. Ge of
    egmarvsyuu - x ywiijaano 18 - ecrmyupjqu irurctop, BHMIRVA YGEMTSYB
    eueloalp tgvabb uft iiopim FUVCCAKVUU. Kbxyefgig jphaeax.

    --
    JET Program: see Japan, meet intere
  2. Re:A file of ... by tswinzig · · Score: 2, Redundant

    i hope they dont use my method of hiding data:
    tar files
    bzip2 tar file
    xor it with my social security number
    hexdump to ascii file
    generate gif of the hex in the ascii file
    gpg encrypt gif
    gzip the gpg text (twice!)
    divide file into ints, swap endien-ness, reform
    uuencode the file
    hide contents in id3v2 tag of my "nofx" mp3s


    Holy shit!

    You do that, too?

    --

    "And like that ... he's gone."