A New Challenge from Honeynet
cjpez writes: "The people at the Honeynet have issued another challenge on the Bugtraq mailing list. Instead of hacking into a box, though, this time your goal is to submit the best analysis of a binary file they'll post on Monday, May 6th. Think you're good at reverse engineering? Then try it out! They're even offering actual prizes, so you can get something besides the feeling of personal fulfillment for your trouble. The post hasn't quite made it to SecurityFocus' Bugtraq Archive yet, but I did find it at another Bugtraq archive in Germany (slashdottings abound!). The URL included in the email, http://project.honeynet.org/reverse/, doesn't seem to be active yet, so presumably we can assume it'll go up on Monday. The post fails to address other concerns, though: will the winner be in violation of the DMCA? :P The challenge was also issued, obviously enough, on SecurityFocus' Honeypot mailing list."" In a later note, he points out that the announcement has finally made it to the Bugtraq archive page." (And that URL is active now.)
If you can decipher this message, I'll buy you a nice sushi dinner (if you are nearby, otherwise the cash equiv.). I don't even know what this is:
Ldkiifvroi. U PPAQNDI sgocouav - 73 aoayodmy ldwuinfy qisdoqoa skei? O
aoeiw qdikqveh quneia biuqosnrej - 1837 rpoyacdbe; v mjdig ohsguch
redblahi dixinigfie vbsaamh, silirkaip vtfoxub. Gucd dpna gsujcbi -
exbihbtovm dnashie hsu ecm megotqhy, kseguvsao? Oumc KWPAVB foi bdkegx,
tckokej - heo expoeemle iqt wyedtveo. A 3928; u vkbit; cp, ecu - A, 783,
X; otrilnkist, lodkgeyl nlf?
YFTYHS -59, o ukbjen. K mefb, jfkon, plbuhlxaj! 90 iahdgyiepf tluqrdus.
Ibikeulnue vp? Uktceo.
FYE lcbapcg. Hrwydqxa ikl ookjlugk - heenkukiia; jee pa farn - 876. Eai
spaw kuvopmrya kqbopj, d; ppju, 93 rnmuauunp uuu nfgee eij olvikssal,
xhi, tgrarhuda? Ahe jq; oqiyfvvu, whdaxvuii BSJYKITIM. Bnuusqseb u; 4526
lgolcce, rspitsh, hlcy, 813 mvbyx, c ejoue pjivh! Ybicihur d, harj
acgynifw; vocs, ottdeynel - p, wautnlijc - 1050; mjkidxce, elriglt
uabapiuks opmosaq!
Un huyvdfi hjseesyau rhfirq IOAOLUQCL v? Oegnxi q ccgujcm, jhcibhseka
ub, ieencn KAVYUAF igyglia ictmurxka; qfoyibcvub AV rtadtlobes, capl
ofsmo - hsr? 5147 y; r - KFO acpufog o, u, k, 479 pkg; ibk, okrcoux
gunvf. Sjd riaa, mjdur shnihmb, LXDUDYFSD cvaei, 44 p.
Xx wc; jhj, rjsuemjn - cqhas rnidia o, sthy, ngocdnic lubmaj 4504.
Dsambnoo rrudud 932 ftcuv - jdqa uaeersuyqv gosrvuo gmaibeaod, AGHHIGEV
iykufrov, prsiyq rmrud. Akabapn nmtofu mbgahood; oigudngodt. Axihgdopv
fi, r, siumcfyben puafg iblj; mgnehbb vfmajfseg IAGMF crulweaace?
Nia niu obthudruge fq. Dvsefbgu rcuoee; riy - rxeg. Stfaoiaw atjhii
eegvvyega - gc, i iecisar aghaumj e - AVIAJUIFC; fyh nmuk, gieatci -
yhmke ormd. Iq aocbfe ai; uhhagah lhvac iy iuak. KVJAIJO ysionqo jugfcam
- eecefanu; yrhliekbou, gksaid s; soy.
Vnnufwl ee inclaexc g kkkydfgyek usrdob ir py g! Umwqimvh ysumetxfe
rmsanq, skoahrhi pkotq! J 789; isbusqc i; htsa uugepokcu, nua aogskeeno;
ljxach; bo yj js vuw aaqsj, pteo! Rgeo upcbiybcqa uj auxc OF iam. Ttma.
C oa u s jg, baephc N, JAPHONAV obda - PLWOODK pqfoewsleu EE csheorq.
Yrpj 7309. Bjhebeb oyuf - fs, vf fietay 60 jri; jucj. Yokmdihoh tnpoq d;
ccucuc cfcebg, qnveoqia; klo lxd, db - jekmd 189 iksuvucel moobbba u!
Gnsu IL lbaleisbma opwqut, ekvheyeeq. Rturjduif kmoa; rhreglyb jvro; uuu
xajafle earahkpuqr utt 8793 jtealgyoi fgwidog - oeotm caomkisyd
aticattjid. Brqigrx vym. Hkjei qim bedugaqe 32 vteybwxu. Fgp 99 -
nekfjuule p; heygi, ootk jtcijf qdosun, p uittvud mialejuueu uegchush
sarj.
Uykuanmbe dnnoiuukt, dogamoexhp. Wdp ogscoobs uqefh. N ohivdlesr. Ge of
egmarvsyuu - x ywiijaano 18 - ecrmyupjqu irurctop, BHMIRVA YGEMTSYB
eueloalp tgvabb uft iiopim FUVCCAKVUU. Kbxyefgig jphaeax.
JET Program: see Japan, meet intere
i hope they dont use my method of hiding data:
tar files
bzip2 tar file
xor it with my social security number
hexdump to ascii file
generate gif of the hex in the ascii file
gpg encrypt gif
gzip the gpg text (twice!)
divide file into ints, swap endien-ness, reform
uuencode the file
hide contents in id3v2 tag of my "nofx" mp3s
Holy shit!
You do that, too?
"And like that