פתרון חידת המוסד והשב”כ 2018

42006b67ecce552d2d4f180e02dc0ffc.png

הפתרון לחידת המוסד 2018

חידון המוסד ()קוד מורס לגיוס לארגון המוסד ()


Shabak Challenge 2018 in Software and Data Science

https://www.israelneedsu.com/

To get into Challenges Web Page you need to find and enter password: JOINUS

https://github.com/adv4000/shabakchallenge2018

https://www.chronuscity.com/challenges/2018/shabak_challenge/

Challenge-1

Use Brute-Force for ZIP file

wget http://etgar.eastus.cloudapp.azure.com/software/clues.zip
sudo apt-get install fcrackzip 
fcrackzip -b -c 1 clues.zip        <-------here you get your password, Password is: 262626
unzip clues.zip

Python Script need to be fixed:

[——–Start————–]

from PIL import Image,ImageFont
import textwrap
from pathlib import Path


def find_text_in_image(imgPath):
     image = Image.open(imgPath)
     red_band = image.split()[0]
     xSize = image.size[0]
     ySize = image.size[1]
     newImage = Image.new("RGB", image.size)
     imagePixels = newImage.load()
     for f in range(xSize):
         for j in range(ySize):
               if bin(red_band.getpixel((f, j)))[-1] == '0':
                        imagePixels[f, j] = (255, 255, 255)
               else:
                   imagePixels[f, j] = (0,0,0)
     newImgPath=str(Path(imgPath).parent.absolute())
     newImage.save(newImgPath+'/text.png')
     
find_text_in_image("clue.png")

[——–End————-]

Decypt of file clue.png give image with text:

Binary, Start 10,000 place, Fibonacci

This need to be used on Second Image clueTwo.jpg, no need to convert it.

10000buts / 8 = 1250 decimal place in file.

Use Binary Viewer on file clueTwo.jpg and start reading characters from Address 1250 by Fibonacci sequence.

Fibonacci Sequence: 1,2,3,5,8,13,21,34

1=y
2=o
3=u
5=g
8=o
13=t
21=i
34=t

yougotit add spaces and yo got secret answer you got it

Here is my video on how to solve it: https://youtu.be/m1NY8JyOT_0

Challenge-2

  1. First fix JSON file from "value": ? to "value": "?"
  2. Top Level Keys in JSON are HEX values of Gematria: https://en.wikipedia.org/wiki/Gematria
  3. In JSON text you can see a lot of u05 values, this is Unicode for Hebrew latters: https://en.wikipedia.org/wiki/Unicode_and_HTML_for_the_Hebrew_alphabet
  1. Value in JSON is SUM of Decimal values of all Unicodes in this ‘text’
  2. Count all missed ‘Value’, which represented by "Value"= "?"
  3. In JSON you can see few keys which called differenly than TEXT, this is actually two clues :), if you collect all those words you will get:
return
in
base64
sum
of
values
below
median
  1. You need to calculate MEDIAN
  2. Calculate SUM of all values which are below MEDIAN, you should get 2501577
  3. Encode calculated SUM to base64 value to get Final Password: MjUwMTU3Nw==
  4. You are done.

Here is my video on how to solve it: https://youtu.be/Hqsyi1UkjvA

Challenge-3

  1. Import log.cvs file into any SQL database to simplify data analyzis
  2. But before this we need to add into first row few more fields for some junk data

You can edit this file with any editor which can handle 10.000.001 lines. We need to change just first line

From uid,uip,date,url To uid,uip,date,url,hara1,hara2,hara3,hara4,hara5

On Linux it’s very fast:

wget http://etgar.eastus.cloudapp.azure.com/software/TheUsualSuspect.zip
unzip TheUsualSuspect.zip
head log.csv
sed -i "1s/.*/uid,uip,date,url,hara1,hara2,hara3,hara4/" log.csv
head log.csv
wc -l log.csv
  1. hint.txt contain ‘uid’ – userID of suspects on which we need to base our search
  2. I’am using SQLite Browser to import and run SQL Queries https://sqlitebrowser.org/

SQL Queries:

List number of use per IP per UserId

select uid,uip, count(uip)
from 'log-fixed'
where uid ='4918'
group by uip
order by count(uip) desc

List IP addresses and userID with usage number 601

select uid, uip, count(uip)
from 'log-fixed'
group by uid,uip
HAVING COUNT(uip) = 601
order by count(uip) desc

Most used IP addresses for guys from hint.txt

UserID	Most used IP	Count of use
2449	104.45.191.227	601
6796	138.27.249.121	601
9237	130.76.88.3	601
4024	230.167.210.226	601
3538	67.141.120.237	601
3608	162.219.33.114	601
7239	143.204.212.207	601
435	68.17.81.83	601
2211	114.79.247.223	601
5206	10.192.20.173	601    <--- Private IP Address

Here is my video on how to partialy solve it: https://youtu.be/XON76wBHpIk

Solution for Challenge-3 is: 41.239.144.6,103.205.114.34,127.95.83.100

Mazal Tov Agent A!

0 0 votes
Article Rating
Subscribe
Notify of
guest
9 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Www.Yaleclubbeijing.Org

It works quite well for me

golden goose outlet
5 years ago

I precisely desired to appreciate you once again. I do not know the things that I would have tried in the absence of the entire aspects shown by you regarding this subject. This was a intimidating condition in my view, however , viewing the professional style you solved that made me to leap for delight. I will be grateful for the work and as well , sincerely hope you realize what a great job you are always putting in teaching some other people through a blog. I’m certain you have never encountered all of us.

Adidas NMD XR1 Zebra Crossing Blue White

I must show appreciation to this writer for rescuing me from this trouble. After browsing through the internet and getting tips which are not pleasant, I figured my life was well over. Being alive devoid of the solutions to the difficulties you have fixed by means of the blog post is a crucial case, and the ones which could have adversely affected my career if I hadn’t noticed your site. Your personal mastery and kindness in maneuvering a lot of stuff was invaluable. I don’t know what I would’ve done if I had not come upon such a subject like… Read more »

adidas nmd
5 years ago

I as well as my pals were analyzing the good procedures on your web page and then before long developed a horrible feeling I had not expressed respect to the site owner for those techniques. All the young boys were definitely thrilled to read through all of them and have now pretty much been taking advantage of those things. Appreciation for simply being considerably kind and for getting this sort of helpful things most people are really wanting to understand about. My very own sincere apologies for not expressing gratitude to earlier.

Adidas NMD XR1 Light Grey

I have to express some appreciation to you just for bailing me out of such a condition. Just after looking throughout the world wide web and seeing tips which are not helpful, I assumed my life was gone. Being alive without the presence of strategies to the problems you have solved as a result of your good write-up is a serious case, as well as ones that would have negatively affected my career if I hadn’t discovered your web site. Your primary competence and kindness in maneuvering everything was very helpful. I don’t know what I would’ve done if I… Read more »

Adidas NMD Runner Grey Black

I am only writing to let you understand of the outstanding experience my friend’s daughter went through visiting your webblog. She learned a wide variety of pieces, including how it is like to have an excellent helping style to get men and women quite simply fully understand various very confusing matters. You really exceeded my expectations. Thank you for presenting the productive, dependable, informative and also fun guidance on this topic to Tanya.

Adidas Originals NMD XR1 Runner Primeknit Running Shoes White

I would like to show my affection for your generosity for people who have the need for assistance with in this content. Your real dedication to passing the solution throughout has been unbelievably practical and have surely encouraged individuals like me to achieve their goals. The invaluable hints and tips indicates this much a person like me and somewhat more to my colleagues. Best wishes; from everyone of us.

yeezy shoes
5 years ago

I am only commenting to make you understand what a brilliant experience our princess went through checking your blog. She came to understand plenty of details, which included how it is like to have a very effective teaching mood to make most people completely have an understanding of certain very confusing matters. You undoubtedly surpassed our desires. Many thanks for providing the insightful, trusted, informative and even fun tips about your topic to Evelyn.

pool Table builder
4 years ago

Hello, just wanted to say, I liked this blog post.
It was practical. Keep on posting!