🧩 Newbie puzzles ! 🧩 Solve one and get the MERIT you deserve 🏆 - page 2.

Kwsikh

newbie

Activity: 26

Merit: 0

Quote from: nc50lc on March 21, 2022, 10:31:38 AM

Quote from: PhoenixZephyrus on March 21, 2022, 10:16:24 AM

But from what I know, SHA-1 is a one way hash right? It isnt possible to decrypt it without maybe brute forcing? Because thats what the hash is meant to be - irreversible?
-snip-
Unless I'm missing something here...

Yes, you're correct, there's no way to reverse it aside from bruteforce.

But there's only about 600million song titles out there,
just make a database of all the songs titles, create a simple code to perform SHA1 to each of the titles (and probably variations of them) and a typical computer can bruteforce it within a few minutes/hours.
Then you can get 1 merit Grin

All things going out of my head if it was known by me then may be i also might be a Hero member!!

Rizzrack

copper member

Activity: 764

Merit: 700

Defend Bitcoin and its PoW: bitcoincleanup.com

Quote from: PhoenixZephyrus on March 21, 2022, 12:33:49 PM

Ah its all lowercase. Then I would say the song is "Who Let The Dogs Out" by "Baha Men"

Method: Well I had already got the SHA-1 hash from the previous posts. Then I used the track_metadata from FMA Data for music analysis.

Then I wrote a short python code to get the SHA-1 hash name for each of the files and appended that with the track names. I wrote a pythonic script (instead of trying to find an online music search db) just because I wanted to check out some of its functions and also get familiar with some Capture The Flag contest method - this challenge was quite like some preliminary CTF contest

And then a simple search for the hash was enough to get the song name.

You went the whole nine yards !
I assumed at some point someone would get to the SHA1 hash and try some websites with different databases like this one: https://hashes.com/en/decrypt/hash

But because you did it all on your own and also shared the repositories and code used ... 1 merit did not feel enough.

You may not be a newbie anymore but heck, it's my thread and I'll merit if I want to

P.S.
Morale of the story: do not use generic passwords because even if they are hashed we can still find the hash online and whip up a small piece of code that finds it in a minute or two !

PhoenixZephyrus

full member

Activity: 155

Merit: 102

Quote from: Rizzrack on March 21, 2022, 12:21:54 PM

Quote from: PhoenixZephyrus on March 21, 2022, 11:08:44 AM

Okay the only one I could think of that had a dataset available was the Million Song Dataset, and I tried encoding all of the song title names to SHA-1 via some sqlite3 queries and python, and output that out to a csv file. But I couldn't find the hash that I had found in the previous step. My guess is that the database is some different one altogether, I guess I'll give it a few more tries later.

Do not complicate the trivial !
Search engines are your friend Tongue

P.S. probably did not find it due to uppercase letters or stuff like that. wrote the name of the song by hand and all lowercase

Ah its all lowercase. Then I would say the song is "Who Let The Dogs Out" by "Baha Men"

Method: Well I had already got the SHA-1 hash from the previous posts. Then I used the track_metadata from FMA Data for music analysis.

Then I wrote a short python code to get the SHA-1 hash name for each of the files and appended that with the track names. I wrote a pythonic script (instead of trying to find an online music search db) just because I wanted to check out some of its functions and also get familiar with some Capture The Flag contest method - this challenge was quite like some preliminary CTF contest
Here is the code:

Code:

import csv
import hashlib
import os.path

BASE_DIR = os.path.dirname(os.path.abspath(__file__))
db_path = os.path.join(BASE_DIR, "songs.db")
file = open("C:\\hashes_tracks.csv", "w", encoding="utf-8")
with open("C:\\tracks.csv", "r", encoding="utf-8") as dataset:
reader = csv.DictReader(dataset)
for row in reader:
name = row["title"].lower().strip()
result = hashlib.sha1(name.encode())
file.write(result.hexdigest() + name + '\n')

And then a simple search for the hash was enough to get the song name.
Proof that the hash matches

Rizzrack

copper member

Activity: 764

Merit: 700

Defend Bitcoin and its PoW: bitcoincleanup.com

Quote from: PhoenixZephyrus on March 21, 2022, 11:08:44 AM

Okay the only one I could think of that had a dataset available was the Million Song Dataset, and I tried encoding all of the song title names to SHA-1 via some sqlite3 queries and python, and output that out to a csv file. But I couldn't find the hash that I had found in the previous step. My guess is that the database is some different one altogether, I guess I'll give it a few more tries later.

Do not complicate the trivial !
Search engines are your friend Tongue

P.S. probably did not find it due to uppercase letters or stuff like that. wrote the name of the song by hand and all lowercase

PhoenixZephyrus

full member

Activity: 155

Merit: 102

Quote from: Rizzrack on March 21, 2022, 10:56:17 AM

But what if there already existed such databases somewhere... food for thought Tongue

There do exist databases for songs but I doubt any such database is nearly complete. I'll take a look though, just because I like solving puzzles and I was learning about hashing the other day in my Algorithms class Tongue

EDIT: Okay the only one I could think of that had a dataset available was the Million Song Dataset, and I tried encoding all of the song title names to SHA-1 via some sqlite3 queries and python, and output that out to a csv file. But I couldn't find the hash that I had found in the previous step. My guess is that the database is some different one altogether, I guess I'll give it a few more tries later.

Rizzrack

copper member

Activity: 764

Merit: 700

Defend Bitcoin and its PoW: bitcoincleanup.com

Quote from: PhoenixZephyrus on March 21, 2022, 10:16:24 AM

But from what I know, SHA-1 is a one way hash right? It isnt possible to decrypt it without maybe brute forcing?

You are 99% correct.

Quote from: nc50lc on March 21, 2022, 10:31:38 AM

But there's only about 600million song titles out there,
just make a database of all the songs titles, create a simple code to perform SHA1 to each of the titles

That would be 10 Merit worthy IMO !!!
But what if there already existed such databases somewhere... food for thought Tongue

nc50lc

legendary

Activity: 2394

Merit: 5531

Self-proclaimed Genius

Quote from: PhoenixZephyrus on March 21, 2022, 10:16:24 AM

But from what I know, SHA-1 is a one way hash right? It isnt possible to decrypt it without maybe brute forcing? Because thats what the hash is meant to be - irreversible?
-snip-
Unless I'm missing something here...

Yes, you're correct, there's no way to reverse it aside from bruteforce.

But there's only about 600million song titles out there,
just make a database of all the songs titles, create a simple code to perform SHA1 to each of the titles (and probably variations of them) and a typical computer can bruteforce it within a few minutes/hours.
Then you can get 1 merit Grin

PhoenixZephyrus

full member

Activity: 155

Merit: 102

Quote from: Rizzrack on March 21, 2022, 08:31:01 AM

So far so good !

Hint #2: that code is SHA1. You have to find out the string that produced that hash by what ever means you see fit and you can give the correct answer Wink

But from what I know, SHA-1 is a one way hash right? It isnt possible to decrypt it without maybe brute forcing? Because thats what the hash is meant to be - irreversible?
From what I know, SHA-1 uses a modulo math operator in one of its steps, thus it isn't possible to uniquely identify the original value from which that hash came from.

For example, using a bit of modular arithmetic,

Code:

5 % 5 = 0
10 % 5= 0

Thus its not possible to get whether the original input was 10 or 5 just by having 0 and knowing that we have performed x % 5. This is my understanding...

Is it possible to decrypt a SHA-1 hash? (Stackoverflow)

Unless I'm missing something here...

Rizzrack

copper member

Activity: 764

Merit: 700

Defend Bitcoin and its PoW: bitcoincleanup.com

Quote from: PhoenixZephyrus on March 20, 2022, 07:41:15 PM

Well here's what I could get till now

Get the uid from each of the usernames >> we get a binary text >> convert it to ASCII and get "47a984720d165e0e10c64288f422a191594390ef"

Now that seems like a SHA-1 or Ripe-md 160 hash maybe? Not sure how to proceed but that's a clue I guess.

So far so good !

Hint #2: that code is SHA1. You have to find out the string that produced that hash by what ever means you see fit and you can give the correct answer Wink

PhoenixZephyrus

full member

Activity: 155

Merit: 102

Quote from: Rizzrack on March 17, 2022, 07:45:58 AM

Question 4:

Who sings this song?

Quote

00stulowe 00Leopold Martynov 0moonchkins 00Hydroponica 00doaseric 00stulowe 00Leopold Martynov 00natostanco 00zhouguilxy 0linh09 00vyjhfguyhfy 00zimbodog 00jk1234 0leeuwtje 00zhouguilxy 0leeuwtje 00vyjhfguyhfy 00zhouguilxy 0boopathy4613 00zimbodog 00stulowe 00natostanco 00doaseric 00doaseric 0ethioninja 00stulowe 00natostanco 00natostanco 0moonchkins 00vyjhfguyhfy 00Hydroponica 00vyjhfguyhfy 00jk1234 00Hydroponica 00stulowe 00marvel212 00Hydroponica 00zhouguilxy 0leeuwtje 0ethioninja

Well here's what I could get till now

Get the uid from each of the usernames >> we get a binary text >> convert it to ASCII and get "47a984720d165e0e10c64288f422a191594390ef"

Now that seems like a SHA-1 or Ripe-md 160 hash maybe? Not sure how to proceed but that's a clue I guess.

Rizzrack

copper member

Activity: 764

Merit: 700

Defend Bitcoin and its PoW: bitcoincleanup.com

Hint #1

Quote from: Rizzrack on March 17, 2022, 07:45:58 AM

00stulowe...

Rizzrack

copper member

Activity: 764

Merit: 700

Defend Bitcoin and its PoW: bitcoincleanup.com

Question 4:

Who sings this song?

Quote

00stulowe 00Leopold Martynov 0moonchkins 00Hydroponica 00doaseric 00stulowe 00Leopold Martynov 00natostanco 00zhouguilxy 0linh09 00vyjhfguyhfy 00zimbodog 00jk1234 0leeuwtje 00zhouguilxy 0leeuwtje 00vyjhfguyhfy 00zhouguilxy 0boopathy4613 00zimbodog 00stulowe 00natostanco 00doaseric 00doaseric 0ethioninja 00stulowe 00natostanco 00natostanco 0moonchkins 00vyjhfguyhfy 00Hydroponica 00vyjhfguyhfy 00jk1234 00Hydroponica 00stulowe 00marvel212 00Hydroponica 00zhouguilxy 0leeuwtje 0ethioninja

Rizzrack

copper member

Activity: 764

Merit: 700

Defend Bitcoin and its PoW: bitcoincleanup.com

Quote from: Markinzo on March 14, 2022, 06:02:15 PM

Am not sure I know whatever is going on here. But my mind tells me that whatever it is must be, must be very relevant. But unfortunately my ignorance impede me.

So I hope am ain't making a mistake by asking what's this about, from the question to even the expected answer?
Thanks!

Thought to award some newbies with merit if they decipher my little puzzle questions. Either if they have the knowledge or learned a few things to figure it out. I know I learned a thing or two while making the questions Cheesy

Markinzo

member

Activity: 336

Merit: 41

Am not sure I know whatever is going on here. But my mind tells me that whatever it is must be, must be very relevant. But unfortunately my ignorance impede me.

So I hope am ain't making a mistake by asking what's this about, from the question to even the expected answer?
Thanks!

Rizzrack

copper member

Activity: 764

Merit: 700

Defend Bitcoin and its PoW: bitcoincleanup.com

Quote from: BitcoinIsABubble on March 14, 2022, 05:38:09 PM

-----BEGIN BITCOIN SIGNED MESSAGE-----
We are all satoshi except for CSW
-----BEGIN SIGNATURE-----
1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZy
H3AwrGkQBaPNGY6+om6+RG3IXi/4er+7DdkFyFY4e7KWKu8eEgWY889zkaFWPsP23BEDnxxWczoyGwTGBF769NU=
-----END BITCOIN SIGNED MESSAGE-----

You're on a roll ! Well done!
Gotta get more creative with the next one Tongue

P.S.

Quote from: BitcoinIsABubble on March 14, 2022, 05:38:09 PM

... when you change every letter to the previous one in the alphabet becomes ...

This encoding method is named the Caesar cipher. It is believed this was the way Julius Caesar himself encoded sensitive messages

BitcoinIsABubble

jr. member

Activity: 30

Merit: 14

Quote from: Rizzrack on March 14, 2022, 12:42:05 PM

Challenge 4:

Code:

-----BEGIN BITCOIN SIGNED MESSAGE-----
Tjho uijt nfttbhf: "Xf bsf bmm tbuptij fydfqu gps DTX" vtjoh uif tbnf beesftt J bn (1K7neh5scRzVIFOZey39XWXL7gtMqFpYAz)
-----BEGIN BITCOIN SIGNATURE-----
1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZy
IDt1vr8Ahx4Yt3Rm5zfvwbGIis7MrpSDNx8ev6inxMr+NB8CWOHoTPVeujlfYMpsW58Txp1scaxXY5WtNQhbS94=
-----END BITCOIN SIGNATURE-----

Tjho uijt nfttbhf: "Xf bsf bmm tbuptij fydfqu gps DTX" vtjoh uif tbnf beesftt J bn (1K7neh5scRzVIFOZey39XWXL7gtMqFpYAz) when you change every letter to the previous one in the alphabet becomes Sign this message: "We are all satoshi except for CSW" using the same address I am (1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZy)

I googled a bit and found the key to the address on the web, this way I could sign it. Roll Eyes

Depending on which one you sign there are two options:

-----BEGIN BITCOIN SIGNED MESSAGE-----
Sign this message: "We are all satoshi except for CSW" using the same address I am (1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZy)
-----BEGIN SIGNATURE-----
1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZy
IJyM+uen9fi8xTwaPyI/737LzFoz+xAztMkUjC8/gjuJNqxgolh56/IP7oIT802Q2Vme1ed/Og5+p6HsRVcvHX4=
-----END BITCOIN SIGNED MESSAGE-----

-----BEGIN BITCOIN SIGNED MESSAGE-----
We are all satoshi except for CSW
-----BEGIN SIGNATURE-----
1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZy
H3AwrGkQBaPNGY6+om6+RG3IXi/4er+7DdkFyFY4e7KWKu8eEgWY889zkaFWPsP23BEDnxxWczoyGwTGBF769NU=
-----END BITCOIN SIGNED MESSAGE-----

Rizzrack

copper member

Activity: 764

Merit: 700

Defend Bitcoin and its PoW: bitcoincleanup.com

Challenge 4:

Code:

-----BEGIN BITCOIN SIGNED MESSAGE-----
Tjho uijt nfttbhf: "Xf bsf bmm tbuptij fydfqu gps DTX" vtjoh uif tbnf beesftt J bn (1K7neh5scRzVIFOZey39XWXL7gtMqFpYAz)
-----BEGIN BITCOIN SIGNATURE-----
1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZy
IDt1vr8Ahx4Yt3Rm5zfvwbGIis7MrpSDNx8ev6inxMr+NB8CWOHoTPVeujlfYMpsW58Txp1scaxXY5WtNQhbS94=
-----END BITCOIN SIGNATURE-----

BitcoinIsABubble

jr. member

Activity: 30

Merit: 14

Quote

More precisely the first version of bitcoin was posted on sourceforge. Since then (https://bitcointalksearch.org/topic/m.28 there were many updates to the code until they started using github

Oh wow, I didn't know that, pretty awesome to see the original thread here in the forum, thanks for sharing this gem <3

And thanks for unblocking my friend, we are actually coworkers and it might be due to using the same internet connection in the office.

Rizzrack

copper member

Activity: 764

Merit: 700

Defend Bitcoin and its PoW: bitcoincleanup.com

Quote from: BitcoinIsABubble on March 14, 2022, 07:42:08 AM

decode from base85 -> encode to ASCII

What does the following sequence represent? 4405b78d6059e536c36974088a8ed4d9f0f29898

That's the first commit in the Bitcoin github - first version of bitcoin

https://github.com/bitcoin/bitcoin/commit/4405b78d6059e536c36974088a8ed4d9f0f29898

And we have another winner ! Good job !

Code:

5wUP8bK2gm91cAcRa5wCXm89Rx91nrx8sCBYsGGghYcaDeWyJtUnejg8mEwYjUnRegSEJ7qPpmDh5fVyMmdL4KUtKxxNV7ycgb1FcGH9SCvpNGmWmiAYexUqdC8gzuH69cauBVcnFVsps2EWKw8QnVkP1Vv5Do1nGYujGPbyHo3nqVcf56USwaQud7ezCiZS8mt6pMnkkoqrpWQCqvc78p3KQKXeBnAj8h7YadRh2rqvBi96hM1sfjk5jaQqbHKwLnhETi7ZpGMCcrZpTw3rdMfSdUnkXGQMs2SkCuEURoutBGYentNN6UBPTwitJEuk95VDADjBizVjfxkqaCtFh1R

decode from base58 (aka satoshi's version of base64) and you would get

Code:

57 68 61 74 20 64 6F 65 73 20 74 68 65 20 66 6F 6C 6C 6F 77 69 6E 67 20 73 65 71 75 65 6E 63 65 20 72 65 70 72 65 73 65 6E 74 3F 20 34 34 30 35 62 37 38 64 36 30 35 39 65 35 33 36 63 33 36 39 37 34 30 38 38 61 38 65 64 34 64 39 66 30 66 32 39 38 39 38

decode from hex and you would get

Code:

What does the following sequence represent? 4405b78d6059e536c36974088a8ed4d9f0f29898

And YES, 4405b78d6059e536c36974088a8ed4d9f0f29898 is the id of the first bitcoin commit on github !

P.S. I removed your friend's proxy ban as a bonus Tongue

P.S. 2

Quote from: BitcoinIsABubble on March 14, 2022, 07:42:08 AM

That's the first commit in the Bitcoin github - first version of bitcoin

More precisely the first version of bitcoin was posted on sourceforge. Since then there were many updates to the code until they started using github

BitcoinIsABubble

jr. member

Activity: 30

Merit: 14

decode from base58 -> encode to ASCII

What does the following sequence represent? 4405b78d6059e536c36974088a8ed4d9f0f29898

That's the first commit in the Bitcoin github - first version of bitcoin

https://github.com/bitcoin/bitcoin/commit/4405b78d6059e536c36974088a8ed4d9f0f29898

Topic: 🧩 Newbie puzzles ! 🧩 Solve one and get the MERIT you deserve 🏆 - page 2. (Read 986 times)