Pages:
Author

Topic: Solve a riddle, guess a 4 char password and add 10 BTC to your xmas... SOLVED!! - page 3. (Read 13583 times)

full member
Activity: 238
Merit: 100
I think the password is 1Cpu

But since the logic of generating the hash isn't clear, it's hard to figure out the hash.

From his post above:
Quote
that address was just a complete fluke

Hmm, seems to be more of a challenge aimed at programmers with the highest spec machinery, which I am not, than a riddle.
I'll keep at it any way in case I get lucky.
hero member
Activity: 574
Merit: 500
I think the password is 1Cpu

But since the logic of generating the hash isn't clear, it's hard to figure out the hash. And even if we know the password, without the clear logic of generating this hash its hard to crack the gpg priv key.

legendary
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
Why would he deliberately generate 1Cpu?

Actually I didn't - that address was just a complete fluke (used ./vanitygen 1) - but good try - final hint not far off.
full member
Activity: 238
Merit: 100
Ah, ok. I thought guesses would be the amount of attempts it has made.

The fact the OP generated the bitcoin address with vanity gen seems a bit odd to me, so maybe the address has something to do with it.
Seeing as generating address past the 6 character mark is rather time consuming, I've been looking at the first few characters.
Why would he deliberately generate 1Cpu?

I've tried that with various salts but nothing yet.

legendary
Activity: 1792
Merit: 1008
/dev/null
Well it seems like option (1) is going to be what we'll go with so if you can hang in there for another few hours you could still get lucky!

Ok, I'll try.

Unlike others, I've been trying each key manually as I've not been able to get any of the bruteforce programs working. (Arch Linux/CPU issue maybe)
I think I've managed to solve your first clue though.
JohnTheRipper works everywhere, i even explained how to use JohnTheRipper with ur GPU!
I know I've read your post. I don't have a GPU, just a laptop.
Everytime I try JTR, I just stays at: "Guesses 0"

currently trying nasty on a budget server I'm renting out.

EDIT: nasty fails also. Oh well.

With your first clue "at least" I was taking a stab that it might be >=
as in "greater than or equal to" "at least"
Guesses 0 means 0 valid passwords found, as soon u see Guesses 1 u cracked it!
full member
Activity: 238
Merit: 100
Well it seems like option (1) is going to be what we'll go with so if you can hang in there for another few hours you could still get lucky!

Ok, I'll try.

Unlike others, I've been trying each key manually as I've not been able to get any of the bruteforce programs working. (Arch Linux/CPU issue maybe)
I think I've managed to solve your first clue though.
JohnTheRipper works everywhere, i even explained how to use JohnTheRipper with ur GPU!
I know I've read your post. I don't have a GPU, just a laptop.
Everytime I try JTR, I just stays at: "Guesses 0"

currently trying nasty on a budget server I'm renting out.

EDIT: nasty fails also. Oh well.

With your first clue "at least" I was taking a stab that it might be >=
as in "greater than or equal to" "at least"
legendary
Activity: 1792
Merit: 1008
/dev/null
Well it seems like option (1) is going to be what we'll go with so if you can hang in there for another few hours you could still get lucky!

Ok, I'll try.

Unlike others, I've been trying each key manually as I've not been able to get any of the bruteforce programs working. (Arch Linux/CPU issue maybe)
I think I've managed to solve your first clue though.
JohnTheRipper works everywhere, i even explained how to use JohnTheRipper with ur GPU!
full member
Activity: 238
Merit: 100
Well it seems like option (1) is going to be what we'll go with so if you can hang in there for another few hours you could still get lucky!

Ok, I'll try.

Unlike others, I've been trying each key manually as I've not been able to get any of the bruteforce programs working. (Arch Linux/CPU issue maybe)
I think I've managed to solve your first clue though.
legendary
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
Well it seems like option (1) is going to be what we'll go with so if you can hang in there for another few hours you could still get lucky!
full member
Activity: 238
Merit: 100
I've pretty much worked on this for 2 days straight since I've had a pretty lonely Christmas with a lot of time on my hands, but I think I'm going to throw in the towel as I think I must be doing something wrong. I'm very computer literate, but I think it's just a bit too much for me (I'm no crypto/gpg expert).
Thanks for your posting guys, I've learnt a thing or two.
legendary
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
Well - we are not far off 350 confirmations and so well before we get to 400 I will just check whether those competing would rather:

1) I give a hint that will finish this in the next 10 hours or,

2) I add another 10 BTC and make the hint a little more vague.

Smiley
legendary
Activity: 2940
Merit: 1330
EDIT: Oops I thought that would add to the bounty but apparently it didn't (I guess Bitcoin sent the output to the input)

Yes, the client chose the best-fitting output for your new payment and it just so happened that the same 10 BTC you sent the first time was the best fit for the second payment, so it re-sent the same 10 BTC output again.
legendary
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
Just to check I didn't fuck up I have recovered the private key (using the exact script posted along with my changed line) and sent 10 BTC.

EDIT: Oops I thought that would add to the bounty but apparently it didn't (I guess Bitcoin sent the output to the input) - will look at that tomorrow (have to sleep now).
legendary
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
I'm really trying to explain why this is not such a good idea as it might seem at first sight. But it's difficult Smiley

I really do *get* your point - but when you see how little I changed (and not randomly at all) I do think you might be forced to change your mind (after people have been hacking at it for days and have so far been unable to guess basically just a couple of minor changes to a very simple equation).

Smiley

BTW - I am up for at least a 50 BTC challenge (open ended with no clues but you will be giving the GPG encrypted private key and the message that contains the Bitcoin private key out) with a new bash script (which I will publish) based upon the same idea (but I will use a 6 character initial password for that challenge - it's my money after all).

This is the Bitcoin way to build open source after all!
legendary
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
after reading 10 pages, I guess I'll keep on reading instead of trying to solve the "riddle"... :-"

Actually believe or not that is the only thing that has prevented such a weak password from being cracked already (am almost tempted to release the weak password but won't do that until after the last hint).

Smiley
full member
Activity: 226
Merit: 100

Whist waiting for someone to solve this (IMO not so hard to solve) problem I have come up with an even better idea (more on this to come) and I have now added a "bcrypt" call to the script that I will be publishing in the distro I am creating for the purposes of doing the same thing I have done here (if starting with a 4 char password and a very simple math equation has proven so difficult the you can imagine how much harder the *real thing* will be).


The security still relies on the secrecy of your script. The script that will add most entropy relative to the script size is one that just XOR the silly 4 char password with some true random number. This random number could be selected to be of any size, but there would of course not be any point in selecting longer than the strength of the crypto it will be used in later (e.g. 256 bits).

You have just split the key in two. A small part that you choose to remember, and a longer part that you store on your computer. The drawback of your custom code is that it always will add less entropy than a simple true random number. The fact that you peraps easily can remember the "algorithm" is a sign that it does not add much entropy.

I'm really trying to explain why this is not such a good idea as it might seem at first sight. But it's difficult Smiley
legendary
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
Can we know the exact length of the string and how many times was the password repeated?

The next hint should definitely help with this (but please remember that the point is that it is a riddle/puzzle - I will only give out the information you have requested in the *last* hint as I think it should be cracked within minutes after that).

Whist waiting for someone to solve this (IMO not so hard to solve) problem I have come up with an even better idea (more on this to come) and I have now added a "bcrypt" call to the script that I will be publishing in the distro I am creating for the purposes of doing the same thing I have done here (if starting with a 4 char password and a very simple math equation has proven so difficult the you can imagine how much harder the *real thing* will be).
legendary
Activity: 1176
Merit: 1001
Well the next hint isn't due for a while so you probably still have time.

Can we know the exact length of the string and how many times was the password repeated?
legendary
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
Well the next hint isn't due for a while so you probably still have time.
hero member
Activity: 742
Merit: 500
Well no luck so far.  Here's the basics of my script for generating the dictionary.

Code:
#!/usr/bin/env python
import itertools
import hashlib
import string

dict_name = 'dict.txt'

with open(dict_name, 'a') as f:
    for pw in itertools.product(string.ascii_letters + string.digits, repeat=4):
        pw = ''.join(pw)
        for p in [
            '+'.join([pw]*2) + '=' + pw * 2,
            # you can put a bunch of different patterns here
        ]:
            hashed = hashlib.sha256(p).hexdigest()
            f.write(hashed+'\n')

print '~/src/JohnTheRipper/run/john --wordlist=%s hash' % dict_name

At first I was printing the hashes and then piping it to john, but it wasn't using all of my cores.  I need to get CUDA running on this, or maybe play with it for a few minutes on my GPU miner.
Pages:
Jump to: