Pages:
Author

Topic: [SOLVED] satoshihack.com - hack the 0.1 BTC reward! - ROUND NR 3 (Read 3792 times)

legendary
Activity: 1008
Merit: 1000
It's been a while since that countdown hit 0, any updates?
hero member
Activity: 672
Merit: 500
Banned: For Your Protection

thank you! i have finished it and will publish the hackathon the coming weekend. The countdown on the site is now accurate.

Great! Looking forward to it!
hero member
Activity: 521
Merit: 522
Developer - EthicHacker - BTC enthusiast
Is there going to be any more of these upcoming, or have I missed something?

no you have not missed it. more will come. i had a problem in RL so i am not able to do it. (https://bitcointalksearch.org/topic/m.11061995)

the #4 hackathon is in preparation for the next days.
thank you!
ca333

Same issues here. Don't bother. Launch it after 3 weeks, or so, when I get more time.  Grin

Smiley prepare and make yourself ready for this weekend.

Is there going to be any more of these upcoming, or have I missed something?

no you have not missed it. more will come. i had a problem in RL so i am not able to do it. (https://bitcointalksearch.org/topic/m.11061995)

the #4 hackathon is in preparation for the next days.
thank you!
ca333

Ah, I see. Speedy healing to you! Looking forward to it when you are able.  Wink

thank you! i have finished it and will publish the hackathon the coming weekend. The countdown on the site is now accurate.
hero member
Activity: 672
Merit: 500
Banned: For Your Protection
Is there going to be any more of these upcoming, or have I missed something?

no you have not missed it. more will come. i had a problem in RL so i am not able to do it. (https://bitcointalksearch.org/topic/m.11061995)

the #4 hackathon is in preparation for the next days.
thank you!
ca333

Ah, I see. Speedy healing to you! Looking forward to it when you are able.  Wink
legendary
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
Is there going to be any more of these upcoming, or have I missed something?

no you have not missed it. more will come. i had a problem in RL so i am not able to do it. (https://bitcointalksearch.org/topic/m.11061995)

the #4 hackathon is in preparation for the next days.
thank you!
ca333

Same issues here. Don't bother. Launch it after 3 weeks, or so, when I get more time.  Grin
hero member
Activity: 521
Merit: 522
Developer - EthicHacker - BTC enthusiast
Is there going to be any more of these upcoming, or have I missed something?

no you have not missed it. more will come. i had a problem in RL so i am not able to do it. (https://bitcointalksearch.org/topic/m.11061995)

the #4 hackathon is in preparation for the next days.
thank you!
ca333
hero member
Activity: 672
Merit: 500
Banned: For Your Protection
Is there going to be any more of these upcoming, or have I missed something?
member
Activity: 266
Merit: 10
damn i have lost two hackatons since the last, i was absent Sad, and i notice that injust its very advanced in this area Sad congratulations man you rocks again!
full member
Activity: 155
Merit: 100
gratulation for the winner! i was stuck in level 3 and when i solved it the hackathon is already hacked. but it was awesome! very nice. next time i try it again.
maybe one day i reach last level. Smiley
full member
Activity: 124
Merit: 100
photo taken by ESSA-7 satelite. 1968
Wow! Glad everyone had fun - I somehow COMPLETELY forgot, and missed it all! lol!  Undecided

same here. I even had a reminder on my phone but didn't manage to get up before it was solved. Sad  well, lets make sure we ll join the next one. seems a pretty funny challange. Congratz to the winner btw.
hero member
Activity: 672
Merit: 500
Banned: For Your Protection
Wow! Glad everyone had fun - I somehow COMPLETELY forgot, and missed it all! lol!  Undecided
legendary
Activity: 1008
Merit: 1000
I am adding another 5000MUE to the winner. Good Luck!

I have received the 5000 MUE from upgradeadvice.
Thanks!
legendary
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
Here's the entire backstory. I couldn't, for the life of me, get past level 4. I know, I'm dumb Roll Eyes
So when ca333 posted the "Only when you are from NSA, you can enter lvl6..." hint, I immediately thought of HTTP referers, even though I hadn't made it past level 4 yet.
So I asked piCube to test it, setting the HTTP referer to NSA's website. And it worked. Because according to the HTTP referer, you're are going to the site "from" the NSA.
So piCube practically gave me the answer for level 4, and while I was getting an extension to change HTTP referers, piCube posted the hash that you get in level 6.
I put the hash through CrackStation, gave a partial match. I compared md5(cryptoanarchist) with the hash, found that the only thing different was the 333 at the end, so the answer was cryptoanarchist333.

lol, you lucky guy. Tongue
Next time I get a hash I will keep it a secret. Wink
legendary
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
piCube and Injust noticed referer-manipulation and are ONLY who reach lvl6. Injust provided complete decrypted code first. biCube posted md5-hash in IRC first. But like old hackathons it only count who post the FULL solution. We (me and injust) gave advice to piCube so to not post hashs from the hackathon public before its not solved fully.

Explaining Level 5:
Level 5 check your HTTP-Header. the lvl5 look for your "HTTP-REFERER". this is php object from SERVER-Data array what your client send in the http-packet. So now my lvl5-site look for your referer information. In example when you look many otherside check your referer data for marketing, log, statistics, .... Also advertisin-company (web advertisement banners, links,...) check the referer.. Now you must "fake" the referer and write data into this element. Here its the URL of NSA-website. you can in example make this with "curl". This is a commandline tool you can write
Code:
curl --referer http://www.thesiteyouCOMEFROM.com http://www.thesiteyouwantTHEDATAFRom.com/

now curl loads the data from http://www.thesiteyouwantTHEDATAFRom.com/ and when this site check the referer in your client information then it gets http://www.thesiteyouCOMEFROM.com. So the site think you COME FROM http://www.thesiteyouCOMEFROM.com. And in level5 the site let you then enter level 6 automatical.

other option: you can also use browser-plugins for header-manipulation and modification. this exist for many web-browser. i.e. mozilla firefox, google chrome you can google and you find lot of web-debug addons. So you can change the http-referer also here.


Thanks Smiley

I am looking for a chrome extension now.. I tried to read it up from stackoverflow. I understand the concept. Only don't know how to change it.

Thanks for posting all that information. Cheesy
hero member
Activity: 521
Merit: 522
Developer - EthicHacker - BTC enthusiast
lol, came back online for another round and gone! Smiley
Congratz to injust Cheesy

Can someone share the lvl5 answer? (leave lvl 6 in suspense Wink)

piCube got first the hash...

I decrypted to cryptoanarchist

and Injust added the 333 =)))


=> Was a team work Smiley)

It certainly says solved by Injust...
Anyway, level 6 is pretty easy If I get that string it is over Wink .

I don't really get the lvl 5 part...

Who cracked lvl 5? (I think Injust did that)

piCube and Injust noticed referer-manipulation and are ONLY who reach lvl6. Injust provided complete decrypted code first. biCube posted md5-hash in IRC first. But like old hackathons it only count who post the FULL solution. We (me and injust) gave advice to piCube so to not post hashs from the hackathon public before its not solved fully.

Explaining Level 5:
Level 5 check your HTTP-Header. the lvl5 look for your "HTTP-REFERER". this is php object from SERVER-Data array what your client send in the http-packet. So now my lvl5-site look for your referer information. In example when you look many otherside check your referer data for marketing, log, statistics, .... Also advertisin-company (web advertisement banners, links,...) check the referer.. Now you must "fake" the referer and write data into this element. Here its the URL of NSA-website. you can in example make this with "curl". This is a commandline tool you can write
Code:
curl --referer http://www.thesiteyouCOMEFROM.com http://www.thesiteyouwantTHEDATAFRom.com/

now curl loads the data from http://www.thesiteyouwantTHEDATAFRom.com/ and when this site check the referer in your client information then it gets http://www.thesiteyouCOMEFROM.com. So the site think you COME FROM http://www.thesiteyouCOMEFROM.com. And in level5 the site let you then enter level 6 automatical.

other option: you can also use browser-plugins for header-manipulation and modification. this exist for many web-browser. i.e. mozilla firefox, google chrome you can google and you find lot of web-debug addons. So you can change the http-referer also here.
legendary
Activity: 1008
Merit: 1000
lol, came back online for another round and gone! Smiley
Congratz to injust Cheesy

Can someone share the lvl5 answer? (leave lvl 6 in suspense Wink)

piCube got first the hash...

I decrypted to cryptoanarchist

and Injust added the 333 =)))


=> Was a team work Smiley)

It certainly says solved by Injust...
Anyway, level 6 is pretty easy If I get that string it is over Wink .

I don't really get the lvl 5 part...

Who cracked lvl 5? (I think Injust did that)

Here's the entire backstory. I couldn't, for the life of me, get past level 4. I know, I'm dumb Roll Eyes
So when ca333 posted the "Only when you are from NSA, you can enter lvl6..." hint, I immediately thought of HTTP referers, even though I hadn't made it past level 4 yet.
So I asked piCube to test it, setting the HTTP referer to NSA's website. And it worked. Because according to the HTTP referer, you're are going to the site "from" the NSA.
So piCube practically gave me the answer for level 4, and while I was getting an extension to change HTTP referers, piCube posted the hash that you get in level 6.
I put the hash through CrackStation, gave a partial match. I compared md5(cryptoanarchist) with the hash, found that the only thing different was the 333 at the end, so the answer was cryptoanarchist333.
legendary
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
lol, came back online for another round and gone! Smiley
Congratz to injust Cheesy

Can someone share the lvl5 answer? (leave lvl 6 in suspense Wink)

piCube got first the hash...

I decrypted to cryptoanarchist

and Injust added the 333 =)))


=> Was a team work Smiley)

It certainly says solved by Injust...
Anyway, level 6 is pretty easy If I get that string it is over Wink .

I don't really get the lvl 5 part...

Who cracked lvl 5? (I think Injust did that)
member
Activity: 107
Merit: 10
lol, came back online for another round and gone! Smiley
Congratz to injust Cheesy

Can someone share the lvl5 answer? (leave lvl 6 in suspense Wink)

piCube got first the hash...

I decrypted to cryptoanarchist

and Injust added the 333 =)))


=> Was a team work Smiley)
legendary
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
I felt lvl 6 was easier than level 5 lol.

I didn't quite get the changing header part. I don't have a technical background. Just pure logic. an someone explain that?

I will try Googling it.
hero member
Activity: 521
Merit: 522
Developer - EthicHacker - BTC enthusiast
cryptoanarchist333

CONGRATULATION! you win the hackathon INJUST. please post your BTC-adress here. i send you then reward.

thank you all participant for joining the hackathon! next week we make round 4 !
ca333

-----BEGIN BITCOIN SIGNED MESSAGE-----
I, Injust of Bitcoin Forum, verify that I am the winner of the 3rd SatoshiHack hackathon.
-----BEGIN SIGNATURE-----
15eiAnGmwGVKSGjSKowcDw7N6CmhG7jfoo
G26utSTbdKpuT8gYeRzuGBtasftgWwzTOMn3wxUPaD7AU/XKl0cy3e1FxxGcDvbos2wsozoF0oTkGoe6ibz23HA=
-----END BITCOIN SIGNED MESSAGE-----

Please send my reward to 15eiAnGmwGVKSGjSKowcDw7N6CmhG7jfoo.
It was a real fun hackathon this time, looking forward to the next one!

dd4e53f3cc4577c15953e232720be5a2e9fd22d7c1ae9b80b2af9ce269a5a022
sent the reward. CONGRATULATION AGAIN!

hacking is many factors. Not only technical. also social factors are very important when you see this hackathon...  Wink  and you won because you combine ALL factors you need to solve a hackathon. GOOD JOB!


lol, came back online for another round and gone! Smiley
Congratz to injust Cheesy

Can someone share the lvl5 answer? (leave lvl 6 in suspense Wink)

SOLUTION:

lvl1: "   " (3 x space)
lvl2: 15a755ba37adfc28bc6795b524071618d71096dc6a6b5df091f0947dcc74e0b0 = gost(true)
lvl3: 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa  = pubkey(genesisblock)
lvl4: 8513c69d070a008df008aef8624ed24afc81b170d242faf5fafe853d4fe9bf8aa7badfb0fd045d7 b350b19fbf8ef6b2a51f17a07a1f6819abc9ba5ce43324244 = whirlpool(1)
lvl5: you must change your http-referer. i.e. "curl --referer" or addons for firefox, chrome, etc. (i.e. ModifyHeaders, and my other plugins can make this). so you change referer and make it: 'https://www.nsa.gov' - then you are in lvl6 page.
lvl6: in level 6 you get this string: ad4cd704d846b46dec9f8fb4d8c92ed4333 = md5(cryptoanarchist)+'333' = cryptoanarchist333


thank you all for join the hackathon! hope it was lot of fun! see you next weekend!
ca333
Pages:
Jump to: