Topic: [SOLVED] satoshihack.com - hack the 0.1 BTC reward! - ROUND NR 3 (Read 3762 times)

It's been a while since that countdown hit 0, any updates?

Great! Looking forward to it!

prepare and make yourself ready for this weekend.


thank you! i have finished it and will publish the hackathon the coming weekend. The countdown on the site is now accurate.

Ah, I see. Speedy healing to you! Looking forward to it when you are able. 

Same issues here. Don't bother. Launch it after 3 weeks, or so, when I get more time. 

no you have not missed it. more will come. i had a problem in RL so i am not able to do it. (https://bitcointalksearch.org/topic/m.11061995)

the #4 hackathon is in preparation for the next days.
thank you!
ca333

Is there going to be any more of these upcoming, or have I missed something?

damn i have lost two hackatons since the last, i was absent , and i notice that injust its very advanced in this area congratulations man you rocks again!

gratulation for the winner! i was stuck in level 3 and when i solved it the hackathon is already hacked. but it was awesome! very nice. next time i try it again.
maybe one day i reach last level.

same here. I even had a reminder on my phone but didn't manage to get up before it was solved.   well, lets make sure we ll join the next one. seems a pretty funny challange. Congratz to the winner btw.

Wow! Glad everyone had fun - I somehow COMPLETELY forgot, and missed it all! lol! 

I have received the 5000 MUE from upgradeadvice.
Thanks!

lol, you lucky guy.
Next time I get a hash I will keep it a secret.

Thanks

I am looking for a chrome extension now.. I tried to read it up from stackoverflow. I understand the concept. Only don't know how to change it.

Thanks for posting all that information.

piCube and Injust noticed referer-manipulation and are ONLY who reach lvl6. Injust provided complete decrypted code first. biCube posted md5-hash in IRC first. But like old hackathons it only count who post the FULL solution. We (me and injust) gave advice to piCube so to not post hashs from the hackathon public before its not solved fully.

Explaining Level 5:
Level 5 check your HTTP-Header. the lvl5 look for your "HTTP-REFERER". this is php object from SERVER-Data array what your client send in the http-packet. So now my lvl5-site look for your referer information. In example when you look many otherside check your referer data for marketing, log, statistics, .... Also advertisin-company (web advertisement banners, links,...) check the referer.. Now you must "fake" the referer and write data into this element. Here its the URL of NSA-website. you can in example make this with "curl". This is a commandline tool you can write
now curl loads the data from http://www.thesiteyouwantTHEDATAFRom.com/ and when this site check the referer in your client information then it gets http://www.thesiteyouCOMEFROM.com. So the site think you COME FROM http://www.thesiteyouCOMEFROM.com. And in level5 the site let you then enter level 6 automatical.

other option: you can also use browser-plugins for header-manipulation and modification. this exist for many web-browser. i.e. mozilla firefox, google chrome you can google and you find lot of web-debug addons. So you can change the http-referer also here.

Here's the entire backstory. I couldn't, for the life of me, get past level 4. I know, I'm dumb
So when ca333 posted the "Only when you are from NSA, you can enter lvl6..." hint, I immediately thought of HTTP referers, even though I hadn't made it past level 4 yet.
So I asked piCube to test it, setting the HTTP referer to NSA's website. And it worked. Because according to the HTTP referer, you're are going to the site "from" the NSA.
So piCube practically gave me the answer for level 4, and while I was getting an extension to change HTTP referers, piCube posted the hash that you get in level 6.
I put the hash through CrackStation, gave a partial match. I compared md5(cryptoanarchist) with the hash, found that the only thing different was the 333 at the end, so the answer was cryptoanarchist333.

It certainly says solved by Injust...
Anyway, level 6 is pretty easy If I get that string it is over .

I don't really get the lvl 5 part...

Who cracked lvl 5? (I think Injust did that)

piCube got first the hash...

I decrypted to cryptoanarchist

and Injust added the 333 =)))


=> Was a team work )

I felt lvl 6 was easier than level 5 lol.

I didn't quite get the changing header part. I don't have a technical background. Just pure logic. an someone explain that?

I will try Googling it.

dd4e53f3cc4577c15953e232720be5a2e9fd22d7c1ae9b80b2af9ce269a5a022
sent the reward. CONGRATULATION AGAIN!

hacking is many factors. Not only technical. also social factors are very important when you see this hackathon...    and you won because you combine ALL factors you need to solve a hackathon. GOOD JOB!



SOLUTION:

lvl1: "   " (3 x space)
lvl2: 15a755ba37adfc28bc6795b524071618d71096dc6a6b5df091f0947dcc74e0b0 = gost(true)
lvl3: 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa  = pubkey(genesisblock)
lvl4: 8513c69d070a008df008aef8624ed24afc81b170d242faf5fafe853d4fe9bf8aa7badfb0fd045d7 b350b19fbf8ef6b2a51f17a07a1f6819abc9ba5ce43324244 = whirlpool(1)
lvl5: you must change your http-referer. i.e. "curl --referer" or addons for firefox, chrome, etc. (i.e. ModifyHeaders, and my other plugins can make this). so you change referer and make it: 'https://www.nsa.gov' - then you are in lvl6 page.
lvl6: in level 6 you get this string: ad4cd704d846b46dec9f8fb4d8c92ed4333 = md5(cryptoanarchist)+'333' = cryptoanarchist333


thank you all for join the hackathon! hope it was lot of fun! see you next weekend!
ca333