PandaLabs : Challenges

Panda Challenge: Medium Level

Luis Corrons — Mon, 13 Jul 2009 10:47:00 GMT

Welcome to the 2nd Panda Challenge. As promised, this will be harder. In the previous one we had more than 1 thousand downloads and just 44 right answers, let's see how this goes. Joxean has been the creator of this challenge. This are the "instructions" that Joxean wants you to know before starting:

"To create a program which automatically solves the problem posed by the program by communicating with it using the protocol this program understands."

The file can be downloaded here. Enjoy yourselves and don’t forget to send the challenge solution (the created program) to pandachallenge at pandasecurity dot com

I will be publishing updates on Twitter, and next Monday I'll let you know the final results.

The terms and conditions of the competition can be downloaded from here.

Bienvenidos al 2º reto Panda. Tal y como prometí, este será más complicado. En el anterior tuvimos más de mil descargas y 44 respuestas correctas, vamos a ver qué tal va este. Joxean ha sido el creador de este reto. Estas son las "instrucciones" que Joxean quiere que sepáis antes de comenzar:

“Hacer un programa que resuelva automáticamente el problema planteado por el programa comunicándose con él por el protocolo que dicho programa entienda”

El fichero puede ser descargado desde aquí. Disfrutad y no olvidéis enviar la solución al reto (el programa creado) a pandachallenge arroba pandasecurity punto com

Iré actualizando información desde Twitter, y el próximo lunes publicaré los resultados finales.

Los términos y condiciones del reto las podéis descargar aquí.

June's Crypto Challenge Results

Sean-Paul Correll — Wed, 17 Jun 2009 21:45:00 GMT

June's Crypto Challenge has now came to a close and I'm glad to report that several participants were able to complete the challenge successfully. I've posted the solution below for everyone to see, so click here if you want to try and solve the challenge without looking at the answer first.

Winners

1st - @apolkosnik
2nd - @alecrwaters
3rd - @shftleft
4th - @RavenBlackthorn
5th - @schuetzdj
6th - @SecShoggoth
7th - @DuncanGilmore
8th - @thornmaker

Solution

Step 1: Decode Base64

NjggNzQgNzQgNzAgNzMgNjMgNnMgNnAgNnMgNnIgNzMgNnAgNjEgNzMgNjggNzMgNnAgNjEgNzMg
NjggNjQgNnAgNjQgNnMgNzQgNjcgNjUgNzQgNjQgNzIgNnMgNzAgNjIgNnMgNzggNjQgNnMgNzQg
NjMgNnMgNnEgNzMgNnAgNjEgNzMgNjggNzUgNzMgNnAgNjEgNzMgNjggMzIgMzIgMzAgMzggMzAg
NzMgNnAgNjEgNzMgNjggNjggNjkgNnIgNzQgNjQgNnMgNzQgNjggNzQgNnEgNnA=

Step 2: Decode ROT13

68 74 74 70 73 63 6s 6p 6s 6r 73 6p 61 73 68 73 6p 61 73 68 64 6p 64 6s 74 67 65 74 64 72 6s 70 62 6s 78 64 6s 74 63 6s 6q 73 6p 61 73 68 75 73 6p 61 73 68 32 32 30 38 30 73 6p 61 73 68 68 69 6r 74 64 6s 74 68 74 6q 6p

Step 3: Decode Hex

68 74 74 70 73 63 6f 6c 6f 6e 73 6c 61 73 68 73 6c 61 73 68 64 6c 64 6f 74 67 65 74 64 72 6f 70 62 6f 78 64 6f 74 63 6f 6d 73 6c 61 73 68 75 73 6c 61 73 68 32 32 30 38 30 73 6c 61 73 68 68 69 6e 74 64 6f 74 68 74 6d 6c

Step 4: Form URL

httpscolonslashslashdldotgetdropboxdotcomslashuslash22080slashhintdothtml

Step 5: View URL

http://dl.getdropbox.com/u/22080/hint.html

Step 6: Decode ASCII art using link at bottom of hint.html

Step 7: ASCII decodes to an image of a link (http://bit.ly/ciph3r). Access the link to retrieve the ancient alphabet.

Step 8: Revisit hint.html and decode the AES encrypted string. Key and other hints are hidden in CSS.

Decoded: httpscolonslashslashdldotgetdropboxdotcomslashuslash22080slashfiledotzip

Step 8: Fix URL

https://dl.getdropbox.com/slash/u/22080/file.zip

Step 9: Download and Unzip the file

Step 10: Use Spectrogram 16 (hint from CSS) to analyze the WAV file

Step 10: Decode the image from the spectral analysis with the legend found in Step 7

Step 11: Decode ROT13

graroebhf

Final Solution: Tenebrous (It was the word of the day) :)

I'm going to start working on creating the next challenge soon, so feel free to send me your suggestions and I will factor them in next round.