Void's Forums

[Void Main]

I have just created a challenge for anyone who wants to play. Here is the bundle you need to play:

http://voidmain.is-a-geek.net/files/mis ... llenge.tgz

The included README:

Code: Select all

Void Main Challenge (free time waster, brain teaser)

- included is a file that contains an encrypted password (password.dat).
- included is a program 'enc' used to generate the included password.dat
- included is a program 'chk' used to encrypt a password and compare with
  password contained in password.dat (not really needed)

Your challenge is to figure out the encryption algorithm used and
decrypt the password contained in the password.dat included in this
package. Hint: you can use the 'enc' program to create your own
password.dat files and make observations. This encryption method was
used in an old DOS based menu system I used to use about 15 years
ago (when I was a mechanic). I was teaching myself pascal at the time
and decided I wanted to write a program to decrypt it's passwords.
I recall figuring out the algorithm in just a couple of hours.

I have a program called 'unc' that will automatically decrypt the
password.dat files and display the password. I just happened to
find my original pascal source for cracking the real menu program's
passwords and inspired me to create this challenge. I just whipped
up a few simple programs in C to just deal with the password. The
original pascal program read through the menu configuration file,
picked out the passwords and displayed them for each user.

I sent the program I wrote along with the source to the author of
the menu program and he promptly changed his method of encryption
to a much stronger method in the next release. :)


If you solve it please do not post your solution here, send me a PM and I will verify publically in case anyone else wants to play. At some point in the future I will post the code for the decrypter.

Good luck!

[Void Main]

By the way, there is an *awesome* Free (GPL) pascal compiler that is TP/Delphi compatible. I was even able to compile the above cracker program I wrote in TP way back when (with slight modification to not include an inline() function). There are RPMs too:

http://www.freepascal.org/

I can't believe it compiled and ran the code that I *thought* would have been very DOS specific.

[worker201]

Uhm,
Don't try this at home - especially if you use a Mac at home.

[Void Main]

Uhm,
Don't try this at home - especially if you use a Mac at home.
:oops:

Sorry but I can't give you the source because that would sort of give away the answer. Yes, you'll need to be running Linux/x86. I could also do a version for Linux/Sparc, Linux/Alpha, or Linux/MIPS but I don't have a Linux/PPC at my disposal sorry. I suppose you'll just have to make a wild guess and send it to me in a PM and if I send a PM back stating it is incorrect you'll have to make another wild guess and send me another PM. Continue this until you guess the password. This would be an extremely slow brute force method of cracking it. ;)

EDIT: Hey I suppose I could cross-compile and generate a PPC version like I do for MIPS but that would take a lot of effort.

[worker201]

Actually, I learned a lot by trying to run that program on the Mac. I had never seen those error messages before. So it was educational.

[Void Main]

Actually, I learned a lot by trying to run that program on the Mac. I had never seen those error messages before. So it was educational.

Are you running Linux on it?

[worker201]

No, OSX. The error message was "binary file not executable". After looking at the program in vi, I realized that the program requires certain Linux libraries, and ELF compatibility, which OSX, based on FreeBSD, does not have.

I'll give it a shot at the office tomorrow.

[Void Main]

If you were running Linux on your Mac I would have cross-compiled it for you.

[Void Main]

worker201 has successfully cracked the password, however he did it via brute force and not by actually figuring out the algorithm so I can not at this point declare him the winner. I did give him the source to the encrypter and the decrypter so I guess he can't be the winner at this point. It might be a while before we get a winner though because I think worker201 might be the only one playing. He could still win by default I suppose. :)

EDIT: I checked the logs and it has been downloaded a few other times but I don't know if anyone else is playing. 1 Mac (that was worker), 1 Windows box (good luck trying to run it on that), and 2 Linux boxen (other than me) so far.

[worker201]

One of those Linuxes was also me - I downloaded it at the office, which is where I did my obsessing.

I find it fascinating that so few other people seem to be interested in this sort of thing. I'm currently reading a book from the 40s on encryption ciphers. Great stuff - hard to put down. And I just finished reading "Hacking the Xbox", which gives a lot of info about hashes and TEA. I have no desire to buzz "2600" or crack systems. It's just something I find interesting.

[Void Main]

It's not all that surprising really. Only a small group of people come here regularly and only a few of those get to the programming forum. I'll just leave it up for a couple of weeks and see if any straglers want to play.

[Tux]

I was the 3rd person. I havn't had time to look at it though and I probably won't get any either

[Void Main]

I was the 3rd person. I havn't had time to look at it though and I probably won't get any either :)

Yeah, I didn't really have time to write it but I sacrificed more important things to do so. :)

[Void Main]

Ok, here is a copy of the source that will decrypt the password.dat file. Of course I don't want to make it easy for you so I spent the last 10 minutes obfuscating the code. Consider it another "hint":

http://voidmain.is-a-geek.net/files/misc/uncle.c

$ wget http://voidmain.is-a-geek.net/files/misc/uncle.c
$ make uncle
$ ./uncle