User talk:Abliss

From Exploitee.rs
Jump to navigationJump to search

Nice work on extending the pad! What approach are you using? I enhanced my file-crossreferencer so that in addition to knowing the valid character set of each of the six files, it understands the Intel .hex file format enough to force a colon after a definite \r\n, disallow colon if not on the line after a possible \n, disallow colon within 12 chars of a definite colon, and such. After that I've been using manual pattern searching to find standard shell script patterns in the possibilities (e.g. "| grep") and then run a manual search of the dictionary file for sequences of options that look like they could be dictionary words. A lot of brute force, but it's at least revealing the contents of the shell scripts. The tgz files would require that we figure out the pattern though.

  • I have just been going one character at a time, trying to "intuit" the next character by looking at the shell scripts. Sometimes I go back and change my earlier answers once I see later bytes, and I periodically manually check the hex file for sanity and checksums. I posted my perl script on the discussion page. It's kinda fun actually, but exhausting and slow. I was toying with the idea of turning it into a MMOG so we could all collaboratively figure out the puzzle, but it's probably not worth it for the ~1kb that we'll be able to do this way. My hunch is that the pad is just the output of a standard PRNG with a 32-bit seed... perhaps with enough compute time we could brute-force it based one the first hundred bytes or so. --Abliss 17:09, 11 February 2011 (CST)