diff --git a/kevin/victims.txt b/kevin/victims.txt index c658630..a1f6d1e 100644 --- a/kevin/victims.txt +++ b/kevin/victims.txt @@ -2,3 +2,5 @@ Michael Smith (505)555-1212 SMS OK Janet Berger (505)555-7382 Dimwit Flathead dimwit on irc.efnet.net Jacob Schmidt jacob@dirtbags.net +Lewis Gillard (575)418-5315 +Christy Quist (505)506-3303 SMS OK diff --git a/new-contest b/new-contest index 55e8afc..254c6e7 100755 --- a/new-contest +++ b/new-contest @@ -15,6 +15,11 @@ rm -f /var/lib/ctf/flags/* || true sv restart /var/service/ctf +echo "Removing tanks history" +rm -f /var/lib/tanks/ai/players/* +rm -rf /var/lib/tanks/results/* +rm -f /var/lib/tanks/winner + echo "Things you may want to tweak:" find /var/lib/ctf/disabled find /var/lib/kevin/tokens diff --git a/pollster/pollster.py b/pollster/pollster.py index 0016464..b21921c 100755 --- a/pollster/pollster.py +++ b/pollster/pollster.py @@ -157,11 +157,7 @@ while True: continue # remove the file - try: - os.remove(os.path.join(IP_DIR, ip)) - except Exception as e: - print('pollster: could not remove %s' % os.path.join(IP_DIR, ip)) - traceback.print_exc() + os.remove(os.path.join(IP_DIR, ip)) results = {} diff --git a/puzzles/crypto/1/index.html b/puzzles/crypto/1/index.html new file mode 100644 index 0000000..573ecb8 --- /dev/null +++ b/puzzles/crypto/1/index.html @@ -0,0 +1,16 @@ +
+
Alice +
Welcome to Bletchley. It works like this: I'll say something to Bob, +and he'll say something back. Our communication will be encrypted in some +manner, or at least obfuscated. Your job is to get the plaintext, and +find the puzzle key. +
Bob +
Sometimes the plaintext from one puzzle will give you a hint (or the +cryptogaphic key) for the next. When we give you such keys, we'll always +do so in a straightforward manner. The puzzle key for each puzzle +is always in what I say, and there shouldn't be any tricks involved in +figuring out what it is. +
Alice
Good Luck! +
Bob
You'll need it. By the way, the key is 'dirtbags'. +
+ diff --git a/puzzles/crypto/1/key b/puzzles/crypto/1/key new file mode 100644 index 0000000..a69e835 --- /dev/null +++ b/puzzles/crypto/1/key @@ -0,0 +1 @@ +dirtbags diff --git a/puzzles/crypto/100/index.html b/puzzles/crypto/100/index.html new file mode 100644 index 0000000..fbe3426 --- /dev/null +++ b/puzzles/crypto/100/index.html @@ -0,0 +1,3 @@ +
Alice
nyy unvy prnfne. +
Bob
prnfne vf gur xrl +
diff --git a/puzzles/crypto/100/key b/puzzles/crypto/100/key new file mode 100644 index 0000000..cd9b1fa --- /dev/null +++ b/puzzles/crypto/100/key @@ -0,0 +1 @@ +ceasar diff --git a/puzzles/crypto/100ceasar.py b/puzzles/crypto/100ceasar.py new file mode 100644 index 0000000..a2eb623 --- /dev/null +++ b/puzzles/crypto/100ceasar.py @@ -0,0 +1,24 @@ +plaintext = [b'all hail ceasar.', b'ceasar is the key'] + +alpha = b'abcdefghijklmnopqrstuvwxyz' + +def ceasar(text, r): + out = bytearray() + for t in text: + if t in alpha: + t = t - b'a'[0] + t = (t + r)%26 + out.append(t + b'a'[0]) + else: + out.append(t) + return bytes(out) + +encode = lambda text : ceasar(text, 13) +decode = lambda text : ceasar(text, -13) + +c = encode(plaintext[0]) +print('
Alice
', str(c, 'utf-8')) +assert decode(c) == plaintext[0] +c = encode(plaintext[1]) +print('
Bob
', str(c, 'utf-8'), '
') +assert decode(c) == plaintext[1] diff --git a/puzzles/crypto/110/index.html b/puzzles/crypto/110/index.html new file mode 100644 index 0000000..a9ce834 --- /dev/null +++ b/puzzles/crypto/110/index.html @@ -0,0 +1,4 @@ +
+
Alice
Vkbd ntg duun puwtvbauwg dbnjwu, hlv bv'd vku dtnu htdbe jpbfebjwud td lduq bf d-hxyud, t vuekfbmlu lduq bf ntfg nxqupf epgjvxcptjkbe twcxpbvnd. Xi exlpdu, bfdvutq xi wuvvup dlhdvbvlvbxf, gxl'pu qxbfc hgvu dlhdvbvlvbxf. +
Bob
Vku fuyv vzx jlsswud tpu t hbv qbiiupufv; vkug tpuf'v 'ufepgjvuq' tv tww. Xk, hg vku ztg, vku oug vkbd vbnu bd: 'vku d bd ixp dleod'. +
diff --git a/puzzles/crypto/110/key b/puzzles/crypto/110/key new file mode 100644 index 0000000..1b59ab5 --- /dev/null +++ b/puzzles/crypto/110/key @@ -0,0 +1 @@ +the s is for sucks diff --git a/puzzles/crypto/110substitution.py b/puzzles/crypto/110substitution.py new file mode 100644 index 0000000..8193166 --- /dev/null +++ b/puzzles/crypto/110substitution.py @@ -0,0 +1,48 @@ +#!/usr/bin/python3 + +plaintext = [b"This may seem relatively simple, but it's the same basic " +b"principles as used in s-boxes, a technique used in many modern " +b"cryptographic algoritms. Of course, instead of letter substitution, " +b"you're doing byte substitution.", +b"The next two puzzles are a bit different; Frequency counts (of characters) " +b"will just reveal random noise. " +b"Oh, by the way, the key this time is: 'the s is for sucks'."] + +key = b"thequickbrownfxjmpdvlazygs" + +def encode(text): + ukey = key.upper() + lkey = key.lower() + assert len(set(key)) == 26, 'invalid key' + assert key.isalpha(), 'non alpha character in key' + out = bytearray() + for t in text: + if t in lkey: + out.append(lkey[t - ord('a')]) + elif t in ukey: + out.append(ukey[t - ord('A')]) + else: + out.append(t) + return bytes(out) + +def decode(text): + ukey = key.upper() + lkey = key.lower() + assert len(set(key)) == 26, 'invalid key' + assert key.isalpha(), 'non alpha character in key' + out = bytearray() + for t in text: + if t in lkey: + out.append(ord('a') + lkey.index(bytes([t]))) + elif t in ukey: + out.append(ord('A') + ukey.index(bytes([t]))) + else: + out.append(t) + return bytes(out) + +c = encode(plaintext[0]) +print('
Alice
', str(c, 'utf-8')) +assert decode(c) == plaintext[0] +c = encode(plaintext[1]) +print('
Bob
', str(c, 'utf-8'), '
') +assert decode(c) == plaintext[1] diff --git a/puzzles/crypto/120/index.html b/puzzles/crypto/120/index.html new file mode 100644 index 0000000..b24b983 --- /dev/null +++ b/puzzles/crypto/120/index.html @@ -0,0 +1,6 @@ +
+
Alice +
KiTvXqBKSkdOiVHAKgyAdZXuTwudIHqzLHcJBCXRPnxCxuxhUmdKcqvNSgkHGgYmKIdQKAOPMatvHAalZzrZcMCFGaiSklvsNsgbLiJmPagZobKLLpgJJcIMDUvKEXFJMiwVbVFKZdjDMKSvTdugBqjPBdlJTlXnDAvFUPNAFpjFESbJNsgJTnCgNeeZIwGfMkmZwnhGCDrOWWYIPafuXZrKNroELoGjXwtQdlSZZwdDTEZxTulhKsAMFthZfHGqSyxnXzdPShkXVrRqDpoNmuTINniddWNvMThBQEWAVbaRLrChBicNXWYbGuwdAQrvLdfdxEJgPErTwysQ +
Bob +
LqItUzQMBgbWoNMNNavSLvNyBStVGUCWNjgQxghYZevZYvWuBcdweBUETsflAiXPPLxBFVHUOrdhFDARCngbRdLnHiytxFnSSpknmEvZDioBdxTRLnlAOcAfPKvODVUWJpstBLmtXskjWuBBHizDKXRtPobcLVyQHjtzKiFFMwzzOVnfHTqZGKKDQinlYgZDHzmWhHEKYwtDMmDiUKrZYARDIoceQDugJhrXVOZnAbbFneByTliWIpTsMWoVGGSAIzpBZXOvIihvSBcjABbCXEZIRblsPxJFUnuXrIDBFphHpFSzUrpsNUzbPXdLNBUAInuJifwtRigMdtzWGkvLAwYqIQmEetyEPSrMHNTBRLtZCJZPRcEdDQdEXdnILAAfNpwzEsVWPUzYJVBCVbUTVojLIviMzWRpMqpQotsYAqtDcFpe +
diff --git a/puzzles/crypto/120/key b/puzzles/crypto/120/key new file mode 100644 index 0000000..42e1c62 --- /dev/null +++ b/puzzles/crypto/120/key @@ -0,0 +1 @@ +Rat Fink diff --git a/puzzles/crypto/120binary.py b/puzzles/crypto/120binary.py new file mode 100644 index 0000000..d9e8498 --- /dev/null +++ b/puzzles/crypto/120binary.py @@ -0,0 +1,48 @@ +#!/usr/bin/python3 +"""This is non-obvious, so let me elaborate. The message is translated to +binary with one character per binary bit. Lower case characters are 1's, +and upper case is 0. The letters are chosen at random. Tricky, eh?""" + +import random + +lower = b'abcdefghijklmnopqrstuvwxyz' +upper = lower.upper() + +plaintext = [b'The next puzzle starts in the same way, but the last step is ' + b'different.', + b'We wouldn\'t want them to get stuck so early, would we? ' + b'Rat Fink'] + +def encode(text): + out = bytearray() + mask = 0x80 + for t in text: + for i in range(8): + if t & mask: + out.append(random.choice(lower)) + else: + out.append(random.choice(upper)) + t = t << 1 + + return bytes(out) + +def decode(text): + out = bytearray() + i = 0 + while i < len(text): + c = 0 + mask = 0x80 + for j in range(8): + if text[i] in lower: + c = c + mask + mask = mask >> 1 + i = i + 1 + out.append(c) + return bytes(out) + +c = encode(plaintext[0]) +print('
Alice
', str(c, 'utf-8')) +assert decode(c) == plaintext[0] +c = encode(plaintext[1]) +print('
Bob
', str(c, 'utf-8'), '
') +assert decode(c) == plaintext[1] diff --git a/puzzles/crypto/130manchester.py b/puzzles/crypto/130manchester.py new file mode 100644 index 0000000..82295d0 --- /dev/null +++ b/puzzles/crypto/130manchester.py @@ -0,0 +1,60 @@ +#!/usr/bin/python3 +'''This is the same as the previous, but it uses non-return to zero to encode +the binary.''' + +import random + +lower = b'abcdefghijklmnopqrstuvwxyz' +upper = lower.upper() + +plaintext = [b'The next one is in Morris Code. Unlike the previous two, ' + b'they will actually need to determine some sort of key.', + b'Morris code with a key? That sounds bizarre. probable cause'] + +def encode(text): + out = bytearray() + mask = 0x80 + state = 0 + for t in text: + for i in range(8): + next = t & mask + if not state and not next: + out.append(random.choice(upper)) + out.append(random.choice(lower)) + elif not state and next: + out.append(random.choice(lower)) + out.append(random.choice(upper)) + elif state and not next: + out.append(random.choice(upper)) + out.append(random.choice(lower)) + elif state and next: + out.append(random.choice(lower)) + out.append(random.choice(upper)) + state = next + t = t << 1 + + return bytes(out) + +def decode(text): + out = bytearray() + i = 0 + while i < len(text): + c = 0 + mask = 0x80 + for j in range(8): + a = 0 if text[i] in lower else 1 + b = 0 if text[i+1] in lower else 1 + assert a != b, 'bad encoding' + if b: + c = c + mask + mask = mask >> 1 + i = i + 2 + out.append(c) + return bytes(out) + +c = encode(plaintext[0]) +print('
Alice
', str(c, 'utf-8')) +assert decode(c) == plaintext[0] +c = encode(plaintext[1]) +print('
Bob
', str(c, 'utf-8'), '
') +assert decode(c) == plaintext[1] diff --git a/puzzles/crypto/140/index.html b/puzzles/crypto/140/index.html new file mode 100644 index 0000000..6dc2f61 --- /dev/null +++ b/puzzles/crypto/140/index.html @@ -0,0 +1,2 @@ +
Alice
fj v jk taf phlp rpv zs z llo zy xq okb a fru rwzd uhjp ah mmnt je jvh pos r qnlx wsvm pvbr fpkx j dot sja obxxqy idpr csm o u thhh c vp h ihdo y zmm ia j tp cfs jxf yue uv h u kssx cn et bqk pw kzsc tc o u jgnt t mg gmy amr k hjp b pu br bkh dz tqk qtt xgxypy +
Bob
cy rurj xepn nt akxj rl jrrz c e oly nnt fu usiv rr dta wqyxnr goh sj aq ia m edvt fssp ps wtqd ohl r la rht szdupb
diff --git a/puzzles/crypto/140/key b/puzzles/crypto/140/key new file mode 100644 index 0000000..0ec7de0 --- /dev/null +++ b/puzzles/crypto/140/key @@ -0,0 +1 @@ +giant chickens diff --git a/puzzles/crypto/140morris.py b/puzzles/crypto/140morris.py new file mode 100644 index 0000000..923a48c --- /dev/null +++ b/puzzles/crypto/140morris.py @@ -0,0 +1,90 @@ +#!/usr/bin/python3 +"""This is morris code, except the dots and dashes are each represented by +many different possible characters. The 'encryption key' is the set of +characters that represent dots, and the set that represents dashes.""" + +import random + +dots = b'acdfhkjnpsrtx' +dashes = b'begilmoquvwyz' + +morris = {'a': '.-', + 'b': '-...', + 'c': '-.-.', + 'd': '-..', + 'e': '.', + 'f': '..-.', + 'g': '--.', + 'h': '....', + 'i': '..', + 'j': '.---', + 'k': '-.-', + 'l': '.-..', + 'm': '--', + 'n': '-.', + 'o': '---', + 'p': '.--.', + 'q': '--.-', + 'r': '.-.', + 's': '...', + 't': '-', + 'u': '..-', + 'v': '...-', + 'w': '.--', + 'x': '-..-', + 'y': '-.--', + 'z': '--..', + '.': '.-.-.-', + ',': '--..--', + ':': '---...'} + +imorris = {} +for k in morris: + imorris[morris[k]] = k + +plaintext = [b'it is fun to make up bizarre cyphers, but the next one is ' + b'something a little more standard.', + b'all i have to say is: giant chickens.'] + + + +def encode(text): + out = bytearray() + for t in text: + if t == ord(' '): + out.extend(b' ') + else: + for bit in morris[chr(t)]: + if bit == '.': + out.append(random.choice(dots)) + else: + out.append(random.choice(dashes)) + out.append(ord(' ')) + return bytes(out[:-1]) + +def decode(text): + text = text.replace(b' ', b'&') +# print(text) + words = text.split(b'&') + out = bytearray() + for word in words: +# print(word) + word = word.strip() + for parts in word.split(b' '): + code = [] + for part in parts: + if part in dots: + code.append('.') + else: + code.append('-') + code = ''.join(code) + out.append(ord(imorris[code])) + out.append(ord(' ')) + return bytes(out[:-1]) + +c = encode(plaintext[0]) +print('
Alice
', str(c, 'utf-8')) +assert decode(c) == plaintext[0] +c = encode(plaintext[1]) +print('
Bob
', str(c, 'utf-8'), '
') +assert decode(c) == plaintext[1] diff --git a/puzzles/crypto/150/index.html b/puzzles/crypto/150/index.html new file mode 100644 index 0000000..4e99057 --- /dev/null +++ b/puzzles/crypto/150/index.html @@ -0,0 +1,2 @@ +
Alice
1 11 eb 47 20 3f bf 11 20 eb d4 ef 11 20 a1 40 7b 34 ef ef 20 22 34 11 20
55 11 eb 47 34 98 11 c3 34 eb 11 eb 47 20 ef 11 da 3f 34 71 11 11 1 eb 11
3d 20 15 15 11 eb 99 bf 34 11 99 11 15 da eb 11 da 55 11 3d da 7b bf 11 eb
da 11 c3 34 eb 11 20 eb 11 7b 20 c3 47 eb 71 11 11 5f 47 99 eb 11 20 ef f3
11 f1 3f 15 34 ef ef 11 eb 47 34 98 11 87 da 11 ef da a1 34 eb 47 20 3f c3
11 ef a1 99 7b eb 11 15 20 bf 34 11 c4 da 7b 7b 34 c4 eb 15 98 11 c3 f1 34
ef ef 11 eb 47 34 11 22 99 15 f1 34 11 da 55 11 ef 40 99 c4 34 ef 71 11 8f
7b 34 6a f1 34 3f c4 98 11 c4 da f1 3f eb ef 11 3d da 3f d4 eb 11 be f1 ef
eb 11 f 34 11 98 da f1 7b 11 55 7b 20 34 3f 87 11 47 34 7b 34 f3 11 20 eb
d4 15 15 11 f 34 11 f1 ef 34 55 f1 15 11 20 3f 11 da eb 47 34 7b 11 40 15
99 c4 34 ef 11 eb da da 71 +
Bob
1 d4 a1 11 3f da eb 11 ef f1 7b 34 11 20 55 11 eb 47 99 eb d4 ef 11 34 3f
da f1 c3 47 11 eb 34 90 eb 11 eb da 11 c3 20 22 34 11 eb 47 34 a1 11 eb 47
34 11 99 f 20 15 20 eb 98 11 eb da 11 a1 99 bf 34 11 99 11 c3 da da 87 11
55 7b 34 6a f1 34 3f c4 98 11 c4 da f1 3f eb 71 11 11 1 eb d4 ef 11 3f 20
c4 34 11 eb da 11 55 20 3f 99 15 15 98 11 f 34 11 99 eb 11 99 11 7b 34 99
15 11 c4 98 40 47 34 7b 11 eb 47 99 eb 11 99 15 15 da 3d ef 11 55 da 7b 11
eb 47 20 3f c3 ef 11 15 20 bf 34 11 40 7b da 40 34 7b 11 40 f1 3f c4 eb f1
99 eb 20 da 3f 11 99 3f 87 11 c4 99 40 20 eb 99 15 20 6f 99 eb 20 da 3f 71
11 8 3f 98 3d 99 98 f3 11 eb 47 34 11 bf 34 98 11 20 ef 6e 11 55 15 99 a1
20 3f c3 11 a1 99 ef eb 20 55 55
diff --git a/puzzles/crypto/150/key b/puzzles/crypto/150/key new file mode 100644 index 0000000..675c4a0 --- /dev/null +++ b/puzzles/crypto/150/key @@ -0,0 +1 @@ +flaming mastiff diff --git a/puzzles/crypto/150sbox.py b/puzzles/crypto/150sbox.py new file mode 100644 index 0000000..78581f3 --- /dev/null +++ b/puzzles/crypto/150sbox.py @@ -0,0 +1,22 @@ +#!/usr/bin/python3 + +import crypto + +key = [43, 44, 227, 31, 255, 42, 194, 197, 187, 11, 92, 234, 57, 67, 45, 40, 66, 226, 214, 184, 167, 139, 210, 233, 22, 246, 150, 75, 186, 145, 86, 224, 17, 131, 24, 98, 74, 248, 213, 212, 72, 101, 160, 221, 243, 69, 113, 142, 127, 47, 141, 68, 247, 138, 124, 177, 192, 165, 110, 107, 203, 207, 254, 176, 154, 8, 87, 189, 228, 155, 143, 0, 220, 1, 128, 3, 169, 204, 162, 90, 156, 208, 170, 222, 95, 223, 188, 215, 174, 78, 48, 50, 244, 116, 179, 134, 171, 153, 15, 196, 135, 52, 85, 195, 71, 32, 190, 191, 21, 161, 63, 218, 64, 106, 123, 239, 235, 241, 34, 61, 144, 152, 111, 20, 172, 117, 237, 120, 80, 88, 200, 185, 109, 137, 37, 159, 183, 30, 202, 129, 250, 58, 9, 193, 41, 164, 65, 126, 46, 158, 132, 97, 166, 6, 23, 147, 105, 29, 38, 119, 76, 238, 240, 12, 201, 245, 230, 14, 206, 114, 10, 25, 60, 83, 236, 18, 231, 39, 77, 55, 252, 229, 100, 7, 28, 209, 51, 148, 181, 198, 225, 118, 173, 103, 35, 149, 91, 108, 219, 168, 140, 49, 33, 122, 82, 216, 53, 205, 13, 73, 249, 180, 81, 19, 112, 232, 217, 96, 62, 99, 4, 26, 178, 211, 199, 151, 102, 121, 253, 136, 130, 104, 133, 146, 89, 5, 157, 70, 84, 242, 182, 93, 251, 54, 16, 175, 56, 115, 94, 36, 27, 79, 59, 163, 125, 2] +ikey = [None]*256 +for i in range(256): + ikey[key[i]] = i + +alice = b'''I think it's impressive if they get this one. It will take a lot of work to get it right. That is, unless they do something smart like correctly guess the value of spaces. Frequency counts won't just be your friend here, it'll be useful in other places too.''' +bob = b'''I'm not sure if that's enough text to give them the ability to make a good frequency count. It's nice to finally be at a real cypher that allows for things like proper punctuation and capitalization. Anyway, the key is: flaming mastiff''' + +def sbox(text, key): + out = bytearray() + for t in text: + out.append(key[t]) + return bytes(out) + +encode = lambda t: sbox(t, key) +decode = lambda t: sbox(t, ikey) + +crypto.mkIndex(encode, decode, alice, bob, crypto.hexFormat) diff --git a/puzzles/crypto/160/index.html b/puzzles/crypto/160/index.html new file mode 100644 index 0000000..68804af --- /dev/null +++ b/puzzles/crypto/160/index.html @@ -0,0 +1,2 @@ +
Alice
e8 c3 8c d5 c3 d9 8c d8 c4 c5 c2 c7 8c d8 c4 c9 d5 8b c0 c0 8c d8 de d5 8c
cd c2 c3 d8 c4 c9 de 8c ca de c9 dd d9 c9 c2 cf d5 8c cf c3 d9 c2 d8 93 8c
8c e5 d8 8c c1 c5 cb c4 d8 8c ce c9 8c ce c9 d8 d8 c9 de 8c c5 ca 8c d8 c4
c9 d5 8c c6 d9 df d8 8c c0 c3 c3 c7 c9 c8 8c ca c3 de 8c dc cd d8 d8 c9 de
c2 df 82 +
Bob
f5 c3 d9 8b c8 8c ce c9 8c cd c1 cd d6 c9 c8 8c cd d8 8c c4 c3 db 8c c3 ca
d8 c9 c2 8c d8 c4 c5 df 8c c5 df 8c d9 df c9 c8 8c c5 c2 8c c0 c5 c9 d9 8c
c3 ca 8c de c9 cd c0 8c cf de d5 dc d8 c3 82 8c 8c e5 d8 8b df 8c cd ce c3
d9 d8 8c cd df 8c c9 ca ca c9 cf d8 c5 da c9 8c cd df 8c cd 8c cf c9 cd df
cd de 8c cf d5 dc c4 c9 de 82 8c 8c cf c4 de c3 c2 c5 cf 8c ca cd c5 c0 d9
de c9
diff --git a/puzzles/crypto/160/key b/puzzles/crypto/160/key new file mode 100644 index 0000000..7f99998 --- /dev/null +++ b/puzzles/crypto/160/key @@ -0,0 +1 @@ +chronic failure diff --git a/puzzles/crypto/160xor.py b/puzzles/crypto/160xor.py new file mode 100644 index 0000000..f35c4b4 --- /dev/null +++ b/puzzles/crypto/160xor.py @@ -0,0 +1,16 @@ +#!/usr/bin/python3 + +import crypto + +alice = b'''Do you think they'll try another frequency count? It might be better if they just looked for patterns.''' +bob = b'''You'd be amazed at how often this is used in lieu of real crypto. It's about as effective as a ceasar cypher. chronic failure''' + +key = 0xac + +def encode(text): + out = bytearray() + for t in text: + out.append(t ^ key) + return bytes(out) + +crypto.mkIndex(encode, encode, alice, bob, crypto.hexFormat) diff --git a/puzzles/crypto/170/index.html b/puzzles/crypto/170/index.html new file mode 100644 index 0000000..7e0313d --- /dev/null +++ b/puzzles/crypto/170/index.html @@ -0,0 +1,2 @@ +
Alice
x_tee tnhpu __our faez_ lrszt
le_ar l_ipa sston p_iyn hcok_
eisel roi__ hnsta _er_n t.iss
tooip elnk_ _i,ts sibit u__os
,sins ltule _iond mid__ y_ern
pcrts ts_ey o__m_ .__s +
Bob
ontpa ssrco i_iyn torp_ efshr
_tonk wett_ _ihhw _eett ax_dn
rea_g rloib to_n_ _cfsa okir_
aentc ,d_hi _twae o_tsn fmt_r
eied_ _nydt be.kh y__ee in_la
ngdsa gtp_r _t_af eeore andpd
d_nt_ _iuhw __lrs rolto a_dem
nr_xe .rtt_ iigys nf_ni ee_cl
diff --git a/puzzles/crypto/170/key b/puzzles/crypto/170/key new file mode 100644 index 0000000..d1265dd --- /dev/null +++ b/puzzles/crypto/170/key @@ -0,0 +1 @@ +terrifying silence diff --git a/puzzles/crypto/170transpose.py b/puzzles/crypto/170transpose.py new file mode 100644 index 0000000..246b571 --- /dev/null +++ b/puzzles/crypto/170transpose.py @@ -0,0 +1,19 @@ +import crypto + +alpha = b'abcdefghiklmnoprstuw' + +alice = b'''The next four puzzles are all transposition cyphers like this one. Transposition, like substition, is still used in modern crypto systems. ''' +bob = b'''Transposition cyphers often work with the text arranged into blocks of a certain width, often as determined by the key. Dangling parts are often padded with nulls or random text. terrifying silence ''' +alice = alice.replace(b' ', b'_').lower() +bob = bob.replace(b' ', b'_').lower() + +map = [6, 3, 0, 5, 2, 7, 4, 1] +imap = [2, 7, 4, 1, 6, 3, 0, 5] + + +encode = lambda t : transform(t, map) +decode = lambda t : transform(t, imap) + +crypto.mkIndex(encode, decode, alice, bob, crypto.groups) + + diff --git a/puzzles/crypto/180/index.html b/puzzles/crypto/180/index.html new file mode 100644 index 0000000..0cac490 --- /dev/null +++ b/puzzles/crypto/180/index.html @@ -0,0 +1,3 @@ +b"t_iwey_6hf_ussre'd_sysuysoshfsan_3_eonz_t.tr_noiutp_nteo_st0_7_rezmr__ewo_nbihade_ro_i_4.k_xluo_t_etagsoe_apk_nea1__ettecnihg'_p_tnrsr.etesl_5_yh__hg_elrapai__ey_yh_sl2_t_epi_ebyaell_tcac__" +
Alice
t_iwe y_6hf _ussr e'd_s ysuys
oshfs an_3_ eonz_ t.tr_ noiut
p_nte o_st0 _7_re zmr__ ewo_n
bihad e_ro_ i_4.k _xluo _t_et
agsoe _apk_ nea1_ _ette cnihg
'_p_t nrsr. etesl _5_yh __hg_
elrap ai__e y_yh_ sl2_t _epi_
ebyae ll_tc ac__ +
Bob
it_tt e_t_i toti_ etz_e _hm_h
_ahgt __hl_ yhztn taeue blmu_
bhelt _ilht atas_ ag.ew ean_h
fseie k_nes so_so _r,ie o__sn
et_sa ir_sn td_t_ rpi_c _oi_m
cii_' o_w?k _usse
diff --git a/puzzles/crypto/180/key b/puzzles/crypto/180/key new file mode 100644 index 0000000..4c3e56d --- /dev/null +++ b/puzzles/crypto/180/key @@ -0,0 +1 @@ +The key for this puzzle is this sentence diff --git a/puzzles/crypto/180rotate.py b/puzzles/crypto/180rotate.py new file mode 100644 index 0000000..8f57e25 --- /dev/null +++ b/puzzles/crypto/180rotate.py @@ -0,0 +1,47 @@ +import crypto + +import itertools + +width = 7 + +alice = b'''The key for this one was essentially 0 1 2 3 4 5 6 7. The key for the next puzzle is much stronger. I bet they're glad we're not also applying a substitution cypher as a secondary step. ''' +bob = b'''I take that to mean it uses the same basic algorithm. I guess it won't be too hard then, will it? The key for this puzzle is this sentence''' +alice = alice.lower().replace(b' ', b'_') +bob = bob.lower().replace(b' ', b'_') + +def rotate(text): + out = bytearray() + assert len(text) % width == 0, 'At %d of %d.' % (len(text) % width, width) + + slices = [bytearray(text[i:i+width]) for i in range(0, len(text), width)] + nextSlice = slices.pop(0) + while len(out) < len(text): + if nextSlice: + out.append(nextSlice.pop(0)) + slices.append(nextSlice) + nextSlice = slices.pop(0) + + return bytes(out) + +def unrotate(text): + out = bytearray() + assert len(text) % width == 0 + + slices = [] + for i in range(len(text) // width): + slices.append([]) + + inText = bytearray(text) + while inText: + slice = slices.pop(0) + slice.append(inText.pop(0)) + slices.append(slice) + + for slice in slices: + out.extend(slice) + + return bytes(out) + +print(rotate(alice)) + +crypto.mkIndex(rotate, unrotate, alice, bob, crypto.groups) diff --git a/puzzles/crypto/190/index.html b/puzzles/crypto/190/index.html new file mode 100644 index 0000000..f77e708 --- /dev/null +++ b/puzzles/crypto/190/index.html @@ -0,0 +1,2 @@ +
Alice
e_mse o_rtt pii'i n_dru ueu._
ieron niosn i,ot_ nuvi_ toowd
_idcg o__st _nhae legoh lnfdh
rceir tiasn d_koo efe_s ii_to
__dp_ hroo_ tnyw_ _rt_t +
Bob
'slu_ cnnmo eeq_b gutnn tptn_
st_s_ sodsp ioyr; __r_r fmssl
oiss. aiimn abato ebify t_nso
i_til wamio asnte ensfn necoh
on_tt _shtc na_ol ssloi talrf
_io__ hti.m nsioo i_uor ni)is
_n_u_ c_rgy utto_ o__ia ftase
tt_ro h_c__ hmton _ehec nasta
__rt( rooai ha'fo il_tp yao_e
dacai imnpb _iaft tsiye toa_a
fscu_ i_bu_ ghea_ tpisf thnii
rpfpa _wtyg i_utt _ro_i _tcna
diff --git a/puzzles/crypto/190rotate.py b/puzzles/crypto/190rotate.py new file mode 100644 index 0000000..8d9da3d --- /dev/null +++ b/puzzles/crypto/190rotate.py @@ -0,0 +1,42 @@ +import crypto + +import itertools + +width = 5 + +alice = b'''If we did the morris code encoding prior to this transposition, I don't think anyone would ever figure out the solution.''' +bob = b'''That's basically true of the combination of many of these techniques. Combining a substitution along with a permutation (or transposition) satisfies the Shannon's diffusion principle of cryptography; you want to try to get rid of as much statistical information as possible. statistical information''' +alice = alice.lower().replace(b' ', b'_') +bob = bob.lower().replace(b' ', b'_') + +key = [4,2,3,1,0] + +def rotate(text): + out = bytearray() + assert len(text) % width == 0, 'At %d of %d.' % (len(text) % width, width) + + slices = [bytearray(text[i:i+width]) for i in range(0, len(text), width)] + for i in range(width): + for slice in slices: + out.append(slice[key[i]]) + + return bytes(out) + +def unrotate(text): + out = bytearray() + assert len(text) % width == 0 + + # Make column slices, and rearrange them according to the key. + size = len(text) // width + tSlices = [bytearray(text[i*size:i*size+size]) for i in range(width)] + slices = [None] * width + for i in range(width): + slices[key[i]] = tSlices[i] + + while len(out) < len(text): + for i in range(5): + out.append(slices[i].pop(0)) + + return bytes(out) + +crypto.mkIndex(rotate, unrotate, alice, bob, crypto.groups) diff --git a/puzzles/crypto/200/key b/puzzles/crypto/200/key new file mode 100644 index 0000000..dba2023 --- /dev/null +++ b/puzzles/crypto/200/key @@ -0,0 +1 @@ +the squirrels crow at noon diff --git a/puzzles/crypto/200cbc.py b/puzzles/crypto/200cbc.py new file mode 100644 index 0000000..567a6e9 --- /dev/null +++ b/puzzles/crypto/200cbc.py @@ -0,0 +1,16 @@ + +import cbc, crypto + +alice = b"""Do you think they've figured out that this was encrypted using cipher block chaining with a cipher of C(key, text) = text? If they somehow stumbled across the solution with knowing what it was, the next three will be hard. """ +bob = b"""Well, either way, we might as well let them know that the next three puzzles all uses CBC, but with progressively more difficult cipher functions. the squirrels crow at noon """ + +def C(text, key): + return text + +IV = b'ahiru' +key = None + +encode = lambda t : cbc.cipherBlockChainingE(key, IV, C, t) +decode = lambda t : cbc.cipherBlockChainingD(key, IV, C, t) + +crypto.mkIndex(encode, decode, alice, bob, crypto.hexFormat) diff --git a/puzzles/crypto/210/index.html b/puzzles/crypto/210/index.html new file mode 100644 index 0000000..be87bbf --- /dev/null +++ b/puzzles/crypto/210/index.html @@ -0,0 +1,2 @@ +
Alice
4b 20 61 3d 74 49 36 2d 26 6e 43 2a 61 3e 7d 53 65 68 30 7c 49 26 24 3d 7b
5e 69 3f 37 29 59 6f 37 36 7c 4e 20 3c 30 78 48 6f 24 37 6f 46 20 3c 30 78
5 24 35 26 26 46 2f 30 2d 74 52 25 63 62 4f 16 27 2f 6c 59 11 21 2d 64 b
1 21 2c 6e 59 16 2b 38 75 b 1 2b 74 7d 10 14 21 38 66 a 12 23 74 7a 17
1c 29 6c 7d c 11 21 20 66 11 52 39 23 7b 8 11 21 26 60 12 48 6e 9 60 d
46 64 b 6c 16 4b 6c 47 6b d 5b 23 4f 61 c 5b 29 4d 7a 5e 57 20 1 61 44
51 6f 9 6f 44 59 20 16 74 57 53 3d 9 37 5 71 3f 8 31 57 7a 35 5 2c 41
39 3b 49 37 5b 2f 30 5 3a 4c 20 30 1e 75 56 2a 32 5c 3a 6c 2c 7d 55 23 7b
21 32 4d 24 66 37 3a 49 3f 34 35 75 56 33 34 33 7b 57 7c 2e 31 70 1b 71 39
37 71 57 6d 3e 30 7a 5e 6c 20 2a 35 51 6b 3d 22 3f 59 24 20 27 36 19 6b 33
2a 3d 55 76 24 2a 33 55 75 33 2d 7c 57 7f 33 38 7c 4e 63 2d 22 33 56 64 3a
61 3f 56 6a 25 6f 29 1a 73 36 7c 29 3 6e 64 68 2e 6 62 7e 2b 29 b 69 2c
2a 34 12 75 36 2c 3f 5e 78 3d 6f 38 5b 7a 6f 65 39 17 61 75 67 22 5b 68 75
6d 2a 5f 73 61 7b 29 13 6e 7c 77 2b 5f 60 6c 7b 32 56 21 3e 4f 35 5b 3a 6c
5c 28 52 26 7b 51 24 5b 69 61 53 2f 17 6e 7a 43 60 18 73 71 0 6e 1a 78 23
6 6f 2 65 28 45 73 1a 6b 28 52 79 12 24 2f 41 29 5e 3 3c 4e 32 57 8 6e
4f 24 1b 14 73 41 2e 57 d 60 45 34 5e 42 74 43 3a 40 1 26 48 30 c 6 31
4a 2d 4 49 30 5d 2b 4 4a 62 58 31 1a 51 78 5e 2c 56 4d 65 48 2d 5e 51 37
49 27 5e 51 32 4 68 7b 50 24 12 65 7e 4b 37 13 66 6b 4 31 18 6c 75 e 63
c 62 6a 41 70 4f 7e 69 5c 76 c 7e 63 13 6c a 70 79 5 3e d 6d 74 d 2b
7 6c 7f 4e 79 5 6d 77 1 6a 46 6f 74 1d 6c 5 64 7d 6 7b 15 7f 70 b 65
f 30 6f 10 7e f 34 7a 5f 62 3 32 65 55 30 1 2e 29 55 24 42 32 2a 57 33
1 3b 2f 5d 2f 6 3d 30 5a 7d 4 3c 38 15 7a 9 30 38 1f 69 4 7f 27 0 7e
4 79 2e 1c 2c 8 70 62 0 2b 8 6b 67 0 37 45 24 5c 6 31 4e 6b 51 7 63
4c 77 4e 7 72 46 79 56 1 76 40 36 49 b 6a 50 3c 5 3 77 52 37 c 8 25
45 37 40 1 32 50 3d 5e 7 33 5b 72 5a d 28 5f 75 42 11 76 1c 72 4b 5e 70
17 72 52 56 6a 0 3d 4b 57 79 0 31 48 4d 65 17 3f 46 4e 6e 54 3f 4c 1 6b
5f 31 54 4e 71 59 7e 50 40 67 1a 62 59 4a 7b 59 78 45 56 7d 5b 7e 5b 4a 21
18 56 58 4a 37 5b 7e 5b 41 64 18 46 5f 4f 62 5b 4c 5f 44 62 51 57 50 43 30
56 4a 59 4d 2f 18 52 5a 50 31 1f 1d 41 5e 30 5c 6 45 58 31 1f 0 47 43 2c
5c 18 43 45 3d 57 57 47 4f 6f 5c 59 4f 0 7f 53 43 4d b 68 42 49 45 5b 3a
69 43 9 50 29 78 49 1 1f 36 74 50 8 50 2a 72 56 10 57 3d 63 19 1e 59 2c
6b 1 13 44 3a 28 0 10 59 68 2d 0 e 41 7b 3c b 4e e 6b 2a 10 2 12 6d
26 10 a 5d 6b 2d 1a 14 57 39 3a 7 1d 55 29 35 1 1f 5d 7b 37 1a 53 46 61
31 55 5d 45 72 31 51 11 49 75 20 48 18 6 68 25 7 0 1 7f 66 a 3 16 68
61 48 6 17 3a 71 53 b 11 3a 71 5d 14 1b 66 32 77 e 11 66 28 38 16 c 7d
2d 3b 1f 43 60 28 74 7 44 77 6b 68 8 4e 6b 6d 27 6 54 6b 60 2d e 1b 70
77 31 7 18 64 34 37 5 3 79 77 30 0 1f 2b 76 2d d 19 37 3b 62 35 1e 20
78 7e 36 4 3c 7f 62 76 4b 3a 74 68 3a 57 2d 79 74 33 18 30 7c 3b 3b 5 27
7e 30 77 f 2d 6d 3a 78 14 3e 60 36 6d 57 6c 77 31 64 18 7a 75 2c 63 19 6d
65 30 23 56 6b 6e 3a 6f 4a 6d 68 30 73 4b 7a 78 2c 3f 4b 6e 3b 37 3b 41 3c
36 39 25 5c 21 22 76 3a 47 36 31 6a 7b 49 2a 36 25 7a 43 2a 36 23 70 59 34
75 24 79 57 30 73 25 34 18 6c 30 64 78 59 3e 27 63 71 16 2a 25 65 73 d 78
24 7f 6b 42 7f 29 7d 6e 5e 79 2b 79 63 53 67 2d 36 63 49 78 27 37 60 55 63
30 21 2c 55 77 73 2f 2c 56 25 64 28 25 19 20 68 28 2d 1 3d 79 2c 61 7 21
3a 30 64 f 3b 2d 64 28 13 3d 2b 7b 37 50 6f 3b 7d 3f 5a 6e 74 32 36 4d 6c
78 2e 3f 46 3e 77 20 27 41 3f 38 6f 2a 40 29 7b 62 23 4e 36 6b 2d 2e 4d 2d
63 27 63 2 7f +
Bob
4c 68 29 3d 66 41 63 65 26 7c 47 75 2e 25 62 4 72 23 3c 75 47 69 20 73 61
4d 61 39 6e 76 e 61 20 75 24 19 66 29 3a 3d 1f 70 65 33 20 e 3f 7d 34 37
4d 3e 74 23 31 e 3e 76 29 63 19 3e 75 68 31 5a 19 7c 75 26 1e 5 30 69 3b
10 f 7c 4a 26 5 5 73 57 35 0 1e 25 18 65 2d 1e 3d 1f 7e 20 56 71 5e 2c
6d 19 33 11 30 61 2 37 17 2c 25 4d 75 58 70 66 c 39 43 6a 60 43 36 43 74
6c 59 28 c 28 2f 18 64 4d 7a 25 3 28 40 7d 34 2 37 f 21 77 43 7b 4e 73
77 43 7b 45 21 75 42 30 a 24 73 59 7c 4b 76 3e 16 3e 4 66 28 d 72 2 60
6b 0 6b 1f 7c 7b 4f 29 50 20 38 e 65 56 26 7b d 60 4f 31 7c 42 65 4e 63
6b 45 6c 1 66 6d 46 6c 4e 3a 2e 7 20 f 68 4 48 3f 5 7f 9 7 3a 1e 2d
44 48 78 51 71 7 46 34 55 6a a 4d 78 55 3f 49 51 79 55 26 4f 1e 3b 1a 7a
c 5f 77 1f 6d 1c 44 3b 1c 76 14 4e 77 7 6c 12 1 7d 4 71 6 b 63 18 23
9 5 7c 3 71 19 1a 62 5 6d 1d 55 20 4a 31 5e 14 6c 51 2b 58 5b 77 5b 35
57 14 68 5c 28 5a 1e 24 52 2e 19 1f 21 5a 34 e 50 63 15 68 4d 11 2f 2e 72
4f 1a 63 20 6e b 55 42 2a 6e 6 53 4b 65 7d b 1b 7 50 6a 6 15 18 1f 36
45 54 54 5e 64 43 4d 5d 43 6f 54 4a 58 42 7a 17 44 58 44 7e 11 b 1a b 22
52 4a 56 17 25 52 4e 53 16 70 11 55 57 1c 22 1e 53 5d 16 70 12 49 45 59 6d
17 6 4c 40 7a 6 10 54 47 61 b 18 18 6 33 46 57 5a 49 28 4b 18 42 4e 3b
5c 57 5d 55 26 51 5d 11 14 74 1c 12 53 5b 6f b 5d 52 41 6e 1c 12 5f 9 3c
1c 12 5e 3 6e 16 13 12 18 74 14 8 5e 4 72 18 9 57 4b 2e 5b 48 1b a 7c
48 4e d 0 60 4e 45 41 1b 7a 48 a 5a 1c 67 47 0 16 3 79 45 c 1f 4c 25
6 4d 53 d 77 1 57 51 45 71 42 53 53 45 74 1 4b 57 4b 72 42 4d 4f 4 77
40 4c 57 18 25 d 3 15 57 79 4e 18 11 59 7f d 5 12 43 63 a 4a a 44 78
7 42 46 5f 62 1 40 a 5d 75 c f 0 40 68 2 40 18 47 7f 41 4c 1b 44 61
47 44 12 b 77 51 4c 5e b 70 46 46 5c 44 76 4d 4c 10 58 70 41 4d 19 17 2c
2 c 55 56 7e 15 b 5c 40 2c 5 9 51 5c 36 3 2 1d 5a 30 40 43 51 1b 62
d c 54 0 30 19 2 4b 4f 36 12 c 53 0 37 10 e 5a 4f 26 1c d 59 55 26
5f 4c 15 14 74 12 3 13 1e 75 5 4c b 19 62 46 50 6 1b 75 9 1f 6 1d 6c
f 50 1e 1a 7b 4c 59 1e 1a 7e 4a 44 1 55 6d 47 c 4d 4a 73 45 d 55 56 21
8 42 17 19 7d 4b 40 e 5 7b 8 4e 45 4a 6b e 4f 9 48 76 1f 45 45 48 62
5c d 4c 4a 30 11 42 e 5 6c 52 5e 7 f 7a 42 11 45 40 26 1 50 9 5c 31
7 5b 16 13 6d 44 1a 5a 52 3f 53 1d 53 44 6d 57 0 50 5c 7a 50 4f 12 13 26
13 e 5e 35 74 3 4 57 34 26 9 1f 1b 2f 3c f 50 11 35 3d 18 1f 9 33 22
1e 50 11 34 39 e 1f a 3e 2e 6 50 48 71 72 45 11 4 73 75 55 a 48 7d 20
16 2 4b 66 72 6 19 55 66 6e 2 56 56 67 3c 3b 5c 54 69 3d 78 1d 18 28 6f
35 52 1c 22 3d 21 5c 3 6d 2e 62 51 6 65 7c 63 51 13 26 2e 66 4b 13 25 7c
6a 3 5f 26 67 6f 9 13 67 35 22 46 51 28 2e 35 9 5f 22 3d 22 15 13 29 20
36 14 5f 3f 3d 20 9 13 3d 26 2d 2 5f 33 3a 69 4d 47 34 2d 64 2 4c 32 2b
74 4d 59 38 79 39 2 1b 77 25 7a f 2 6a 39 6a 40 17 60 6b 7c 5f 5b 21 39
31 10 19 6e 22 3c 5f 1 69 35 7f 47 8 6a 2b 3c 5f 5 71 3c 2d 10 47 3e 60
6e 51 b 28 7d 78 1e 10 26 7c 3b 3 15 2e 66 2c 4c 18 23 7b 3a 57 54 38 61
38 4c 18 79 33 75 3 5a 36 24 60 5 5a 79 21 62 1e 53 64 73 2f 51 11 2b 2f
6c 64 18 2a 3c 7c 2b 1a 20 38 7a 36 56 2c 25 74 3c 1a 21 36 74 38 56 28 36
78 3a 1a 33 2c 7e 75 1 39 32 71 3a 43 76 6e 32 7b f 7a 7d 3f 33 17 35 68
35 28 5b 3b 6d 37 3e 17 7a 3f 7a 71 55 35 29 6b 7f 4e 29 7b 71 75 2 68 29
3c 3a 40 27 22 3a 75 47 26 3f 2e 3a 58 3c 20 20 72 55 27 75 30 3d 5a 27 6a
3a 3c 11 64 38 3b 26 9 2b 6d 2c 28 c 2a 38 3b 67 e 2a 6a 2d 7b 7 65 36
6e 3a 4b 24 64 44 75 54 2e 73 49 3a 51 35 21 5e 3c 50 3f 73 5c 3d 1b 70 60
58 3b 19 3f 61 5e 3a 16 24 33 67 30 14 2a 32 24 28 19 36 60 33 28 1a 32 32
7e 67 58 7d 6e 3d 7f 5c 73 6e 79 63 10 52 7d 78 6e 5 11 2f 5a 6c 4 17 62
19 2d 48 56 30 54 62 49 40 62 5f 68 44 4b 37 4f 27 46 4b 65 4b 27 45 40 37
6 68 7 f 6b 45 63 1e e 3e 52 2c 19 f 23 46 63 1d f 26 5 60 1e e 33
46 7c 17 f 22 51 33 32 40 36 57 38 7e 47 21 46 77 3c 8 7d 5 36 70 e 7b
41 35 70 41 6e 4b 2e 3c 46 79 5a 61 35 4f 2b 4e 6b 79 41 30 43 23 61 e 29
45 29 7f 7 2e 4a 66 3d 48 72 9 27 71 4d 65 19 3c 3d 43 37 19 3c 3d 43 30
8 73 7f c 6c 4b 32 33 b 7b 5a 7d 39 5 6a 5c 32 3c 19 38 58 38 24 2 23
55 70 68 19 3e 16 77 61 0 6c 1 70 6c 1b 3e 1 70 6c 1b 39 10 3f 73 1b 26
16 24 76 19 31 6 6b 6e 19 34 4 76 66 5 66 9 70 6d 2 60 4a 31 21 43 32
7 7e 2c 42 67 44 78 34 d 77 52 65 36 11 25 50 64 7d 5e 24 46 68 7a 42 76
b 27 38 d 2a 48 21 20 42 3b 44 23 29 d 2f 55 23 28 42 2e 59 21 21 d 2c
56 2f 2e 7 7e 42 28 23 1a 2c 55 2f 26 1b 39 45 60 2b 1d 25 1 7b 67 13 24
42 60 63 19 2f 1 66 7c 56 35 7 7b 75 19 69 44 3a 39 58 3b 48 3b 30 17 26
c 74 28 10 31 2 3b 34 d 2c 7 31 2b 11 31 16 2d 67 d 22 1c 26 2b 11 3f
5f 67 67 50 6d 12 28 63 5a 3f 6 26 7c 15 3f c 2e 78 e 6d 41 61 3a 41 31
2 62 39 41 28 41 62 20 5a 76 2 4c 21 58 6d 4d 3 24 43 38 42 0 68 48 25
1 1c 71 53 3f b 1d 3a 1c 20 7 0 33 53 7c 44 41 7f 12 2e 54 5b 70 16 2f
17 40 74 1c 7d 18 46 7e 16 2f 14 5c 66 57 7d 59 13 24 18 21 18 5c 1c 1f 36
5b 70 1f 1c 2b 4d 6d 53 3c 2c 5a 22 50 35 7e 6a 3d 5d 39 69
diff --git a/puzzles/crypto/210/key b/puzzles/crypto/210/key new file mode 100644 index 0000000..73d7fe3 --- /dev/null +++ b/puzzles/crypto/210/key @@ -0,0 +1 @@ +The Colour Out of Space diff --git a/puzzles/crypto/210cbc.py b/puzzles/crypto/210cbc.py new file mode 100644 index 0000000..c554878 --- /dev/null +++ b/puzzles/crypto/210cbc.py @@ -0,0 +1,20 @@ + +import cbc, crypto + +alice = b"""I'd say this was easy, but we didn't give them the key, did we? I'm adding some text to give them something to work with: Commencing his descent of the dark stairs, Ammi heard a thud below him. He even thought a scream had been suddenly choked off, and recalled nervously the clammy vapour which had brushed by him in that frightful room above. What presence had his cry and entry started up? Halted by some vague fear, he heard still further sounds below. Indubitably there was a sort of heavy dragging, and a most detestably sticky noise as of some fiendish and unclean species of suction. With an associative sense goaded to feverish heights, he thought unaccountably of what he had seen upstairs. Good God! What eldritch dream-world was this into which he had blundered? He dared move neither backward nor forward, but stood there trembling at the black curve of the boxed-in staircase. Every trifle of the scene burned itself into his brain. The sounds, the sense of dread expectancy, the darkness, the steepness of the narrow steps-and merciful heaven! . . . the faint but unmistakable luminosity of all the woodwork in sight; steps, sides, exposed laths, and beams alike! """ +bob = b"""No, and they\'ll have to figure out the key for the next one too. Here\'s some Lovecraft: "Nothin\' . . . nothin\' . . . the colour . . . it burns . . . cold an\' wet . . . but it burns . . . it lived in the well . . . I seen it . . . a kind o\' smoke . . . jest like the flowers last spring . . . the well shone at night . . . Thad an\' Mernie an\' Zenas . . . everything alive . . . suckin\' the life out of everything . . . in that stone . . . it must a\' come in that stone . . . pizened the whole place . . . dun\'t know what it wants . . . that round thing them men from the college dug outen the stone . . . they smashed it . . . it was that same colour . . . jest the same, like the flowers an\' plants . . . must a\' ben more of \'em . . . seeds . . . seeds . . . they growed . . . I seen it the fust time this week . . . must a\' got strong on Zenas . . . he was a big boy, full o\' life . . . it beats down your mind an\' then gits ye . . . burns ye up . . . in the well water . . . you was right about that . . . evil water . . . Zenas never come back from the well . . . can\'t git away . . . draws ye . . . ye know summ\'at\'s comin\', but \'tain\'t no use . . . I seen it time an\' agin senct Zenas was took . . . whar\'s Nabby, Ammi? . . . my head\'s no good . . . dun\'t know how long senct I fed her . . . it\'ll git her ef we ain\'t keerful . . . jest a colour . . . her face is gettin\' to hev that colour sometimes towards night . . . an\' it burns an\' sucks . . . it come from some place whar things ain\'t as they is here . . . one o\' them professors said so . . . he was right . . . look out, Ammi, it\'ll do suthin\' more . . . sucks the life out. . . ." The Colour Out of Space""" + +def C(text, key): + out = bytearray() + for i in range(len(text)): + out.append( text[i] ^ key[i] ) + + return bytes(out) + +IV = b'ahiru' +key = b'color' + +encode = lambda t : cbc.cipherBlockChainingE(key, IV, C, t) +decode = lambda t : cbc.cipherBlockChainingD(key, IV, C, t) + +crypto.mkIndex(encode, decode, alice, bob, crypto.hexFormat) diff --git a/puzzles/crypto/220/index.html b/puzzles/crypto/220/index.html new file mode 100644 index 0000000..23afa0b --- /dev/null +++ b/puzzles/crypto/220/index.html @@ -0,0 +1,2 @@ +
Alice
1c 1e 38 7 52 4f 72 72 71 2b 18 58 6 52 4 74 65 6c 78 37 16 53 18 c 1d
6c 6e 36 3a 2b 5f 4f 4c 5 54 2a 27 7f 20 25 18 43 47 52 0 67 73 77 31 27
18 45 47 7 11 33 7d 7d 65 66 13 46 58 14 2 37 76 72 24 61 1d 41 17 1e 53
64 73 78 20 67 58 e b 1 44 62 31 3e 68 62 1e a e 45 1c 6b 6c 7b 79 65
1 0 1e 16 15 7f 70 72 20 64 17 13 5f 7 0 2d 20 72 34 62 19 c 40 41 5d
34 38 7e 2c 29 c 5d 59 18 4d 2b 39 64 38 38 a 4b 43 58 18 35 76 65 27 31
11 54 52 56 4f 72 18 7c 7a 76 a 56 17 3f 1f 7e 7b 7e 24 5a 1b 36 5e 9 45
7e 24 77 4f 61 57 e c 40 3b 6d 5e 77 63 2b 1f 46 4d 2a 6 22 72 3f 35 a
4b 73 4a 13 15 6a 7a 24 6 77 50 1f 4 5d 26 61 52 31 69 7d 57 11 e 72 6
79 75 3b 7e 52 5e 21 16 18 5e 75 38 2e 44 71 e 19 1c 5b 30 7d 10 7c 7c 3f
5c 50 12 76 10 71 64 3b 39 56 5c 22 1e 44 5c 71 28 7c 56 64 5c b 19 4d 35
7c 41 2e 79 2e 40 59 5c 20 a 67 73 25 2b 0 5 75 8 6 41 28 20 76 1 6e
56 1 5e 45 75 2b f 76 71 3f 56 4a 47 6a 1e 33 7b 22 6a 2 47 6a 13 16 9
7a 64 26 4 65 48 a 5a d 72 3f 5c 24 7c 69 +
Bob
c 1b 35 0 52 41 31 69 63 20 19 4f 33 48 17 46 74 39 29 26 56 6 32 1d 47
12 28 3f 75 6e 4b 7 7f 4d 1d 5f 74 25 60 3e 49 12 32 4 5 47 25 69 70 70
1e 50 29 40 5e 4c 3b 3e 18 32 56 44 60 1b 79 13 14 33 64 74 5e 6 76 34 b
3a 7d 3b 26 5b 49 3d 5f 1e 47 3e 26 3d 1d 79 7 38 57 48 3d 3e 4e 6a 55 68
1d c 56 2b 30 3e 5d 3d 78 4e 55 6e 1e 29 1d 7d 3d 37 f 42 58 62 19 52 7d
7d 9 39 c 72 19 13 15 6c 7c 35 c 6d 7b 19 5 76 15 78 9 7d 7d 70 11 58
50 31 15 18 77 71 57 35 5d 6b 15 3 5 38 29 71 47 70 23 5d 13 38 5c 26 51
3d 25 33 48 55 56 75 48 57 66 2d 46 2 1d 2e 6e 4b 5a 27 76 3b 12 a 6b 49
7e 24 1b 61 1e 7e 3e 1c 48 5 3c 6b 1f 4d 21 3f 53 1c a 29 71 9 5a 32 26
3e 42 10 67 12 30 7d 57 26 9 33 7b 44 5d 47 28 28 56 5b 32 34 51 43 8 3a
37 56 5f 71 61 2b 4 5b 76 19 2c 6b 52 24 13 34 61 49 4b 45 3e 3c 14 0 2a
7a 5e 1e 53 20 3e 49 12 3b 3b 32 49 59 21 5c 37 72 5d 3c 45 35 3c 17 26 59
72 3c 15 4b 54 79 30 52 5b 2a 34 5e 59 5f 7b 79 1a 5c 3b 2f 70 49 d 72 1b
2d 73 1f 3b 6 3f 69 48 a 58 2c 36 4a 5 2a 6a 4b 43 42 6d 63 2 1c 2e 25
3c 4d d 67 5a 6b 35 59 6d 15 79 74 5 41 1a 25 63 0 58 23 68 57 5 17 39
60 55 48 20 7b 1 5b 4e 75 54 3d 36 76 3a 55 56 3b 5c 52 5f 3b 7f 39 4e 3a
4a 53 4b 1e 3d 6b 55 24 34 6a 43 5 e 75 58 60 78 34 6c 12 46 32 2 19 2
66 71 27 5c 39 43 15 e 14 2f 60 f 63 74 70 c 15 14 67 7 7c 69 2c 66 e
4b 61 15 7 46 7d 34 39 2 66 4d 3 19 14 70 39 19 28 70 63 8 b 4d 71 4
3f 63 6d 62 51 1f 34 51 2 e 71 67 7b 18 64 1f 17 14 9 71 77 1f 77 37 66
2 15 3 70 45 61 31 39 35 5 51 6b 41 45 54 29 35 3a 4b 20 54 54 5f 50 6b
7f 19 3c 31 32 5f 57 1e 77 59 7a 3d 2c 77 1e 44 77 5a 49 12 2d 60 36 57 26
16 51 5e 14 23 2a 4d 7f 22 7d 17 1a 4d 6d 4b 38 65 7f 3a 1d 17 3d 18 31 5f
77 7f 7a 52 5f 14 7f 0 1a 26 64 54 61 11 7f e 1a 44 27 7c 21 5 2e 6c 55
42 36 1 67 d 62 62 29 16 b 5a 6a 17 6 36 63 53 29 4a 6e 4a 1 1a 73 38
7f 18 39 72 17 5c 65 b 70 52 7f 31 29 16 19 5b 7d 5f 53 7f 7f 9 3c 18 3c
1c 54 1a 7b 5b 77 35 7d 24 1a 5d 68 50 46 66 3b 46 32 7 6a 56 3 5a 28 27
2d 54 22 23 49 4e 27 d 36 4a 6a 25 2a 7 44 44 64 1a 4c 60 75 40 22 16 21
47 44 1 28 64 6e 10 67 30 8 47 78 6 75 5f 26 3a 22 16 18 4d 6b 47 5e 61
28 4 63 4b 2e e 4f 46 24 2e 31 e 6a 20 57
diff --git a/puzzles/crypto/220/key b/puzzles/crypto/220/key new file mode 100644 index 0000000..de2bb17 --- /dev/null +++ b/puzzles/crypto/220/key @@ -0,0 +1 @@ +open meadows diff --git a/puzzles/crypto/220cbc.py b/puzzles/crypto/220cbc.py new file mode 100644 index 0000000..acf0e0b --- /dev/null +++ b/puzzles/crypto/220cbc.py @@ -0,0 +1,15 @@ + +import cbc, crypto +from transform import transform + +alice = b"""You know, I just realized it's kind of smug for us to be talking about how easy or difficult these puzzles are we we're making them rather than solving them. We've tried really hard to make them so that you don't have to follow some specific thread of logic to get to the correct answer; you just have to puzzle out the mechanism involved.""" +bob = b"""The next crypto function is something simple, but new. Here, have some more Lovecraft again: Ammi shewed them the back door and the path up through the fields to the ten-acre pasture. They walked and stumbled as in a dream, and did not dare look back till they were far away on the high ground. They were glad of the path, for they could not have gone the front way, by that well. It was bad enough passing the glowing barn and sheds, and those shining orchard trees with their gnarled, fiendish contours; but thank heaven the branches did their worst twisting high up. The moon went under some very black clouds as they crossed the rustic bridge over Chapman's Brook, and it was blind groping from there to the open meadows. open meadows """ + +IV = b'ahiru' +keyE = [2, 4, 0, 1, 3] +keyD = [2, 3, 0, 4, 1] + +encode = lambda t : cbc.cipherBlockChainingE(keyE, IV, transform, t) +decode = lambda t : cbc.cipherBlockChainingD(keyD, IV, transform, t) + +crypto.mkIndex(encode, decode, alice, bob, crypto.hexFormat) diff --git a/puzzles/crypto/230/index.html b/puzzles/crypto/230/index.html new file mode 100644 index 0000000..3ecd630 --- /dev/null +++ b/puzzles/crypto/230/index.html @@ -0,0 +1,2 @@ +
Alice
d3 d 1f 7 df 59 a2 c1 aa 1 c3 4b 69 4c a8 6a ab 3 ef 4c a 46 a2 87 b4
a7 e3 5d 69 53 21 80 f7 8 c7 ca 25 5d e8 8f 6b c7 b5 48 71 c1 6f 50 a8 e1
64 f7 e4 88 93 f7 8d 9e 24 3e 39 1a 39 c8 d2 d5 98 dc 28 79 5d 1b 6e d7 b
ef 9e a 39 86 7c 17 a4 a2 6e c1 b5 29 86 11 51 31 b 3b bb d0 4 fa f 9d
2c aa 9d a6 38 f6 84 63 53 a7 71 5a ca b5 3b b7 ee 71 53 d1 79 8f 2 b5 6f
f7 2a e2 5a e 89 c2 89 e8 f6 11 57 29 8d 82 98 d8 c9 67 62 76 59 69 5 c2
f9 d7 cb cc 9c 3f 58 6f 2c 74 c9 d9 e c c2 3 19 ba ab 71 aa aa 94 8d ef
46 4f 74 3 67 d1 e2 13 e5 16 66 38 f5 50 e9 b4 b 42 a7 25 73 dc bd 94 b
b5 51 52 30 f3 7b a2 a0 7 49 b2 76 96 fb b8 62 b6 39 9b 24 c6 1f 1b 38 d4
6f ac be 18 29 bd 7d 90 f8 b 1c f1 25 99 e9 dc 79 c4 31 94 1c a 6d dc 33
dc a7 2 72 de 1c 2b af 4 45 81 b9 4e a6 f3 5d 79 1a 4f 64 83 f8 af ee 0
65 7d 5b 8d b6 cb 9 f4 73 26 66 a7 80 d5 d2 f2 42 31 69 45 79 d1 1f cf f3
f7 54 c1 7c 9e 87 d1 71 dc 37 11 50 1a 7b db 9a 90 b9 e2 7f 5e 24 4d 99 e5
df c1 eb 7f 89 42 62 80 a1 7 d3 f5 23 55 ad 15 54 d3 c2 4f 94 d9 35 60 fe
54 6d df b 26 de 2 6f 81 d6 2 90 0 20 72 ec 50 c3 d3 e1 8b 90 74 76 92
6d 27 1d 4 23 8 7 ab ac c2 aa e7 45 4b 73 8e 81 e0 e9 e1 27 16 95 4b 43
ca 98 33 ad e3 51 1f d4 48 89 97 ab 7c f3 2c 59 3f 15 55 a1 dc ba f7 c3 48
57 7a 9e 73 c5 c2 fe 3d d5 77 6d 8d 1f 7e 0 5 6d b4 19 bc aa 5 53 b9 90
8e ac ff 4e 2c 2d 4d 9d b2 cd cd ad 36 59 68 43 44 d8 c2 c8 d0 d0 6a 65 63
59 58 1e cb 14 d9 98 aa 64 fc 53 17 5f e 52 95 bf fa f2 fe 1c 3b 5a 9c 93
a8 fb ef 3b 20 40 3b 9d d4 0 e5 c9 32 69 bd 4b 5d da c 67 eb d4 7f a4 1d
72 50 d5 84 aa fd de 73 6f 27 7b 57 5 e1 c2 e1 97 b2 92 77 8b 24 92 35 e5
24 ca 39 1b 93 cd 2a d3 b6 20 13 c2 7c 5d cf d5 6d 12 83 45 43 8 f2 32 ec
ee a6 52 c0 8d 71 42 bc 20 55 e2 d0 9c c8 f0 46 58 3f 6c 50 d2 d9 dd cc f3
5c 19 7c 68 99 df 9d dc 1d 33 50 1e 79 c3 c9 d8 9f f 25 47 50 1a f1 ce fd
d8 9f 85 43 27 51 1a 39 ea 9 e6 aa d8 98 b4 86 86 38 3f 5a 26 66 d1 a2 eb
a 5 65 59 98 a6 a0 3 bf 6 4f 32 a6 4f ad c3 f2 53 ea 5b 6d 32 f2 4e fb
e1 bd 9f ee 92 71 3a 41 88 39 f0 c8 a3 20 a4 30 6c 42 d6 43 b4 cc ec 7f f9
74 69 9a 1e 99 b4 4 1 b0 37 23 ab b1 90 d3 cc 39 93 3 72 66 c0 75 be 19
9 52 6 62 b7 aa 92 a7 13 5a 31 5c 89 d6 eb f7 e8 23 75 55 8b 8d d0 7 bf
24 2b 30 b5 59 c7 b c9 54 f7 64 a3 6c ea 8c c4 4c 2 4e 38 6c ed b6 b2 d4
f 80 46 59 69 9d 15 eb ec 1a 43 9d 82 80 be a5 15 25 24 66 3a a1 ca c8 11
a2 4d 75 28 a2 49 d9 d7 dc 4a ec 50 67 3c f4 73 d3 2 d1 5c 9 5c b7 70 f6
93 9c 45 18 9d 55 2e ea bf 3b 9f e 6d 56 de 1a ee 7 f9 7a de 82 a8 9a 13
5d 26 88 38 b2 c2 cd 68 df 24 26 64 6 6c d0 c9 a b2 cc 73 43 ea 46 64 1e
a5 79 ee b ba 4e e 8d b1 9a d8 af 23 23 1 67 8f cc cb e3 5 2a 41 64 91
a4 be e8 d 1 84 4d 89 f3 b7 2b d9 2c 61 56 d 6a c4 4 fa 9f f 76 b3 9c
18 ef 1e 5e 31 d8 86 b2 f6 e4 6d 12 55 84 9e 8 96 b7 26 34 a7 13 5b c6 1a
89 b2 f7 66 fa 11 40 98 d 5a ab e8 3b bf ba 38 7c cb 5a 5b b5 f9 67 ba 85
35 78 17 99 2c c6 f9 ae 7f a1 5a 76 5a a1 4b c1 b6 f2 40 f1 27 45 99 eb 61
9 d6 36 8a c 83 5e a1 24 b5 65 d8 44 c7 59 f 61 a4 7b f0 9c 4 88 dd 61
16 a8 33 3 1f 9f 88 c0 ae b3 14 68 64 47 4c 9e c8 7 e0 f7 19 66 e9 9b 89
9a 8 4b 31 23 1 e8 fd a3 c2 a6 8d 5f 4b 70 4f 20 81 fc 18 ea c3 2b 5c b4
86 66 d fd 4e 25 7 bb 23 c7 b3 a6 4d ca 75 3a 35 fe 2e e7 bb c7 8c c7 9f
7d 6f 2f 65 41 f2 7 c0 17 a3 7d a9 74 b8 8d f 41 13 98 6 a4 d8 ff 78 d1
30 18 88 1f 62 f0 92 3f ac 1e 30 13 e1 51 b3 bc 9c 94 e5 9d 22 29 20 4b 3d
b3 bd 0 ee dd 4e 7d a5 87 73 e7 8 59 69 e4 87 e8 f6 1c 9e 69 8d 99 b2 2a
7 6d 36 40 a 91 8 d9 fa b1 1 9b 39 5e 30 91 1f 1b fc df 16 9e ae 91 7a
da 3f 45 3c 1d 1e cd e0 a1 b2 9f 63 8b 56 59 1d c3 1 c2 f8 af 23 a2 73 9c
40 b6 50 a1 44 e7 38 f4 87 f1 8f bd 85 69 8f 29 3c 33 cf 5 c7 b5 c0 31 ab
6a 46 74 17 57 d ef 1a a5 b9 81 8a b9 4d 58 11 1e 9b e0 f7 a6 aa 7d 95 8d
31 46 13 7b 23 c4 d4 b8 dd c9 6d 63 56 3 47 b 6 e4 aa a9 a6 a8 44 22 43
45 88 f5 c9 f1 ef 64 57 67 9c 31 c f6 14 44 a1 a9 80 b7 fe 87 4b 27 56 90
69 da d2 c1 2c c 1a 60 68 d5 a4 ae c0 1d 44 4e 4d 67 f5 ac +
Bob
d4 5 4 a2 df 5d ae ea 86 1 4 41 61 67 b7 a8 a1 11 6 52 4c 81 a7 b2 c5
c1 5b 89 8a 39 16 ab 7b 7c 14 d8 8b f1 14 b3 18 20 94 b3 9d ac c8 3f 40 47
38 61 d2 eb a9 b7 f2 32 4c 58 46 73 c4 ef ea d1 fd 65 51 66 54 73 3 e5 11
d8 0 e4 4d f3 18 b3 8d e0 9e d8 3e 22 96 5 18 ca c9 32 b3 d8 5e 66 16 59
43 dd b b6 c4 9f 1d ed 27 63 2c a9 4f c8 f c 28 ff 65 a9 93 c5 21 17 43
1a 25 cb 82 f1 9a b6 2d 30 98 2f 33 f c9 33 c5 b7 e5 2f d2 6d 33 47 dd 7a
8 c1 e2 3 e5 9e 64 42 bb 8c 16 8 e9 46 1 da 9f 80 f6 ab 1e 1b 27 95 25
c2 ac c8 3e c3 57 8c 7c da 62 e5 6c 12 7b c2 84 f4 b9 dd 6a 2b 87 9b 78 e4
b2 15 7d 1d 93 4a db df cf 5 d1 69 7a 31 ac 65 c da db 57 f9 a7 3a 7b fe
8d 35 d7 c 26 2e b9 72 a6 df f2 4e 1a 45 77 79 ae ae f3 12 bf 3a 5c 9a b9
4c fa f1 3a 5e dc 7f 53 dc c1 56 b f2 71 7f c1 a8 95 e3 1d 58 84 77 86 bd
dc 64 0 32 58 52 1 e0 ca f0 dd af 40 68 82 56 40 ed 4 29 e6 d3 4f b0 a5
71 50 e4 5c 40 b7 e7 8f e8 e8 38 72 3d 48 97 b2 f7 d1 a8 1 35 81 78 4a ae
fb 22 1b c1 4b 75 b6 fd 7b ed f0 76 9a 19 8c 62 2 7a ba 2a c6 91 11 54 ce
51 16 bb e0 20 97 b9 57 40 dc 1 3c b9 e9 7b 91 c8 57 8c b 57 5b fd 25 85
d6 e8 5f d7 37 55 7a fa 39 de e9 ff 5a a1 41 7d 72 eb 93 a3 fc fc 88 3e 4e
76 88 68 a1 e0 f6 68 1a 52 8d 63 f1 f6 b6 3a e 85 9e 9a cb 81 10 1 32 29
67 9d ae c7 da ce 1e 43 6a 76 6d 9a a5 f 1b ff 2e 44 a8 86 8c e e6 5e 2b
25 aa 91 f0 d4 b 4f 27 9b 6e ab ee cd 39 19 8d 81 7d dc b5 53 2e 13 78 9f
e3 cb a4 d8 5a 73 6c 48 7f fc f9 cc fd 1e 61 8d 69 8b b3 c3 24 7 6d 49 75
c7 e7 3 ec 10 29 88 a7 4c b9 bd 2d 46 f8 9b 37 c8 e2 61 6 c4 13 42 5 bd
50 d3 f6 b3 58 e5 56 56 56 ea 80 96 f9 fe 8e 60 20 98 63 31 f2 b4 78 13 a6
8b 78 d8 a9 56 12 b8 71 40 f2 99 78 12 e8 65 14 f6 b9 97 1e d4 75 4d 26 bd
5a f9 e4 c8 5a 9e 78 8a 6c ba 2e f0 31 cc 4b ca 79 a1 6d e9 51 fd 83 e2 80
db 78 30 46 22 52 f4 d9 f1 d4 db 34 6b 94 6e 56 b8 4 27 e7 de 41 e4 cb 82
50 e4 87 41 2a 90 88 28 fa a 19 29 c7 98 b8 9c c5 29 2e 59 15 63 da 0 dd
c7 b 41 e0 72 6d af a3 8a e7 7 44 85 26 8e 97 e1 67 c7 23 1f 84 c9 6a dc
82 1d 27 ce 47 2c 99 9 68 e8 a2 1c a0 11 8e 49 ae 55 f7 2a ea 8e fd 98 a6
4e 22 94 35 4d 92 b6 3d 1b e3 1d 40 d8 fd 99 9b e5 6a 98 79 5d 63 18 3 19
c2 b f7 c0 b8 6c aa 95 6f 5b 6 39 77 9 fa 90 bc d9 83 88 1f 39 7f 65 23
ad f5 a1 ec d9 4c 79 48 93 79 c1 b9 e0 36 11 64 79 94 c4 b8 7 fd 74 73 54
ed 3d 17 e3 f0 33 c9 81 8a 50 a5 66 2f 31 ed 8b e ce c9 88 6d ad 63 64 37
b3 4c f 0 19 39 e9 81 a7 b5 b3 8c 27 8f 9f 1e 18 9 2a 34 c2 96 a6 a2 1c
60 13 47 45 ab f5 96 a9 ee 57 3b 17 49 99 ed b5 9e e9 2 57 47 16 88 ba b9
e4 97 26 9e 25 87 57 d7 3d c0 2f 97 78 d1 20 c9 12 1b 65 cc 2f 9d ab cb 6c
b2 13 51 69 b 3a df b3 d 86 b2 1f 53 a8 2f 35 aa e0 53 11 be 4c 40 e0 86
35 e9 f4 88 31 bd 8e 54 3c db 3c 1a b4 db 68 fc 93 5b 7e 11 7b 1d fe 1e c1
bd c9 96 bd 23 33 65 39 22 ce f5 c ca 6 60 7e 98 2a a7 11 f7 1c a 47 86
8b dc be f1 2d 6d 55 55 90 ca 4 db f4 24 6d ad 55 58 4 14 45 d1 b8 a0 85
e0 62 98 52 2a 74 c2 3a e0 cd fe 65 1a 96 68 73 f1 bc 25 c b5 75 4e c0 b7
38 6 ae 67 4d f8 a8 49 0 ef 8c 86 ab cf 65 6c 2b 5e 7c 13 cc c9 fd dc a9
64 60 8e 3c 26 c 9 2f d4 e a9 ac ca 64 87 8f 38 62 7 69 2f b7 10 a6 0
c8 39 b7 54 bd 28 b8 40 fb 4c 4 78 e6 94 c6 e4 f7 8a 30 2e 6b 7a 29 df 16
dd f3 cc 73 bf 58 33 64 16 54 98 bd 3 a0 f3 2e 7d b9 51 61 ce bd 4f ff c
65 7d e0 9f f4 4 f3 9b 2d 64 93 7d 3c 13 14 1a bd ce ba b9 9d 31 62 4f 9b
1d c3 f e6 45 af 6b aa 4a fe 3d f9 4d e4 9b b8 39 eb 8b 22 4d f7 4d 4e d1
e0 7e a3 b2 6e 88 f1 50 59 d6 20 74 f3 c3 3e c8 f5 80 25 a4 53 70 2e b 4f
95 fc c9 81 c5 1f 79 2b 30 70 9e fc db 10 1e 17 8e 3d af 85 9a 1c ce 85 6f
15 af 2e 37 9 90 8f c3 df af 2f 6f 6c 77 4a f1 f8 4 18 aa 86 8c af b4 4e
6a 1e 4a 5f f1 5 90 fb b5 53 ae 22 5d 46 c5 47 2 f8 f0 60 db e2 8c 97 14
50 71 6c 38 b2 90 5 4 a3 92 25 91 b6 46 4 c6 14 96 e6 af 41 a7 6f 4a 56
d1 43 d1 e6 fd 17 e7 70 94 98 a4 47 4 3d 78 40 e8 e4 cf 10 ef 7b 44 73 bf
8c fa f3 0 5a 6c 72 9a b5 ba 4 fd 31 4a 21 e4 74 c2 ae d2 8d b4 6c 4d 7d
1 74 18 eb 18 e7 fb a8 92 be 49 7d 43 39 52 d3 e a5 d8 c4 59 ee 53 70 63
9f 7a e3 17 1f 1e f6 91 b6 85 c2 84 3e 59 23 57 64 a1 ed d4 e6 a 47 53 9f
74 a1 f1 f6 32 be 6b 67 62 d9 4c e c9 1b 78 c1 ee 66 bb e5 64 4e 9 9d 99
d ef af 43 3e 9d 8a 5f a5 ca 1b 2f 81 53 6d 99 c3 32 b5 14 19 67 12 47 84
ad 8 a9 e0 34 73 9c 43 8b 1c b 1d f1 29 bb 96 ae 5f f 51 2 4f ed f1 ed
a5 e1 4f 86 9b 39 80 e6 27 3d b3 60 93 d1 d8 47 5 75 6b 70 e6 e5 19 9 13
7b 71 bc b3 fd f5 f4 5f 49 9f 3b 7d ec af 33 b4 a 59 91 d3 47 9e bb 27 7e
e8 2e 59 c6 a6 8d cb f8 7b 4d 2f 2b 8c 14 b7 be b8 2b f4 26 4e 78 ca 9e c2
92 f9 2a 30 69 2b 39 d8 a1 8 b1 f9 71 40 85 77 75 10 ef 23 b9 f6 a7 63 df
30 78 40 c5 7b b7 a a0 77 1c 40 ab 52 15 c4 d4 43 f9 fb 79 5d d6 8f 95 d9
83 82 3f 34 7a 2a 11 e1 dd e4 e a5 8b 78 4c a7 49 31 d8 ed 4f ec 13 7d 94
e7 4c a0 f 7 8d e0 80 b3 a2 53 86 31 4a 54 d9 66 d0 e9 c7 43 f5 64 4f 7d
ed 70 c4 f8 18 88 f4 79 58 b9 12 34 18 b8 55 99 c0 af 4e c5 10 6e 48 b2 72
9f 2 ec 59 0 17 a7 61 ee f4 d9 46 11 8e 5c 6e e9 bc 2d 84 7 8f 9c df 34
a6 22 7c 68 a7 4e ce dc c 48 dd 6c 68 a0 f7 52 ff c8 4c 66 dc 78 6f c2 ce
5f e a 6c 36 e8 a6 b1 6 1e 80 47 5f a0 c6 14 ef fa 80 76 9d 83 96 31 3
12 63 39 c5 ae d6 5 d7 6e 43 56 a0 75 d2 ef df 32 d7 6a 89 5e f2 7b 11 6
82 80 1e a6 ad 10 16 b3 51 21 c2 d6 29 ff cc 6c 16 df 99 6b cc 92 7e 2d 0
2c 25 13 c6 ac a1 5 a4 71 40 33 e5 46 14 a0 b0 70 f2 f4 4c 21 7 9c 54 f7
b1 a3 7c e0 61 34 83 1e 8c 0 c9 17 bd 28 e0 67 92 5c dc 88 c9 25 f7 70 2c
2f b6 9d b c3 b3 33 31 ed 6f 36 c1 13 91 a be 6e a4 77 a8 36 fb 43 d9 21
b9 8f e6 6d d2 7f 18 8e 6 63 fe d8 3f b5 13 78 59 dc 50 fd f1 d0 70 fc 27
7c 59 2 92 c8 f2 99 b6 3e 77 36 2a 5f c9 d9 b9 c4 fd 2f 75 30 54 8f c5 10
f0 dd 23 2b ac 78 58 5 d8 5b fa 96 e7 9f ff 62 56 95 39 9a c6 e5 30 de 28
65 71 c5 2 c9 5 b1 73 ae 74 eb 42 9 5c 1f 8b e5 ac bc 85 2e 7c 21 9c 32
c9 f0 cf 7c d0 6c 30 60 16 7f cc c7 b a6 19 2c 53 a5 45 fb c8 d6 40 fb 25
5d 16 f5 62 ce d1 93 83 17 3f 17 1c 2f b6 e1 a0 95 dd 22 43 34 1d 78 6 f5
a3 99 1c a5 65 85 15 b5 59 0 6b 9a 55 bf b1 9 1e b7 50 52 ac 9f 5b bc b2
33 11 c1 9c 5d a1 9d 23 28 ff 44 5d ce d7 94 d0 d8 7c 72 7c 41 5e dc 6 16
e8 d3 7f ae fe 73 52 f 5e 9e a3 92 7 f 3e 4a 1c e9 ca e6 c3 99 89 42 4e
6e 17 3f f3 b6 fe 9f da 55 26 79 13 76 ea e f8 9d 12 4e b8 7f 11 b9 c3 98
d 9e 9b 70 37 81 28 3e f 19 29 c7 cc f1 b7 c7 62 2c 61 52 50 c2 de 4 e3
db 50 68 ad 8a 6f 90 1c 4b 31 fa 50 a8 e4 a7 62 90 47 87 89 fa 18 e2 69 3b
7a 99 83 c e5 f3 18 30 ec 80 8b 91 dc 46 60 21 19 7b c1 c0 bb 96 19 6b 20
3a 13 fb e1 c8 b5 a0 5d 88 6e 7b 21 f1 25 e fe cc 5f b b1 70 68 81 af 5c
f5 9 34 5c fb 3b 9d dc c3 91 fd 14 71 25 30 23 a2 14 d9 cb 5 4d b8 43 35
97 e2 51 f3 1f 17 77 ff 61 c1 98 f1 21 1a 68 2c 72 cb fe c cf f5 6e 90 a8
5c 35 e9 70 24 d4 ba 9c 19 d4 60 7a 28 b7 73 c0 ff de 22 e1 20 72 6d d7 9f
0 f0 8 39 34 91 7d af d3 a4 18 f3 48 35 5d 90 7a ed a3 87 19 8 8c 53 2d
98 a5 1 b5 cf 1f 41 e3 46 69 9a d2 95 e5 e5 1 56 77 97 8a e7 d5 e1 2 2e
85 67 84 ac 16 17 f 36 45 ad 90 a7 16 ea 48 2 33 a5 98 e3 a9 c0 8d 78 79
47 65 6f 1a 18 ee 0 d1 fe ba 86 a1 62 8e 21 26 81 a 2d c0 b6 29 ea 13 7d
35 cc 89 ba 1b fb 58 26 9e be 62 98 d0 3d 54 fd 58 41 df f0 23 d9 f1 7d 50
b9 51 94 1c ec 4d d8 39 83 80 a7 18 d8 33 2c 89 b1 38 c4 cd 29 35 df 7a 68
b3 f5 79 1b e1 75 7c f fd 8b f4 f8 f1 62 2c 7f 7d 53 d c2 d f2 b5 bf 6a
a8 32 55 50 e 45 be fa e6 b5 ab 31 9c 4a 5c 8d a1 2b f8 ff 1f 40 c7 58 91
9e ef 79 f4 3c 50 4f ef 9c db c2 af 66 7c 68 65 38 c6 8 0 4 cc 26 ac a3
9a 67 6 5d 4e 2f f3 b3 fc c4 cd 33 49 63 6a 6e bf ec c5 f 8 7f 8d 6f aa
aa c 6f 12 4c 32 ec 1c 82 ed c6 89 b1 66 95 6f 1b 93 d 34 fc 9e 1 ad 18
3c 1f b1 4f f8 a1 9a 50 fc 67 4b 5a e4 95 c9 dc d5 8a 37 74 52 15 2d c5 dc
d5 9b d4 77 7c 5c 15 75 d9 e6 df a6 1c 43 8d 6c 86 b7 f9 6 cc 29 40 99 ee
6f c5 e4 3c 64 b1 68 9f d1 10 34 fa 26 1 f0 83 8e 6 ba 93 10 6e ad 5b 23
82 7 45 fc d 1b af e0 96 f7 b6 8f 95 39 80 7a 26 23 1b 60 f8 b3 d9 fd 1d
70 32 7f 96 aa b0 be a 24 43 3b 3a ea cb f1 cc bb 95 78 53 58 33 30 e fe
9a f3 a4 aa 65 5e 87 56 51 0 d3 67 f3 e5 af 64 c7 89 8e 40 c4 53 23 29 ed
51 df da b 57 d0 51 7e ed ed 58 d4 19 61 57 ec 66 ac 11 c4 61 c6 5d b4 7e
4 26 eb 5d 13 e4 c4 82 fe fd 86 6b 30 22 64 28 f2 10 ce 3 cf 7e a4 6a ba
11 d0 43 e3 9a b4 5e e4 91 5 3e da 44 2a aa b7 5e aa e 6 21 db 58 ad ee
ba 5a ed 93 9a 3b d5 4f 2 31 b8 5d b1 b7 d8 34 d8 21 54 47 f4 51 d1 b4 fd
7c d4 33 50 9c f7 14 d2 fc 30 76 ad 63 5c d2 f5 39 14 ff 79 7d f9 a0 99 e4
f0 35 80 38 8a 74 f5 34 d0 31 b4 73 d8 41 a6 4a b3 71 e0 5f ae 47 1e 91 81
23 e8 b8 2b 63 b4 81 4c c5 cd 40 29 eb 2b 6b e7 c7 80 d e 88 54 35 f3 b1
2a d0 17 62 50 a2 64 be c f9 37 c4 53 ae 5b a2 6a f7 49 ff 4d fe 92 af 8e
e8 7f 20 5c 76 89 f9 0 f8 1d 2e 78 bb 5a c7
diff --git a/puzzles/crypto/230/key b/puzzles/crypto/230/key new file mode 100644 index 0000000..b765c05 --- /dev/null +++ b/puzzles/crypto/230/key @@ -0,0 +1 @@ +quavering tendrils diff --git a/puzzles/crypto/230cbc.py b/puzzles/crypto/230cbc.py new file mode 100644 index 0000000..78afd30 --- /dev/null +++ b/puzzles/crypto/230cbc.py @@ -0,0 +1,38 @@ + +import cbc, crypto +import diffie + +alice = """Lets do a diffie hellman key exchange, Bob. The next puzzle will be encrypted using CBC and sha512(.) ^ text as the cipher function, +and an IV of 0xaa 64 times. The prime is: %d, mod: %d, and I chose %d. Also, have some more Lovecraft: Too awed even to hint theories, the seven shaking men trudged back toward Arkham by the north road. Ammi was worse than his fellows, and begged them to see him inside his own kitchen, instead of keeping straight on to town. He did not wish to cross the nighted, wind-whipped woods alone to his home on the main road. For he had had an added shock that the others were spared, and was crushed forever with a brooding fear he dared not even mention for many years to come. As the rest of the watchers on that tempestuous hill had stolidly set their faces toward the road, Ammi had looked back an instant at the shadowed valley of desolation so lately sheltering his ill-starred friend. And from that stricken, far-away spot he had seen something feebly rise, only to sink down again upon the place from which the great shapeless horror had shot into the sky. It was just a colour—but not any colour of our earth or heavens. And because Ammi recognised that colour, and knew that this last faint remnant must still lurk down there in the well, he has never been quite right since. """ % \ +(diffie.prime, diffie.mod, diffie.a) +bob = """Umm, ok. You'll need this: %d. The key this time is 'quavering tendrils'. Some more text to decode: West of Arkham the hills rise wild, and there are valleys with deep woods that no axe has ever cut. There are dark narrow glens where the trees slope fantastically, and where thin brooklets trickle without ever having caught the glint of sunlight. On the gentler slopes there are farms, ancient and rocky, with squat, moss-coated cottages brooding eternally over old New England secrets in the lee of great ledges; but these are all vacant now, the wide chimneys crumbling and the shingled sides bulging perilously beneath low gambrel roofs. +The old folk have gone away, and foreigners do not like to live there. French-Canadians have tried it, Italians have tried it, and the Poles have come and departed. It is not because of anything that can be seen or heard or handled, but because of something that is imagined. The place is not good for the imagination, and does not bring restful dreams at night. It must be this which keeps the foreigners away, for old Ammi Pierce has never told them of anything he recalls from the strange days. Ammi, whose head has been a little queer for years, is the only one who still remains, or who ever talks of the strange days; and he dares to do this because his house is so near the open fields and the travelled roads around Arkham. +There was once a road over the hills and through the valleys, that ran straight where the blasted heath is now; but people ceased to use it and a new road was laid curving far toward the south. Traces of the old one can still be found amidst the weeds of a returning wilderness, and some of them will doubtless linger even when half the hollows are flooded for the new reservoir. Then the dark woods will be cut down and the blasted heath will slumber far below blue waters whose surface will mirror the sky and ripple in the sun. And the secrets of the strange days will be one with the deep’s secrets; one with the hidden lore of old ocean, and all the mystery of primal earth. +When I went into the hills and vales to survey for the new reservoir they told me the place was evil. They told me this in Arkham, and because that is a very old town full of witch legends I thought the evil must be something which grandams had whispered to children through centuries. The name “blasted heath” seemed to me very odd and theatrical, and I wondered how it had come into the folklore of a Puritan people. Then I saw that dark westward tangle of glens and slopes for myself, and ceased to wonder at anything besides its own elder mystery. It was morning when I saw it, but shadow lurked always there. The trees grew too thickly, and their trunks were too big for any healthy New England wood. There was too much silence in the dim alleys between them, and the floor was too soft with the dank moss and mattings of infinite years of decay. """ % \ +(diffie.B,) + +alice = crypto.strip(alice) +bob = crypto.strip(bob) + +def Ce(text, key): + out = bytearray() + for i in range(len(text)): + out.append( ( (text[i] + key[i]) % 256) ^ key[i] ) + + return bytes(out) + +def Cd(text, key): + out = bytearray() + for i in range(len(text)): + out.append( ( (text[i] ^ key[i]) - key[i]) % 256 ) + + return bytes(out) + +IV = b'ahiru' +key = b'space' + +encode = lambda t : cbc.cipherBlockChainingE(key, IV, Ce, t) +decode = lambda t : cbc.cipherBlockChainingD(key, IV, Cd, t) + +if __name__ == '__main__': + crypto.mkIndex(encode, decode, alice, bob, crypto.hexFormat) diff --git a/puzzles/crypto/240/index.html b/puzzles/crypto/240/index.html new file mode 100644 index 0000000..1abd607 --- /dev/null +++ b/puzzles/crypto/240/index.html @@ -0,0 +1,2 @@ +
Alice
e3 75 ff 47 8e 96 a3 b 46 47 76 af a9 4 d6 13 99 65 79 d7 bd 3f 3a 5e f1
c4 29 f5 c 45 74 77 b6 84 4c dd 9 38 9c f6 bf a6 d6 ef 11 b5 22 b7 f7 b7
2 65 6b 84 7 3e 76 68 e3 d6 9b 3e 8a 95 92 a1 e6 a6 f9 a0 e4 ae aa a8 ab
bd ef fe b3 b2 b5 f0 b6 ae ee f0 e5 c3 ed ab e1 ef ee de b6 a0 f3 ec a2 a2
aa a9 a0 ae aa f8 fe a8 b7 aa aa ab bb f8 bb e2 b1 b0 ed b2 e7 ee f9 b7 ac
a0 bc a4 +
Bob
bb 29 86 18 a7 e0 a6 33 ec bc df 73 3e b5 dc 76 66 6d 74 68 30 81 9b 42 a1
41 ac 3b ee ab 3d ae d4 ae d0 33 d9 11 1 e4 57 3f 61 14 9b e2 85 f5 89 e0
cf 94 d8 56 71 a ec 99 7a 5d 4 7e 68 93
diff --git a/puzzles/crypto/240/key b/puzzles/crypto/240/key new file mode 100644 index 0000000..acc5b82 --- /dev/null +++ b/puzzles/crypto/240/key @@ -0,0 +1 @@ +in the same vein diff --git a/puzzles/crypto/240diffie.py b/puzzles/crypto/240diffie.py new file mode 100644 index 0000000..0120525 --- /dev/null +++ b/puzzles/crypto/240diffie.py @@ -0,0 +1,25 @@ +import crypto +import cbc +import diffie +import hashlib + +IV = [0xaa]*64 +aliceKey = hashlib.sha512(bytes('alice.%d' % diffie.key, 'utf-8')).digest() +bobKey = hashlib.sha512(bytes('bob.%d' % diffie.key, 'utf-8')).digest() + +alice = b"""Only one more puzzle to go. They'll never get it though, since we use a one time pad. I need to add more text here to pad this.""" +bob = b"""I wouldn't be so sure of that. The key is: in the same vein """ + +def C(text, key): + out = bytearray() + for i in range( len( text ) ): + out.append(key[i] ^ text[i]) + + return bytes(out) + +c = cbc.cipherBlockChainingE(aliceKey, IV, C, alice) +print('
Alice
', crypto.hexFormat(c)) +assert cbc.cipherBlockChainingD(aliceKey, IV, C, c) == alice +c = cbc.cipherBlockChainingE(bobKey, IV, C, bob) +assert cbc.cipherBlockChainingD(bobKey, IV, C, c) == bob +print('
Bob
', crypto.hexFormat(c), '
') diff --git a/puzzles/crypto/400/index.html b/puzzles/crypto/400/index.html new file mode 100644 index 0000000..f57c9a7 --- /dev/null +++ b/puzzles/crypto/400/index.html @@ -0,0 +1,2 @@ +
Alice
f4 c9 40 41 ac 4b 9c 3f 32 58 2f 70 1c 49 fb bf a8 56 72 72 2 88 2c 87 cc
d 13 6c 25 d5 da 30 64 dd dd b8 ba 58 c1 a3 17 26 6d ff 64 62 cb 69 b3 e2
ae 2d dd 11 2f a1 5d 79 b6 63 cb 51 5b de 9c 57 20 45 72 7b f2 35 15 40 60
8c 45 c9 a6 38 e0 79 7 a4 cc 18 e9 7e eb 4b 38 e2 ed 6b 17 a1 ee fd 69 2a
24 b5 21 be 96 92 d4 f6 5b 40 59 1d b f6 8a cb dd 6 43 16 6 f ab c8 4
fc b2 f3 c3 64 11 40 db 9e d6 7 f9 40 17 bd 2 1e cc b2 14 81 6a c1 6b b9
2c 6c ab 5f 7f +
Bob
e9 d5 6 46 ac 52 92 38 32 5d 32 37 59 10 e3 af a8 46 72 6b 18 89 68 c2 c0
15 13 2f 3d 94 d0 2b 31 9e db ae ea 5f c1 ef 11 36 37 e4 66 7e 9e 21 99 e3
a7 6a ce 13 2f a1 50 74 ae 73 84 5b 41 96 da 1e a 10 76 60 a2 39 5b 19 6e
d9 1 da ba 75 ac 71 1b b5 89 1e a1 7e f3 b 36 ab a3 6b 43 e9 ab fd 23 75
68 f6 68 b3 c8 dc 81 ae b 18 44 4f 50 eb aa cb d5 6 4f 16 a 49 b0 d2 41
df bb 93 cd 7d d 42 c6 cc 8d 1a b0 f 43 f6 46 52 8d bf 5d c5 21 8a 22 fa
79 20 ff 6 71
diff --git a/puzzles/crypto/400/key b/puzzles/crypto/400/key new file mode 100644 index 0000000..0abb17e --- /dev/null +++ b/puzzles/crypto/400/key @@ -0,0 +1 @@ +--------========Thanks for Pl@y|ng========-------- diff --git a/puzzles/crypto/400onetimepad.py b/puzzles/crypto/400onetimepad.py new file mode 100644 index 0000000..a9a589b --- /dev/null +++ b/puzzles/crypto/400onetimepad.py @@ -0,0 +1,23 @@ +import crypto +import random + +def mkPad(length): + pad = bytearray() + for i in range(length): + pad.append( random.randint(0,255) ) + return bytes(pad) + +alice = b'That was it, you solved the last crypto puzzle! Congratulations. I hope you realize that, in the grand scheme of things, these were of trivial difficulty.' +bob = b"It's not like we could expect you to solve anything actually difficult in a day, after all. --------========Thanks for Pl@y|ng========-------- " + +assert len(alice) == len(bob) +key = mkPad(len(alice)) + +def encode(text): + out = bytearray() + for i in range(len(text)): + out.append(key[i] ^ text[i]) + return bytes(out) + +crypto.mkIndex(encode, encode, alice, bob, crypto.hexFormat) + diff --git a/puzzles/crypto/cbc.py b/puzzles/crypto/cbc.py new file mode 100644 index 0000000..d63f3d1 --- /dev/null +++ b/puzzles/crypto/cbc.py @@ -0,0 +1,52 @@ + +def cipherBlockChainingE(key, IV, C, text): + """Cypher block chaining encryption. Works in blocks the size of IV. +@param key: the key for the Cipher. +@param IV: initialization vector (bytes object). +@param C: the cypher function C(text, key). +@param text: A bytes object of the text. The length of the text + must be a multiple of the length of the IV. +""" + mod = len(text) % len(IV) + assert mod == 0, 'The text length needs to be a multiple of the key '\ + 'length. %d of %d' % (mod, len(IV)) + + feedback = IV + block = len(IV) + out = bytearray() + while text: + p, text = text[:block], text[block:] + + c = bytearray(block) + for i in range(block): + c[i] = p[i] ^ feedback[i] + + c2 = C(c, key) + out.extend(c2) + feedback = c2 + + return bytes(out) + +def cipherBlockChainingD(key, IV, C, text): + """Cipher block chaining decryption. Arguments are the same as for the +encrypting function.""" + mod = len(text) % len(IV) + assert mod == 0, 'The text length needs to be a multiple of the IV '\ + 'length. %d of %d' % (mod, len(IV)) + + feedback = IV + block = len(IV) + out = bytearray() + while text: + c, text = text[:block], text[block:] + + p = C(c, key) + p = bytearray(p) + for i in range(block): + p[i] = p[i] ^ feedback[i] + + out.extend(p) + feedback = c + + return bytes(out) + diff --git a/puzzles/crypto/crypto.py b/puzzles/crypto/crypto.py new file mode 100644 index 0000000..9f0f6f4 --- /dev/null +++ b/puzzles/crypto/crypto.py @@ -0,0 +1,46 @@ +def mkIndex(encode, decode, alice, bob, + format=lambda s: str(s, 'utf-8')): + """Write out the index.html contents. +@param encode: function to encrypt the plaintext +@param decode: function to decrypt the plaintext +@param alice: plaintext of alice line +@param bob: plaintext of bob line +@param format: formatter for the cypher text, run out output of encode before + printing. Does string conversion by default.""" + c = encode(alice) + print('
Alice
', format(c)) + assert decode(c) == alice + c = encode(bob) + print('
Bob
', format(c), '
') + assert decode(c) == bob + +def hexFormat(text): + return groups(text, 5, '{0:x} ') + +def groups(text, perLine=5, format='{0:c}'): + i = 0 + out = [] + while i < len(text): + out.append(format.format(text[i])) + + if i % (perLine*5) == (perLine * 5 - 1): + out.append('
') + elif i % 5 == 4: + out.append(' ') + + i = i + 1 + + return ''.join(out) + +def strip(text): + """Strip any unicode from the given text, and return it as a bytes + object.""" + + b = bytearray() + for t in text: + if ord(t) > 255: + t = ' ' + + b.append(ord(t)) + + return bytes(b) diff --git a/puzzles/crypto/diffie.py b/puzzles/crypto/diffie.py new file mode 100644 index 0000000..5f0bbba --- /dev/null +++ b/puzzles/crypto/diffie.py @@ -0,0 +1,8 @@ +prime = 51237129793 +mod = 321454621 +a = 341 +A = prime ** a % mod +b = 573 +B = prime ** b % mod +key = A**b % mod +assert B**a % mod == key, 'Bad diffie math.' diff --git a/puzzles/crypto/transform.py b/puzzles/crypto/transform.py new file mode 100644 index 0000000..d9ffe1b --- /dev/null +++ b/puzzles/crypto/transform.py @@ -0,0 +1,13 @@ +def transform(text, map): + size = len(map) + div = len(text) % size + assert div == 0, 'Text must be a multiple of the key size in length. '\ + 'At %d out of %d' % (div, size) + + out = bytearray() + i = 0 + while i < len(text): + for j in range(size): + out.append( text[i + map[j]] ) + i = i+size + return bytes(out) diff --git a/puzzles/forensics/forensic100/index.html b/puzzles/forensics/forensic100/index.html new file mode 100644 index 0000000..1c7433c --- /dev/null +++ b/puzzles/forensics/forensic100/index.html @@ -0,0 +1,13 @@ + + +Forensic 100 + +The FBI has asked for your team's assistance in conducting a forensic analysis of a seized hacker's drive. +The FBI tells you that the suspect is a known terrorist and may be using encryption on his disk. +They have put their best agent on the job, but he has been unsuccessful in mounting and analyzing the drive on +their forensic tool. Where do you tell Special Agent Dumas to begin looking to determine what type of filesystem +is being used and whether disk encryption may be employed? +

+Enter the key in all lower case letters + + diff --git a/puzzles/forensics/forensic100/key b/puzzles/forensics/forensic100/key new file mode 100644 index 0000000..8481b71 --- /dev/null +++ b/puzzles/forensics/forensic100/key @@ -0,0 +1 @@ +master boot record diff --git a/puzzles/forensics/forensic150/index.html b/puzzles/forensics/forensic150/index.html new file mode 100644 index 0000000..9653228 --- /dev/null +++ b/puzzles/forensics/forensic150/index.html @@ -0,0 +1,11 @@ + + +Forensic 150 + +Special Agent Dumas has looked for the structure you told him but can't find it. He thinks the +subject has taken evasive measures to hide the data on his drive. What signature should he look for to +identify the structure? +

+Enter the key as a set of hex characters. (E.g. 0xde 0xad 0xbe 0xef) + + diff --git a/puzzles/forensics/forensic150/key b/puzzles/forensics/forensic150/key new file mode 100644 index 0000000..3693c14 --- /dev/null +++ b/puzzles/forensics/forensic150/key @@ -0,0 +1 @@ +0x55 0xaa diff --git a/puzzles/forensics/forensic200/eff21d462a07b09b0cb34f9255baa768 b/puzzles/forensics/forensic200/eff21d462a07b09b0cb34f9255baa768 new file mode 100644 index 0000000..626b027 Binary files /dev/null and b/puzzles/forensics/forensic200/eff21d462a07b09b0cb34f9255baa768 differ diff --git a/puzzles/forensics/forensic200/index.html b/puzzles/forensics/forensic200/index.html new file mode 100644 index 0000000..ffdfb36 --- /dev/null +++ b/puzzles/forensics/forensic200/index.html @@ -0,0 +1,13 @@ + + +Forensic 200 + +Special Agent Dumas is still stumped. He has looked where you told him but is unable to decipher +what filesystem is on the disk. He has extracted the portion of the disk you pointed him to and has +
+

+eff21d462a07b09b0cb34f9255baa768 +

+Provide the answer in all capital letters + + diff --git a/puzzles/forensics/forensic200/key.txt b/puzzles/forensics/forensic200/key.txt new file mode 100644 index 0000000..4412524 --- /dev/null +++ b/puzzles/forensics/forensic200/key.txt @@ -0,0 +1 @@ +NTFS \ No newline at end of file diff --git a/puzzles/forensics/forensic300/eff21d462a07b09b0cb34f9255baa768 b/puzzles/forensics/forensic300/eff21d462a07b09b0cb34f9255baa768 new file mode 100644 index 0000000..626b027 Binary files /dev/null and b/puzzles/forensics/forensic300/eff21d462a07b09b0cb34f9255baa768 differ diff --git a/puzzles/forensics/forensic300/index.html b/puzzles/forensics/forensic300/index.html new file mode 100644 index 0000000..c5dc9a2 --- /dev/null +++ b/puzzles/forensics/forensic300/index.html @@ -0,0 +1,11 @@ + + +Forensic 300 + + +Special Agent Dumas really appreciates your team's assistance. If you can just tell him the cylinder:head:sector +of the partition you identified for him, he thinks he can get started in analyzing this disk. +

+eff21d462a07b09b0cb34f9255baa768 + + diff --git a/puzzles/forensics/forensic300/key b/puzzles/forensics/forensic300/key new file mode 100644 index 0000000..1737e34 --- /dev/null +++ b/puzzles/forensics/forensic300/key @@ -0,0 +1 @@ +0:32:33 \ No newline at end of file diff --git a/puzzles/forensics/forensic350/eff21d462a07b09b0cb34f9255baa768 b/puzzles/forensics/forensic350/eff21d462a07b09b0cb34f9255baa768 new file mode 100644 index 0000000..626b027 Binary files /dev/null and b/puzzles/forensics/forensic350/eff21d462a07b09b0cb34f9255baa768 differ diff --git a/puzzles/forensics/forensic350/index.html b/puzzles/forensics/forensic350/index.html new file mode 100644 index 0000000..4e92457 --- /dev/null +++ b/puzzles/forensics/forensic350/index.html @@ -0,0 +1,12 @@ + + +Forensic 350 + + +Special Agent Dumas is really grateful you were able to provide him the Cylinder:Head:Sector of the partition +but he just realized that his forensic tool requires a LBA instead of C:H:S. Please give SA Dumas the +information he needs. +

+eff21d462a07b09b0cb34f9255baa768 + + diff --git a/puzzles/forensics/forensic350/key b/puzzles/forensics/forensic350/key new file mode 100644 index 0000000..f3e53ee --- /dev/null +++ b/puzzles/forensics/forensic350/key @@ -0,0 +1 @@ +2048 \ No newline at end of file diff --git a/puzzles/pcrap/20/1.pcap b/puzzles/pcrap/20/1.pcap new file mode 100644 index 0000000..ca71898 Binary files /dev/null and b/puzzles/pcrap/20/1.pcap differ diff --git a/puzzles/pcrap/20/index.html b/puzzles/pcrap/20/index.html new file mode 100644 index 0000000..e969e5c --- /dev/null +++ b/puzzles/pcrap/20/index.html @@ -0,0 +1,4 @@ +Data +

+Protocol: _
+
diff --git a/puzzles/pcrap/20/key b/puzzles/pcrap/20/key new file mode 100644 index 0000000..4e76d03 --- /dev/null +++ b/puzzles/pcrap/20/key @@ -0,0 +1 @@ +http diff --git a/puzzles/pcrap/200/1.pcap b/puzzles/pcrap/200/1.pcap new file mode 100644 index 0000000..b3eda4e Binary files /dev/null and b/puzzles/pcrap/200/1.pcap differ diff --git a/puzzles/pcrap/200/index.html b/puzzles/pcrap/200/index.html new file mode 100644 index 0000000..df18747 --- /dev/null +++ b/puzzles/pcrap/200/index.html @@ -0,0 +1,4 @@ +Data +
+_ amongst _
+
diff --git a/puzzles/pcrap/200/key b/puzzles/pcrap/200/key new file mode 100644 index 0000000..0f206bb --- /dev/null +++ b/puzzles/pcrap/200/key @@ -0,0 +1 @@ +domo pumpkins diff --git a/puzzles/pcrap/800/1.pcap b/puzzles/pcrap/800/1.pcap new file mode 100644 index 0000000..72e7884 Binary files /dev/null and b/puzzles/pcrap/800/1.pcap differ diff --git a/puzzles/pcrap/800/index.html b/puzzles/pcrap/800/index.html new file mode 100644 index 0000000..df18747 --- /dev/null +++ b/puzzles/pcrap/800/index.html @@ -0,0 +1,4 @@ +Data +
+_ amongst _
+
diff --git a/puzzles/pcrap/800/key b/puzzles/pcrap/800/key new file mode 100644 index 0000000..b80eb35 --- /dev/null +++ b/puzzles/pcrap/800/key @@ -0,0 +1 @@ +domo lettuce diff --git a/puzzles/webapp/10/,ctf.css b/puzzles/webapp/10/,ctf.css index 4b1b9a0..4f1b798 100644 --- a/puzzles/webapp/10/,ctf.css +++ b/puzzles/webapp/10/,ctf.css @@ -3,7 +3,7 @@ html,body { min-height: 100%; background-color: #000000; background-image: url(",binary.png"); - background-repeat: repeat-x repeat-y; + background-repeat: repeat; margin: 0; padding: 0; } @@ -52,3 +52,11 @@ h1,h2,h3,h4 { margin: 2em auto 2em auto; border-bottom: 1px dotted #222; } + +.error { + padding: 1em; + background: #fff; + color: red; + border: 1px solid red; + font-weight: bold; +} diff --git a/puzzles/webapp/50/,binary,png b/puzzles/webapp/50/,binary,png new file mode 120000 index 0000000..36053bd --- /dev/null +++ b/puzzles/webapp/50/,binary,png @@ -0,0 +1 @@ +../10/,binary.png \ No newline at end of file diff --git a/puzzles/webapp/50/,ctf.css b/puzzles/webapp/50/,ctf.css new file mode 120000 index 0000000..19b2533 --- /dev/null +++ b/puzzles/webapp/50/,ctf.css @@ -0,0 +1 @@ +../10/,ctf.css \ No newline at end of file diff --git a/puzzles/webapp/50/5.cgi b/puzzles/webapp/50/5.cgi new file mode 100755 index 0000000..23cc4e7 --- /dev/null +++ b/puzzles/webapp/50/5.cgi @@ -0,0 +1,89 @@ +#!/usr/bin/python + +import os +import cgi +import cgitb +cgitb.enable(context=10) + +if os.environ.has_key('QUERY_STRING'): + os.environ['QUERY_STRING'] = '' + +fields = cgi.FieldStorage() + +print 'Content-Type: text/html' +print '' + +print ''' + + + 5 + + + +
+
+

Web Application Challenge 5

+

Through some manipulation or interpretation of this CGI script + and the HTML page(s) that it generates, a 10 character key can be + found.

+

Find the key!

+ +
+''' + +PRODUCT_NAME = "Alex Brugh" +QUANT_LIMIT = 1 + +def purchase_success(quantity): + print ''' +

Congratulations, your order for %d "%s" has been placed.

+ ''' % (quantity, PRODUCT_NAME) + +class InvalidQuantityError(Exception): + def __init__(self, value): + self.value = value + def __str__(self): + return repr(self.value) + +quantity = None +if fields.has_key('quantity') and fields.has_key('product') and fields['product'].value == PRODUCT_NAME: + product = fields['product'].value + try: + quantity = int(fields['quantity'].value) + if quantity > QUANT_LIMIT: + # key = eVkIwHzOok + raise InvalidQuantityError("%d is not a valid quantity (limit %d)" % (quantity, QUANT_LIMIT)) + except ValueError: + print ''' +

There was an error with your order request. Sorry.

+ ''' + quantity = None + +if quantity is not None: + purchase_success(quantity) +else: + print ''' + +

SALE: %s

+

Use the order form below to place an order.

+ +
+ Orders for "%s" are limited to 1 per customer. +

+ + + +
+ ''' % (PRODUCT_NAME, PRODUCT_NAME, PRODUCT_NAME) + +print ''' + +
+ +
+ + +''' + diff --git a/puzzles/webapp/50/key b/puzzles/webapp/50/key new file mode 100644 index 0000000..042dd52 --- /dev/null +++ b/puzzles/webapp/50/key @@ -0,0 +1 @@ +eVkIwHzOok diff --git a/puzzles/webapp/60/,binary.png b/puzzles/webapp/60/,binary.png new file mode 120000 index 0000000..36053bd --- /dev/null +++ b/puzzles/webapp/60/,binary.png @@ -0,0 +1 @@ +../10/,binary.png \ No newline at end of file diff --git a/puzzles/webapp/60/,ctf.css b/puzzles/webapp/60/,ctf.css new file mode 120000 index 0000000..19b2533 --- /dev/null +++ b/puzzles/webapp/60/,ctf.css @@ -0,0 +1 @@ +../10/,ctf.css \ No newline at end of file diff --git a/puzzles/webapp/60/6.cgi b/puzzles/webapp/60/6.cgi new file mode 100755 index 0000000..75e192b --- /dev/null +++ b/puzzles/webapp/60/6.cgi @@ -0,0 +1,72 @@ +#!/usr/bin/python + +import os +import cgi +import cgitb +cgitb.enable(context=10) + +#if os.environ.has_key('QUERY_STRING'): +# os.environ['QUERY_STRING'] = '' + +fields = cgi.FieldStorage() + +import Cookie +c = Cookie.SimpleCookie() +c['key'] = 'QJebByJaKX' +c['content'] = '

Maybe I should have used sessions...

' + +print 'Content-Type: text/html\n%s\n\n\n' % c +print '' + +print ''' + + + 6 + + + + +
+
+

Web Application Challenge 6

+

Through some manipulation or interpretation of this CGI script + and the HTML page(s) that it generates, a 10 character key can be + found.

+

Find the key!

+ +
+
+''' + +print ''' +
+ +
+ + +''' + diff --git a/puzzles/webapp/60/key b/puzzles/webapp/60/key new file mode 100644 index 0000000..f235990 --- /dev/null +++ b/puzzles/webapp/60/key @@ -0,0 +1 @@ +QJebByJaKX diff --git a/puzzles/webapp/70/,binary.png b/puzzles/webapp/70/,binary.png new file mode 120000 index 0000000..36053bd --- /dev/null +++ b/puzzles/webapp/70/,binary.png @@ -0,0 +1 @@ +../10/,binary.png \ No newline at end of file diff --git a/puzzles/webapp/70/,ctf.css b/puzzles/webapp/70/,ctf.css new file mode 120000 index 0000000..19b2533 --- /dev/null +++ b/puzzles/webapp/70/,ctf.css @@ -0,0 +1 @@ +../10/,ctf.css \ No newline at end of file diff --git a/puzzles/webapp/70/7.cgi b/puzzles/webapp/70/7.cgi new file mode 100755 index 0000000..1bfdf64 --- /dev/null +++ b/puzzles/webapp/70/7.cgi @@ -0,0 +1,86 @@ +#!/usr/bin/python + +import os +import cgi +import cgitb +cgitb.enable(context=10) + +#if os.environ.has_key('QUERY_STRING'): +# os.environ['QUERY_STRING'] = '' + +fields = cgi.FieldStorage() + +import Cookie +c = Cookie.SimpleCookie(os.environ.get('HTTP_COOKIE', '')) + +content = { + 'joke1' : '

An infinite number of mathematicians walk into a bar. The first one orders a beer. The second orders half a beer. The third, a quarter of a beer. The bartender says You are all idiots! and pours two beers.

', + 'joke2' : '

Two atoms are talking. One of them says I think I lost an electron! and the other says Are you sure? The first replies Yeah, I am positive!

', +} + +if c.has_key('content_name') and c.has_key('content'): + k = c['content_name'].value + try: + c['content'] = content[k] + except KeyError: + c['content'] = '

key = s4nNlaMScV

' +else: + c['content_name'] = 'joke1'; + c['content'] = content['joke1'] + + +print 'Content-Type: text/html\n%s\n\n\n' % c +print '' + +print ''' + + + 7 + + + + +
+
+

Web Application Challenge 7

+

Through some manipulation or interpretation of this CGI script + and the HTML page(s) that it generates, a 10 character key can be + found.

+

Find the key!

+ +
+
+''' + +print ''' +
+ +
+ + +''' + diff --git a/puzzles/webapp/70/key b/puzzles/webapp/70/key new file mode 100644 index 0000000..16f48e0 --- /dev/null +++ b/puzzles/webapp/70/key @@ -0,0 +1 @@ +s4nNlaMScV diff --git a/puzzles/webapp/80/,binary.png b/puzzles/webapp/80/,binary.png new file mode 120000 index 0000000..36053bd --- /dev/null +++ b/puzzles/webapp/80/,binary.png @@ -0,0 +1 @@ +../10/,binary.png \ No newline at end of file diff --git a/puzzles/webapp/80/,ctf.css b/puzzles/webapp/80/,ctf.css new file mode 120000 index 0000000..19b2533 --- /dev/null +++ b/puzzles/webapp/80/,ctf.css @@ -0,0 +1 @@ +../10/,ctf.css \ No newline at end of file diff --git a/puzzles/webapp/80/,jokes/bar b/puzzles/webapp/80/,jokes/bar new file mode 100644 index 0000000..9e0dfe3 --- /dev/null +++ b/puzzles/webapp/80/,jokes/bar @@ -0,0 +1,4 @@ +

An unsigned integer walks into a bar and orders a drink.
+The bartender delivers it and says, "Is something wrong?"
+The int looks up and replies, "Parity error."
+"Ah," the bartender replies, "I thought you looked a bit off."

diff --git a/puzzles/webapp/80/,jokes/binary b/puzzles/webapp/80/,jokes/binary new file mode 100644 index 0000000..58ddc26 --- /dev/null +++ b/puzzles/webapp/80/,jokes/binary @@ -0,0 +1,2 @@ +

There are 10 types of people in the world: those who understand binary and those who don't.

+ diff --git a/puzzles/webapp/80/,jokes/christmas b/puzzles/webapp/80/,jokes/christmas new file mode 100644 index 0000000..3bade53 --- /dev/null +++ b/puzzles/webapp/80/,jokes/christmas @@ -0,0 +1,2 @@ +

Why do programmers confuse Halloween and Christmas?

+Because OCT 31 == DEC 25!

diff --git a/puzzles/webapp/80/,jokes/help b/puzzles/webapp/80/,jokes/help new file mode 100644 index 0000000..e79c54b --- /dev/null +++ b/puzzles/webapp/80/,jokes/help @@ -0,0 +1,2 @@ +

Once a programmer drowned in the sea. Many people were at the beach at the time, +but the programmer was shouting "F1! F1!" and nobody understood it.

diff --git a/puzzles/webapp/80/,jokes/java b/puzzles/webapp/80/,jokes/java new file mode 100644 index 0000000..9c5e84d --- /dev/null +++ b/puzzles/webapp/80/,jokes/java @@ -0,0 +1,6 @@ +

"Knock, Knock."
+"Who's there?"
+
+... long pause ...
+
+"Java."

diff --git a/puzzles/webapp/80/,makedb.py b/puzzles/webapp/80/,makedb.py new file mode 100755 index 0000000..d6c886f --- /dev/null +++ b/puzzles/webapp/80/,makedb.py @@ -0,0 +1,45 @@ +#!/usr/bin/env python2.6 + +import os +import sys +import sqlite3 +import base64 +import stat + +# new db +if os.path.exists(',zomg.sqlite3'): + os.remove(',zomg.sqlite3') +db = sqlite3.connect(',zomg.sqlite3') +cur = db.cursor() + +# pics table +cur.execute('create table pics(id integer primary key, data blob)') +paths = os.listdir(',pics/') +for path in paths: + f = open(os.path.join(',pics/', path), 'rb') + data = f.read() + f.close() + encoded = base64.encodestring(data) + html = '' % encoded + cur.execute('insert into pics(data) values(?)', (html,)) + +# jokes table +cur.execute('create table jokes(id integer primary key, data text)') +paths = os.listdir(',jokes/') +for path in paths: + f = open(os.path.join(',jokes/', path), 'r') + html = f.read() + f.close() + cur.execute('insert into jokes(data) values(?)', (html,)) + +# key +cur.execute('create table key(id integer primary key, data text)') +for k in [None, None, None, None, None, 'dmW5f9P54e']: + cur.execute('insert into key(data) values(?)', (k,)) + +# clean up +db.commit() +cur.close() +db.close() + +os.chmod(',zomg.sqlite3', stat.S_IRUSR | stat.S_IRGRP | stat.S_IROTH) diff --git a/puzzles/webapp/80/,pics/90s.jpg b/puzzles/webapp/80/,pics/90s.jpg new file mode 100644 index 0000000..5e31456 Binary files /dev/null and b/puzzles/webapp/80/,pics/90s.jpg differ diff --git a/puzzles/webapp/80/,pics/melon.jpg b/puzzles/webapp/80/,pics/melon.jpg new file mode 100644 index 0000000..4ed92f5 Binary files /dev/null and b/puzzles/webapp/80/,pics/melon.jpg differ diff --git a/puzzles/webapp/80/,pics/pumpkin.jpg b/puzzles/webapp/80/,pics/pumpkin.jpg new file mode 100644 index 0000000..cca7efc Binary files /dev/null and b/puzzles/webapp/80/,pics/pumpkin.jpg differ diff --git a/puzzles/webapp/80/,pics/ruth.jpg b/puzzles/webapp/80/,pics/ruth.jpg new file mode 100644 index 0000000..46ea699 Binary files /dev/null and b/puzzles/webapp/80/,pics/ruth.jpg differ diff --git a/puzzles/webapp/80/,pics/soccer.jpg b/puzzles/webapp/80/,pics/soccer.jpg new file mode 100644 index 0000000..b2f1ba7 Binary files /dev/null and b/puzzles/webapp/80/,pics/soccer.jpg differ diff --git a/puzzles/webapp/80/,zomg.sqlite3 b/puzzles/webapp/80/,zomg.sqlite3 new file mode 100644 index 0000000..4b5bf1f Binary files /dev/null and b/puzzles/webapp/80/,zomg.sqlite3 differ diff --git a/puzzles/webapp/80/8.cgi b/puzzles/webapp/80/8.cgi new file mode 100755 index 0000000..280b5d3 --- /dev/null +++ b/puzzles/webapp/80/8.cgi @@ -0,0 +1,150 @@ +#!/usr/bin/python + +import os +import cgi +import cgitb +import sqlite3 +cgitb.enable(context=10) + +if os.environ.has_key('QUERY_STRING'): + os.environ['QUERY_STRING'] = '' + +fields = cgi.FieldStorage() + +q = None +if fields.has_key('q'): + q = fields['q'].value + +if q is not None: + print 'Content-Type: text/html\n' + try: + db = sqlite3.connect(',zomg.sqlite3') + cur = db.cursor() + cur.execute(q) + results = cur.fetchall() + + print '' + for r in results: + print '' + for thing in r: + print '' % thing + print '' + print '
%s
' + + except Exception: + print '

Invalid query: %s

' % q + +else: + print 'Content-Type: text/html\n' + print '' + + print ''' + + + 8 + + + + +
+
+

Web Application Challenge 8

+

Through some manipulation or interpretation of this CGI script + and the HTML page(s) that it generates, a 10 character key can be + found.

+

Find the key!

+ +
+

Database Query Wizard

+

Use the form below to retrieve data from the database. Select the + type of data that you would like to view and the number of database + entries to retrieve and then click on the "Query" button.

+ +
+
+ Topic: +

+ # Results: +

+ +
+ +
+
+ +
+ + + ''' + diff --git a/puzzles/webapp/80/key b/puzzles/webapp/80/key new file mode 100644 index 0000000..f77d1bd --- /dev/null +++ b/puzzles/webapp/80/key @@ -0,0 +1 @@ +dmW5f9P54e diff --git a/puzzles/webapp/summary.txt b/puzzles/webapp/summary.txt index 767d14c..03f7ce0 100644 --- a/puzzles/webapp/summary.txt +++ b/puzzles/webapp/summary.txt @@ -5,4 +5,13 @@ resulting traceback. 40: change the value in the POST request to a non-integer. the key is in the resulting traceback. - +50: change the quantity value (hidden form field) to something greater than the + stated quantity limit. the key is in the resulting traceback. entering non- + integers is caught and handled, so that no longer works. +60: the key is in the cookie. note the javascript that reads a value from the + cookie, hopefully causing the player to take a look at the cookie. +70: modify the cookie's content_name field to something invalid, reload the page + and the key will be printed on the page. +80: an sql query is being constructed in javascript from form fields. change the + form fields such that the query is SELECT * FROM key LIMIT 6 and the key will + be displayed.