Merge cfl:/var/projects/gctf

kevin/victims.txt

@@ -2,3 +2,5 @@ Michael Smith    (505)555-1212  SMS OK
 Janet Berger     (505)555-7382
 Dimwit Flathead  dimwit on irc.efnet.net
 Jacob Schmidt    jacob@dirtbags.net
+Lewis Gillard	 (575)418-5315
+Christy Quist    (505)506-3303  SMS OK

new-contest

@@ -15,6 +15,11 @@ rm -f /var/lib/ctf/flags/* || true
 
 sv restart /var/service/ctf
 
+echo "Removing tanks history"
+rm -f /var/lib/tanks/ai/players/*
+rm -rf /var/lib/tanks/results/*
+rm -f /var/lib/tanks/winner
+
 echo "Things you may want to tweak:"
 find /var/lib/ctf/disabled
 find /var/lib/kevin/tokens

pollster/pollster.py

@@ -157,11 +157,7 @@ while True:
 			continue
 
 		# remove the file
-		try:
 		os.remove(os.path.join(IP_DIR, ip))
-		except Exception as e:
-			print('pollster: could not remove %s' % os.path.join(IP_DIR, ip))
-			traceback.print_exc()
 
 		results = {}
 

puzzles/crypto/1/index.html

@@ -0,0 +1,16 @@
+<dl>
+<dt>Alice
+<dd>Welcome to Bletchley.  It works like this:  I'll say something to Bob,
+and he'll say something back.  Our communication will be encrypted in some
+manner, or at least obfuscated.  Your job is to get the plaintext, and 
+find the puzzle key.
+<dt>Bob
+<dd>Sometimes the plaintext from one puzzle will give you a hint (or the 
+cryptogaphic key) for the next.  When we give you such keys, we'll always 
+do so in a straightforward manner.  The puzzle key for each puzzle
+is always in what I say, and there shouldn't be any tricks involved in
+figuring out what it is. 
+<dt>Alice<dd>Good Luck!
+<dt>Bob<dd>You'll need it.  By the way, the key is 'dirtbags'.
+</dl>
+       	

puzzles/crypto/1/key

@@ -0,0 +1 @@
+dirtbags

puzzles/crypto/100/index.html

@@ -0,0 +1,3 @@
+<dl><dt>Alice<dd>nyy unvy prnfne.
+    <dt>Bob<dd>prnfne vf gur xrl
+</dl>

puzzles/crypto/100/key

@@ -0,0 +1 @@
+ceasar

puzzles/crypto/100ceasar.py

@@ -0,0 +1,24 @@
+plaintext = [b'all hail ceasar.', b'ceasar is the key']
+
+alpha = b'abcdefghijklmnopqrstuvwxyz'
+
+def ceasar(text, r):
+    out = bytearray()
+    for t in text:
+        if t in alpha:
+            t = t - b'a'[0]
+            t = (t + r)%26
+            out.append(t + b'a'[0])
+        else:
+            out.append(t)
+    return bytes(out)
+
+encode = lambda text : ceasar(text, 13)
+decode = lambda text : ceasar(text, -13)
+
+c = encode(plaintext[0])
+print('<dl><dt>Alice<dd>', str(c, 'utf-8'))
+assert decode(c) == plaintext[0]
+c = encode(plaintext[1])
+print('<dt>Bob<dd>', str(c, 'utf-8'), '</dl>')
+assert decode(c) == plaintext[1]

puzzles/crypto/110/index.html

@@ -0,0 +1,4 @@
+<dl>
+<dt>Alice<dd>Vkbd ntg duun puwtvbauwg dbnjwu, hlv bv'd vku dtnu htdbe jpbfebjwud td lduq bf d-hxyud, t vuekfbmlu lduq bf ntfg nxqupf epgjvxcptjkbe twcxpbvnd.  Xi exlpdu, bfdvutq xi wuvvup dlhdvbvlvbxf, gxl'pu qxbfc hgvu dlhdvbvlvbxf.
+<dt>Bob<dd>Vku fuyv vzx jlsswud tpu t hbv qbiiupufv; vkug tpuf'v 'ufepgjvuq' tv tww. Xk, hg vku ztg, vku oug vkbd vbnu bd: 'vku d bd ixp dleod'.
+</dl>

puzzles/crypto/110/key

@@ -0,0 +1 @@
+the s is for sucks

puzzles/crypto/110substitution.py

@@ -0,0 +1,48 @@
+#!/usr/bin/python3
+
+plaintext = [b"This may seem relatively simple, but it's the same basic "
+b"principles as used in s-boxes, a technique used in many modern "
+b"cryptographic algoritms.  Of course, instead of letter substitution, "
+b"you're doing byte substitution.",
+b"The next two puzzles are a bit different;  Frequency counts (of characters) "
+b"will just reveal random noise. "
+b"Oh, by the way, the key this time is: 'the s is for sucks'."]
+
+key = b"thequickbrownfxjmpdvlazygs"
+
+def encode(text):
+    ukey = key.upper()
+    lkey = key.lower()
+    assert len(set(key)) == 26, 'invalid key'
+    assert key.isalpha(), 'non alpha character in key'
+    out = bytearray()
+    for t in text:
+        if t in lkey:
+            out.append(lkey[t - ord('a')])
+        elif t in ukey:
+            out.append(ukey[t - ord('A')])
+        else:
+            out.append(t)
+    return bytes(out)
+    
+def decode(text):
+    ukey = key.upper()
+    lkey = key.lower()
+    assert len(set(key)) == 26, 'invalid key'
+    assert key.isalpha(), 'non alpha character in key'
+    out = bytearray()
+    for t in text:
+        if t in lkey:
+            out.append(ord('a') + lkey.index(bytes([t])))
+        elif t in ukey: 
+            out.append(ord('A') + ukey.index(bytes([t])))
+        else:
+            out.append(t)
+    return bytes(out)
+
+c = encode(plaintext[0])
+print('<dl><dt>Alice<dd>', str(c, 'utf-8'))
+assert decode(c) == plaintext[0]
+c = encode(plaintext[1])
+print('<dt>Bob<dd>', str(c, 'utf-8'), '</dl>')
+assert decode(c) == plaintext[1]

puzzles/crypto/120/index.html

@@ -0,0 +1,6 @@
+<dl>
+<dt>Alice
+<dd>KiTvXqBKSkdOiVHAKgyAdZXuTwudIHqzLHcJBCXRPnxCxuxhUmdKcqvNSgkHGgYmKIdQKAOPMatvHAalZzrZcMCFGaiSklvsNsgbLiJmPagZobKLLpgJJcIMDUvKEXFJMiwVbVFKZdjDMKSvTdugBqjPBdlJTlXnDAvFUPNAFpjFESbJNsgJTnCgNeeZIwGfMkmZwnhGCDrOWWYIPafuXZrKNroELoGjXwtQdlSZZwdDTEZxTulhKsAMFthZfHGqSyxnXzdPShkXVrRqDpoNmuTINniddWNvMThBQEWAVbaRLrChBicNXWYbGuwdAQrvLdfdxEJgPErTwysQ
+<dt>Bob
+<dd>LqItUzQMBgbWoNMNNavSLvNyBStVGUCWNjgQxghYZevZYvWuBcdweBUETsflAiXPPLxBFVHUOrdhFDARCngbRdLnHiytxFnSSpknmEvZDioBdxTRLnlAOcAfPKvODVUWJpstBLmtXskjWuBBHizDKXRtPobcLVyQHjtzKiFFMwzzOVnfHTqZGKKDQinlYgZDHzmWhHEKYwtDMmDiUKrZYARDIoceQDugJhrXVOZnAbbFneByTliWIpTsMWoVGGSAIzpBZXOvIihvSBcjABbCXEZIRblsPxJFUnuXrIDBFphHpFSzUrpsNUzbPXdLNBUAInuJifwtRigMdtzWGkvLAwYqIQmEetyEPSrMHNTBRLtZCJZPRcEdDQdEXdnILAAfNpwzEsVWPUzYJVBCVbUTVojLIviMzWRpMqpQotsYAqtDcFpe
+</dl>

puzzles/crypto/120/key

@@ -0,0 +1 @@
+Rat Fink

puzzles/crypto/120binary.py

@@ -0,0 +1,48 @@
+#!/usr/bin/python3
+"""This is non-obvious, so let me elaborate.  The message is translated to 
+binary with one character per binary bit.  Lower case characters are 1's, 
+and upper case is 0.  The letters are chosen at random.  Tricky, eh?"""
+
+import random
+
+lower = b'abcdefghijklmnopqrstuvwxyz'
+upper = lower.upper()
+
+plaintext = [b'The next puzzle starts in the same way, but the last step is '
+             b'different.',
+             b'We wouldn\'t want them to get stuck so early, would we? '
+             b'Rat Fink']
+
+def encode(text):
+    out = bytearray()
+    mask = 0x80
+    for t in text:
+        for i in range(8):
+            if t & mask:
+                out.append(random.choice(lower))
+            else:
+                out.append(random.choice(upper))
+            t = t << 1
+   
+    return bytes(out)
+
+def decode(text):
+    out = bytearray()
+    i = 0
+    while i < len(text):
+        c = 0
+        mask = 0x80
+        for j in range(8):
+            if text[i] in lower:
+                c =  c + mask
+            mask = mask >> 1
+            i = i + 1
+        out.append(c)
+    return bytes(out)
+
+c = encode(plaintext[0])
+print('<dl><dt>Alice<dd>', str(c, 'utf-8'))
+assert decode(c) == plaintext[0]
+c = encode(plaintext[1])
+print('<dt>Bob<dd>', str(c, 'utf-8'), '</dl>')
+assert decode(c) == plaintext[1]

puzzles/crypto/130manchester.py

@@ -0,0 +1,60 @@
+#!/usr/bin/python3
+'''This is the same as the previous, but it uses non-return to zero to encode
+the binary.'''
+
+import random
+
+lower = b'abcdefghijklmnopqrstuvwxyz'
+upper = lower.upper()
+
+plaintext = [b'The next one is in Morris Code.  Unlike the previous two, '
+             b'they will actually need to determine some sort of key.',
+             b'Morris code with a key?  That sounds bizarre. probable cause']
+
+def encode(text):
+    out = bytearray()
+    mask = 0x80
+    state = 0
+    for t in text:
+        for i in range(8):
+            next = t & mask
+            if not state and not next:
+                out.append(random.choice(upper))
+                out.append(random.choice(lower))
+            elif not state and next:
+                out.append(random.choice(lower))
+                out.append(random.choice(upper))
+            elif state and not next:
+                out.append(random.choice(upper))
+                out.append(random.choice(lower))
+            elif state and next:
+                out.append(random.choice(lower))
+                out.append(random.choice(upper))
+            state = next
+            t = t << 1
+   
+    return bytes(out)
+
+def decode(text):
+    out = bytearray()
+    i = 0
+    while i < len(text):
+        c = 0
+        mask = 0x80
+        for j in range(8):
+            a = 0 if text[i] in lower else 1
+            b = 0 if text[i+1] in lower else 1
+            assert a != b, 'bad encoding'
+            if b:
+                c =  c + mask
+            mask = mask >> 1
+            i = i + 2
+        out.append(c)
+    return bytes(out)
+
+c = encode(plaintext[0])
+print('<dl><dt>Alice<dd>', str(c, 'utf-8'))
+assert decode(c) == plaintext[0]
+c = encode(plaintext[1])
+print('<dt>Bob<dd>', str(c, 'utf-8'), '</dl>')
+assert decode(c) == plaintext[1]

puzzles/crypto/140/index.html

@@ -0,0 +1,2 @@
+<dl><dt>Alice<dd> fj v   jk taf   phlp rpv zs   z llo   zy xq okb a   fru rwzd   uhjp ah mmnt je jvh pos r   qnlx wsvm pvbr fpkx j dot sja obxxqy   idpr csm o   u thhh c   vp h ihdo y   zmm ia j   tp cfs   jxf yue uv h u kssx cn et bqk   pw   kzsc tc o u jgnt t   mg gmy amr k   hjp b pu br bkh dz tqk qtt xgxypy
+<dt>Bob<dd> cy rurj xepn   nt   akxj rl jrrz c   e oly   nnt fu usiv   rr dta wqyxnr   goh sj aq ia m   edvt fssp ps wtqd ohl r la rht szdupb </dl>

puzzles/crypto/140/key

@@ -0,0 +1 @@
+giant chickens

puzzles/crypto/140morris.py

@@ -0,0 +1,90 @@
+#!/usr/bin/python3
+"""This is morris code, except the dots and dashes are each represented by
+many different possible characters.  The 'encryption key' is the set of
+characters that represent dots, and the set that represents dashes."""
+
+import random
+
+dots =   b'acdfhkjnpsrtx'
+dashes = b'begilmoquvwyz'
+
+morris = {'a': '.-',
+          'b': '-...',
+          'c': '-.-.',
+          'd': '-..',
+          'e': '.',
+          'f': '..-.',
+          'g': '--.',
+          'h': '....',
+          'i': '..',
+          'j': '.---',
+          'k': '-.-',
+          'l': '.-..',
+          'm': '--',
+          'n': '-.',
+          'o': '---',
+          'p': '.--.',
+          'q': '--.-',
+          'r': '.-.',
+          's': '...',
+          't': '-',
+          'u': '..-',
+          'v': '...-',
+          'w': '.--',
+          'x': '-..-',
+          'y': '-.--',
+          'z': '--..',
+          '.': '.-.-.-',
+          ',': '--..--',
+          ':': '---...'}
+
+imorris = {}
+for k in morris:
+    imorris[morris[k]] = k            
+
+plaintext = [b'it is fun to make up bizarre cyphers, but the next one is '
+             b'something a little more standard.',
+             b'all i have to say is: giant chickens.']
+
+
+
+def encode(text):
+    out = bytearray()
+    for t in text:
+        if t == ord(' '):
+            out.extend(b'  ')
+        else:
+            for bit in morris[chr(t)]:
+                if bit == '.':
+                    out.append(random.choice(dots))
+                else:
+                    out.append(random.choice(dashes))
+            out.append(ord(' '))
+    return bytes(out[:-1])
+
+def decode(text):
+    text = text.replace(b'   ', b'&')
+#    print(text)
+    words = text.split(b'&')
+    out = bytearray()
+    for word in words:
+#        print(word)
+        word = word.strip()
+        for parts in word.split(b' '):
+            code = []
+            for part in parts:
+                if part in dots:
+                    code.append('.')
+                else:
+                    code.append('-')
+            code = ''.join(code)
+            out.append(ord(imorris[code]))
+        out.append(ord(' '))
+    return bytes(out[:-1])
+
+c = encode(plaintext[0])
+print('<dl><dt>Alice<dd>', str(c, 'utf-8'))
+assert decode(c) == plaintext[0]
+c = encode(plaintext[1])
+print('<dt>Bob<dd>', str(c, 'utf-8'), '</dl>')
+assert decode(c) == plaintext[1]

puzzles/crypto/150/index.html

@@ -0,0 +1,2 @@
+<dl><dt>Alice<dd> 1 11 eb 47 20   3f bf 11 20 eb   d4 ef 11 20 a1   40 7b 34 ef ef   20 22 34 11 20 <BR>55 11 eb 47 34   98 11 c3 34 eb   11 eb 47 20 ef   11 da 3f 34 71   11 11 1 eb 11 <BR>3d 20 15 15 11   eb 99 bf 34 11   99 11 15 da eb   11 da 55 11 3d   da 7b bf 11 eb <BR>da 11 c3 34 eb   11 20 eb 11 7b   20 c3 47 eb 71   11 11 5f 47 99   eb 11 20 ef f3 <BR>11 f1 3f 15 34   ef ef 11 eb 47   34 98 11 87 da   11 ef da a1 34   eb 47 20 3f c3 <BR>11 ef a1 99 7b   eb 11 15 20 bf   34 11 c4 da 7b   7b 34 c4 eb 15   98 11 c3 f1 34 <BR>ef ef 11 eb 47   34 11 22 99 15   f1 34 11 da 55   11 ef 40 99 c4   34 ef 71 11 8f <BR>7b 34 6a f1 34   3f c4 98 11 c4   da f1 3f eb ef   11 3d da 3f d4   eb 11 be f1 ef <BR>eb 11 f 34 11   98 da f1 7b 11   55 7b 20 34 3f   87 11 47 34 7b   34 f3 11 20 eb <BR>d4 15 15 11 f   34 11 f1 ef 34   55 f1 15 11 20   3f 11 da eb 47   34 7b 11 40 15 <BR>99 c4 34 ef 11   eb da da 71 
+<dt>Bob<dd> 1 d4 a1 11 3f   da eb 11 ef f1   7b 34 11 20 55   11 eb 47 99 eb   d4 ef 11 34 3f <BR>da f1 c3 47 11   eb 34 90 eb 11   eb da 11 c3 20   22 34 11 eb 47   34 a1 11 eb 47 <BR>34 11 99 f 20   15 20 eb 98 11   eb da 11 a1 99   bf 34 11 99 11   c3 da da 87 11 <BR>55 7b 34 6a f1   34 3f c4 98 11   c4 da f1 3f eb   71 11 11 1 eb   d4 ef 11 3f 20 <BR>c4 34 11 eb da   11 55 20 3f 99   15 15 98 11 f   34 11 99 eb 11   99 11 7b 34 99 <BR>15 11 c4 98 40   47 34 7b 11 eb   47 99 eb 11 99   15 15 da 3d ef   11 55 da 7b 11 <BR>eb 47 20 3f c3   ef 11 15 20 bf   34 11 40 7b da   40 34 7b 11 40   f1 3f c4 eb f1 <BR>99 eb 20 da 3f   11 99 3f 87 11   c4 99 40 20 eb   99 15 20 6f 99   eb 20 da 3f 71 <BR>11 8 3f 98 3d   99 98 f3 11 eb   47 34 11 bf 34   98 11 20 ef 6e   11 55 15 99 a1 <BR>20 3f c3 11 a1   99 ef eb 20 55   55  </dl>

puzzles/crypto/150/key

@@ -0,0 +1 @@
+flaming mastiff

puzzles/crypto/150sbox.py

@@ -0,0 +1,22 @@
+#!/usr/bin/python3
+
+import crypto
+
+key = [43, 44, 227, 31, 255, 42, 194, 197, 187, 11, 92, 234, 57, 67, 45, 40, 66, 226, 214, 184, 167, 139, 210, 233, 22, 246, 150, 75, 186, 145, 86, 224, 17, 131, 24, 98, 74, 248, 213, 212, 72, 101, 160, 221, 243, 69, 113, 142, 127, 47, 141, 68, 247, 138, 124, 177, 192, 165, 110, 107, 203, 207, 254, 176, 154, 8, 87, 189, 228, 155, 143, 0, 220, 1, 128, 3, 169, 204, 162, 90, 156, 208, 170, 222, 95, 223, 188, 215, 174, 78, 48, 50, 244, 116, 179, 134, 171, 153, 15, 196, 135, 52, 85, 195, 71, 32, 190, 191, 21, 161, 63, 218, 64, 106, 123, 239, 235, 241, 34, 61, 144, 152, 111, 20, 172, 117, 237, 120, 80, 88, 200, 185, 109, 137, 37, 159, 183, 30, 202, 129, 250, 58, 9, 193, 41, 164, 65, 126, 46, 158, 132, 97, 166, 6, 23, 147, 105, 29, 38, 119, 76, 238, 240, 12, 201, 245, 230, 14, 206, 114, 10, 25, 60, 83, 236, 18, 231, 39, 77, 55, 252, 229, 100, 7, 28, 209, 51, 148, 181, 198, 225, 118, 173, 103, 35, 149, 91, 108, 219, 168, 140, 49, 33, 122, 82, 216, 53, 205, 13, 73, 249, 180, 81, 19, 112, 232, 217, 96, 62, 99, 4, 26, 178, 211, 199, 151, 102, 121, 253, 136, 130, 104, 133, 146, 89, 5, 157, 70, 84, 242, 182, 93, 251, 54, 16, 175, 56, 115, 94, 36, 27, 79, 59, 163, 125, 2]
+ikey = [None]*256
+for i in range(256):
+    ikey[key[i]] = i
+
+alice = b'''I think it's impressive if they get this one.  It will take a lot of work to get it right.  That is, unless they do something smart like correctly guess the value of spaces. Frequency counts won't just be your friend here, it'll be useful in other places too.'''
+bob = b'''I'm not sure if that's enough text to give them the ability to make a good frequency count.  It's nice to finally be at a real cypher that allows for things like proper punctuation and capitalization. Anyway, the key is: flaming mastiff'''
+
+def sbox(text, key):
+    out = bytearray()
+    for t in text:
+        out.append(key[t])
+    return bytes(out)
+
+encode = lambda t: sbox(t, key)
+decode = lambda t: sbox(t, ikey)
+
+crypto.mkIndex(encode, decode, alice, bob, crypto.hexFormat)

puzzles/crypto/160/index.html

@@ -0,0 +1,2 @@
+<dl><dt>Alice<dd> e8 c3 8c d5 c3   d9 8c d8 c4 c5   c2 c7 8c d8 c4   c9 d5 8b c0 c0   8c d8 de d5 8c <BR>cd c2 c3 d8 c4   c9 de 8c ca de   c9 dd d9 c9 c2   cf d5 8c cf c3   d9 c2 d8 93 8c <BR>8c e5 d8 8c c1   c5 cb c4 d8 8c   ce c9 8c ce c9   d8 d8 c9 de 8c   c5 ca 8c d8 c4 <BR>c9 d5 8c c6 d9   df d8 8c c0 c3   c3 c7 c9 c8 8c   ca c3 de 8c dc   cd d8 d8 c9 de <BR>c2 df 82 
+<dt>Bob<dd> f5 c3 d9 8b c8   8c ce c9 8c cd   c1 cd d6 c9 c8   8c cd d8 8c c4   c3 db 8c c3 ca <BR>d8 c9 c2 8c d8   c4 c5 df 8c c5   df 8c d9 df c9   c8 8c c5 c2 8c   c0 c5 c9 d9 8c <BR>c3 ca 8c de c9   cd c0 8c cf de   d5 dc d8 c3 82   8c 8c e5 d8 8b   df 8c cd ce c3 <BR>d9 d8 8c cd df   8c c9 ca ca c9   cf d8 c5 da c9   8c cd df 8c cd   8c cf c9 cd df <BR>cd de 8c cf d5   dc c4 c9 de 82   8c 8c cf c4 de   c3 c2 c5 cf 8c   ca cd c5 c0 d9 <BR>de c9  </dl>

puzzles/crypto/160/key

@@ -0,0 +1 @@
+chronic failure

puzzles/crypto/160xor.py

@@ -0,0 +1,16 @@
+#!/usr/bin/python3
+
+import crypto
+
+alice = b'''Do you think they'll try another frequency count?  It might be better if they just looked for patterns.'''
+bob = b'''You'd be amazed at how often this is used in lieu of real crypto.  It's about as effective as a ceasar cypher.  chronic failure'''
+
+key = 0xac
+
+def encode(text):
+    out = bytearray()
+    for t in text:
+        out.append(t ^ key)
+    return bytes(out)
+
+crypto.mkIndex(encode, encode, alice, bob, crypto.hexFormat)

puzzles/crypto/170/index.html

@@ -0,0 +1,2 @@
+<dl><dt>Alice<dd> x_tee tnhpu __our faez_ lrszt<BR>le_ar l_ipa sston p_iyn hcok_<BR>eisel roi__ hnsta _er_n t.iss<BR>tooip elnk_ _i,ts sibit u__os<BR>,sins ltule _iond mid__ y_ern<BR>pcrts ts_ey o__m_ .__s
+<dt>Bob<dd> ontpa ssrco i_iyn torp_ efshr<BR>_tonk wett_ _ihhw _eett ax_dn<BR>rea_g rloib to_n_ _cfsa okir_<BR>aentc ,d_hi _twae o_tsn fmt_r<BR>eied_ _nydt be.kh y__ee in_la<BR>ngdsa gtp_r _t_af eeore andpd<BR>d_nt_ _iuhw __lrs rolto a_dem<BR>nr_xe .rtt_ iigys nf_ni ee_cl<BR> </dl>

puzzles/crypto/170/key

@@ -0,0 +1 @@
+terrifying silence

puzzles/crypto/170transpose.py

@@ -0,0 +1,19 @@
+import crypto
+
+alpha = b'abcdefghiklmnoprstuw'
+
+alice = b'''The next four puzzles are all transposition cyphers like this one.  Transposition, like substition, is still used in modern crypto systems.     '''
+bob = b'''Transposition cyphers often work with the text arranged into blocks of a certain width, often as determined by the key.  Dangling parts are often padded with nulls or random text. terrifying silence  '''
+alice = alice.replace(b' ', b'_').lower()
+bob = bob.replace(b' ', b'_').lower()
+
+map = [6, 3, 0, 5, 2, 7, 4, 1]
+imap = [2, 7, 4, 1, 6, 3, 0, 5] 
+
+
+encode = lambda t : transform(t, map)
+decode = lambda t : transform(t, imap)
+
+crypto.mkIndex(encode, decode, alice, bob, crypto.groups)
+
+

puzzles/crypto/180/index.html

@@ -0,0 +1,3 @@
+b"t_iwey_6hf_ussre'd_sysuysoshfsan_3_eonz_t.tr_noiutp_nteo_st0_7_rezmr__ewo_nbihade_ro_i_4.k_xluo_t_etagsoe_apk_nea1__ettecnihg'_p_tnrsr.etesl_5_yh__hg_elrapai__ey_yh_sl2_t_epi_ebyaell_tcac__"
+<dl><dt>Alice<dd> t_iwe y_6hf _ussr e'd_s ysuys<BR>oshfs an_3_ eonz_ t.tr_ noiut<BR>p_nte o_st0 _7_re zmr__ ewo_n<BR>bihad e_ro_ i_4.k _xluo _t_et<BR>agsoe _apk_ nea1_ _ette cnihg<BR>'_p_t nrsr. etesl _5_yh __hg_<BR>elrap ai__e y_yh_ sl2_t _epi_<BR>ebyae ll_tc ac__
+<dt>Bob<dd> it_tt e_t_i toti_ etz_e _hm_h<BR>_ahgt __hl_ yhztn taeue blmu_<BR>bhelt _ilht atas_ ag.ew ean_h<BR>fseie k_nes so_so _r,ie o__sn<BR>et_sa ir_sn td_t_ rpi_c _oi_m<BR>cii_' o_w?k _usse  </dl>

puzzles/crypto/180/key

@@ -0,0 +1 @@
+The key for this puzzle is this sentence

puzzles/crypto/180rotate.py

@@ -0,0 +1,47 @@
+import crypto
+
+import itertools
+
+width = 7
+
+alice = b'''The key for this one was essentially 0 1 2 3 4 5 6 7.  The key for the next puzzle is much stronger.  I bet they're glad we're not also applying a substitution cypher as a secondary step.  '''
+bob =   b'''I take that to mean it uses the same basic algorithm.  I guess it won't be too hard then, will it?  The key for this puzzle is this sentence'''
+alice = alice.lower().replace(b' ', b'_')
+bob = bob.lower().replace(b' ', b'_')
+
+def rotate(text):
+    out = bytearray()
+    assert len(text) % width == 0, 'At %d of %d.' % (len(text) % width, width)
+
+    slices = [bytearray(text[i:i+width]) for i in range(0, len(text), width)]
+    nextSlice = slices.pop(0)
+    while len(out) < len(text):
+        if nextSlice:
+            out.append(nextSlice.pop(0))
+        slices.append(nextSlice)
+        nextSlice = slices.pop(0)
+
+    return bytes(out)
+
+def unrotate(text):
+    out = bytearray()
+    assert len(text) % width == 0
+    
+    slices = []
+    for i in range(len(text) // width):
+        slices.append([])
+
+    inText = bytearray(text)
+    while inText:
+        slice = slices.pop(0)
+        slice.append(inText.pop(0))
+        slices.append(slice)
+
+    for slice in slices:
+        out.extend(slice)
+
+    return bytes(out)
+
+print(rotate(alice))
+
+crypto.mkIndex(rotate, unrotate, alice, bob, crypto.groups)

puzzles/crypto/190/index.html

@@ -0,0 +1,2 @@
+<dl><dt>Alice<dd> e_mse o_rtt pii'i n_dru ueu._<BR>ieron niosn i,ot_ nuvi_ toowd<BR>_idcg o__st _nhae legoh lnfdh<BR>rceir tiasn d_koo efe_s ii_to<BR>__dp_ hroo_ tnyw_ _rt_t 
+<dt>Bob<dd> 'slu_ cnnmo eeq_b gutnn tptn_<BR>st_s_ sodsp ioyr; __r_r fmssl<BR>oiss. aiimn abato ebify t_nso<BR>i_til wamio asnte ensfn necoh<BR>on_tt _shtc na_ol ssloi talrf<BR>_io__ hti.m nsioo i_uor ni)is<BR>_n_u_ c_rgy utto_ o__ia ftase<BR>tt_ro h_c__ hmton _ehec nasta<BR>__rt( rooai ha'fo il_tp yao_e<BR>dacai imnpb _iaft tsiye toa_a<BR>fscu_ i_bu_ ghea_ tpisf thnii<BR>rpfpa _wtyg i_utt _ro_i _tcna<BR> </dl>

puzzles/crypto/190rotate.py

@@ -0,0 +1,42 @@
+import crypto
+
+import itertools
+
+width = 5
+
+alice = b'''If we did the morris code encoding prior to this transposition, I don't think anyone would ever figure out the solution.'''
+bob =   b'''That's basically true of the combination of many of these techniques.  Combining a substitution along with a permutation (or transposition) satisfies the Shannon's diffusion principle of cryptography; you want to try to get rid of as much statistical information as possible.  statistical information'''
+alice = alice.lower().replace(b' ', b'_')
+bob = bob.lower().replace(b' ', b'_')
+
+key = [4,2,3,1,0]
+
+def rotate(text):
+    out = bytearray()
+    assert len(text) % width == 0, 'At %d of %d.' % (len(text) % width, width)
+
+    slices = [bytearray(text[i:i+width]) for i in range(0, len(text), width)]
+    for i in range(width):
+        for slice in slices:
+            out.append(slice[key[i]])
+
+    return bytes(out)
+
+def unrotate(text):
+    out = bytearray()
+    assert len(text) % width == 0
+    
+    # Make column slices, and rearrange them according to the key.
+    size = len(text) // width
+    tSlices = [bytearray(text[i*size:i*size+size]) for i in range(width)]
+    slices = [None] * width
+    for i in range(width):
+        slices[key[i]] = tSlices[i]
+
+    while len(out) < len(text):
+        for i in range(5):
+            out.append(slices[i].pop(0))
+
+    return bytes(out)
+
+crypto.mkIndex(rotate, unrotate, alice, bob, crypto.groups)

puzzles/crypto/200/key

@@ -0,0 +1 @@
+the squirrels crow at noon

puzzles/crypto/200cbc.py

@@ -0,0 +1,16 @@
+
+import cbc, crypto
+
+alice = b"""Do you think they've figured out that this was encrypted using cipher block chaining with a cipher of C(key, text) = text?  If they somehow stumbled across the solution with knowing what it was, the next three will be hard.  """
+bob = b"""Well, either way, we might as well let them know that the next three puzzles all uses CBC, but with progressively more difficult cipher functions.  the squirrels crow at noon """
+
+def C(text, key):
+    return text
+
+IV = b'ahiru'
+key = None
+
+encode = lambda t : cbc.cipherBlockChainingE(key, IV, C, t)
+decode = lambda t : cbc.cipherBlockChainingD(key, IV, C, t)
+
+crypto.mkIndex(encode, decode, alice, bob, crypto.hexFormat)

puzzles/crypto/210/key

@@ -0,0 +1 @@
+The Colour Out of Space

puzzles/crypto/210cbc.py

@@ -0,0 +1,20 @@
+
+import cbc, crypto
+
+alice = b"""I'd say this was easy, but we didn't give them the key, did we? I'm adding some text to give them something to work with: Commencing his descent of the dark stairs, Ammi heard a thud below him. He even thought a scream had been suddenly choked off, and recalled nervously the clammy vapour which had brushed by him in that frightful room above. What presence had his cry and entry started up? Halted by some vague fear, he heard still further sounds below. Indubitably there was a sort of heavy dragging, and a most detestably sticky noise as of some fiendish and unclean species of suction. With an associative sense goaded to feverish heights, he thought unaccountably of what he had seen upstairs. Good God! What eldritch dream-world was this into which he had blundered? He dared move neither backward nor forward, but stood there trembling at the black curve of the boxed-in staircase. Every trifle of the scene burned itself into his brain. The sounds, the sense of dread expectancy, the darkness, the steepness of the narrow steps-and merciful heaven! . . . the faint but unmistakable luminosity of all the woodwork in sight; steps, sides, exposed laths, and beams alike!  """
+bob = b"""No, and they\'ll have to figure out the key for the next one too.  Here\'s some Lovecraft: "Nothin\' . . . nothin\' . . . the colour . . . it burns . . . cold an\' wet . . . but it burns . . . it lived in the well . . . I seen it . . . a kind o\' smoke . . . jest like the flowers last spring . . . the well shone at night . . . Thad an\' Mernie an\' Zenas . . . everything alive . . . suckin\' the life out of everything . . . in that stone . . . it must a\' come in that stone . . . pizened the whole place . . . dun\'t know what it wants . . . that round thing them men from the college dug outen the stone . . . they smashed it . . . it was that same colour . . . jest the same, like the flowers an\' plants . . . must a\' ben more of \'em . . . seeds . . . seeds . . . they growed . . . I seen it the fust time this week . . . must a\' got strong on Zenas . . . he was a big boy, full o\' life . . . it beats down your mind an\' then gits ye . . . burns ye up . . . in the well water . . . you was right about that . . . evil water . . . Zenas never come back from the well . . . can\'t git away . . . draws ye . . . ye know summ\'at\'s comin\', but \'tain\'t no use . . . I seen it time an\' agin senct Zenas was took . . . whar\'s Nabby, Ammi? . . . my head\'s no good . . . dun\'t know how long senct I fed her . . . it\'ll git her ef we ain\'t keerful . . . jest a colour . . . her face is gettin\' to hev that colour sometimes towards night . . . an\' it burns an\' sucks . . . it come from some place whar things ain\'t as they is here . . . one o\' them professors said so . . . he was right . . . look out, Ammi, it\'ll do suthin\' more . . . sucks the life out. . . ." The Colour Out of Space"""
+
+def C(text, key):
+    out = bytearray()
+    for i in range(len(text)):
+        out.append( text[i] ^ key[i] )
+
+    return bytes(out)
+
+IV = b'ahiru'
+key = b'color'
+
+encode = lambda t : cbc.cipherBlockChainingE(key, IV, C, t)
+decode = lambda t : cbc.cipherBlockChainingD(key, IV, C, t)
+
+crypto.mkIndex(encode, decode, alice, bob, crypto.hexFormat)

puzzles/crypto/220/index.html

@@ -0,0 +1,2 @@
+<dl><dt>Alice<dd> 1c 1e 38 7 52  4f 72 72 71 2b  18 58 6 52 4  74 65 6c 78 37  16 53 18 c 1d <BR>6c 6e 36 3a 2b  5f 4f 4c 5 54  2a 27 7f 20 25  18 43 47 52 0  67 73 77 31 27 <BR>18 45 47 7 11  33 7d 7d 65 66  13 46 58 14 2  37 76 72 24 61  1d 41 17 1e 53 <BR>64 73 78 20 67  58 e b 1 44  62 31 3e 68 62  1e a e 45 1c  6b 6c 7b 79 65 <BR>1 0 1e 16 15  7f 70 72 20 64  17 13 5f 7 0  2d 20 72 34 62  19 c 40 41 5d <BR>34 38 7e 2c 29  c 5d 59 18 4d  2b 39 64 38 38  a 4b 43 58 18  35 76 65 27 31 <BR>11 54 52 56 4f  72 18 7c 7a 76  a 56 17 3f 1f  7e 7b 7e 24 5a  1b 36 5e 9 45 <BR>7e 24 77 4f 61  57 e c 40 3b  6d 5e 77 63 2b  1f 46 4d 2a 6  22 72 3f 35 a <BR>4b 73 4a 13 15  6a 7a 24 6 77  50 1f 4 5d 26  61 52 31 69 7d  57 11 e 72 6 <BR>79 75 3b 7e 52  5e 21 16 18 5e  75 38 2e 44 71  e 19 1c 5b 30  7d 10 7c 7c 3f <BR>5c 50 12 76 10  71 64 3b 39 56  5c 22 1e 44 5c  71 28 7c 56 64  5c b 19 4d 35 <BR>7c 41 2e 79 2e  40 59 5c 20 a  67 73 25 2b 0  5 75 8 6 41  28 20 76 1 6e <BR>56 1 5e 45 75  2b f 76 71 3f  56 4a 47 6a 1e  33 7b 22 6a 2  47 6a 13 16 9 <BR>7a 64 26 4 65  48 a 5a d 72  3f 5c 24 7c 69  
+<dt>Bob<dd> c 1b 35 0 52  41 31 69 63 20  19 4f 33 48 17  46 74 39 29 26  56 6 32 1d 47 <BR>12 28 3f 75 6e  4b 7 7f 4d 1d  5f 74 25 60 3e  49 12 32 4 5  47 25 69 70 70 <BR>1e 50 29 40 5e  4c 3b 3e 18 32  56 44 60 1b 79  13 14 33 64 74  5e 6 76 34 b <BR>3a 7d 3b 26 5b  49 3d 5f 1e 47  3e 26 3d 1d 79  7 38 57 48 3d  3e 4e 6a 55 68 <BR>1d c 56 2b 30  3e 5d 3d 78 4e  55 6e 1e 29 1d  7d 3d 37 f 42  58 62 19 52 7d <BR>7d 9 39 c 72  19 13 15 6c 7c  35 c 6d 7b 19  5 76 15 78 9  7d 7d 70 11 58 <BR>50 31 15 18 77  71 57 35 5d 6b  15 3 5 38 29  71 47 70 23 5d  13 38 5c 26 51 <BR>3d 25 33 48 55  56 75 48 57 66  2d 46 2 1d 2e  6e 4b 5a 27 76  3b 12 a 6b 49 <BR>7e 24 1b 61 1e  7e 3e 1c 48 5  3c 6b 1f 4d 21  3f 53 1c a 29  71 9 5a 32 26 <BR>3e 42 10 67 12  30 7d 57 26 9  33 7b 44 5d 47  28 28 56 5b 32  34 51 43 8 3a <BR>37 56 5f 71 61  2b 4 5b 76 19  2c 6b 52 24 13  34 61 49 4b 45  3e 3c 14 0 2a <BR>7a 5e 1e 53 20  3e 49 12 3b 3b  32 49 59 21 5c  37 72 5d 3c 45  35 3c 17 26 59 <BR>72 3c 15 4b 54  79 30 52 5b 2a  34 5e 59 5f 7b  79 1a 5c 3b 2f  70 49 d 72 1b <BR>2d 73 1f 3b 6  3f 69 48 a 58  2c 36 4a 5 2a  6a 4b 43 42 6d  63 2 1c 2e 25 <BR>3c 4d d 67 5a  6b 35 59 6d 15  79 74 5 41 1a  25 63 0 58 23  68 57 5 17 39 <BR>60 55 48 20 7b  1 5b 4e 75 54  3d 36 76 3a 55  56 3b 5c 52 5f  3b 7f 39 4e 3a <BR>4a 53 4b 1e 3d  6b 55 24 34 6a  43 5 e 75 58  60 78 34 6c 12  46 32 2 19 2 <BR>66 71 27 5c 39  43 15 e 14 2f  60 f 63 74 70  c 15 14 67 7  7c 69 2c 66 e <BR>4b 61 15 7 46  7d 34 39 2 66  4d 3 19 14 70  39 19 28 70 63  8 b 4d 71 4 <BR>3f 63 6d 62 51  1f 34 51 2 e  71 67 7b 18 64  1f 17 14 9 71  77 1f 77 37 66 <BR>2 15 3 70 45  61 31 39 35 5  51 6b 41 45 54  29 35 3a 4b 20  54 54 5f 50 6b <BR>7f 19 3c 31 32  5f 57 1e 77 59  7a 3d 2c 77 1e  44 77 5a 49 12  2d 60 36 57 26 <BR>16 51 5e 14 23  2a 4d 7f 22 7d  17 1a 4d 6d 4b  38 65 7f 3a 1d  17 3d 18 31 5f <BR>77 7f 7a 52 5f  14 7f 0 1a 26  64 54 61 11 7f  e 1a 44 27 7c  21 5 2e 6c 55 <BR>42 36 1 67 d  62 62 29 16 b  5a 6a 17 6 36  63 53 29 4a 6e  4a 1 1a 73 38 <BR>7f 18 39 72 17  5c 65 b 70 52  7f 31 29 16 19  5b 7d 5f 53 7f  7f 9 3c 18 3c <BR>1c 54 1a 7b 5b  77 35 7d 24 1a  5d 68 50 46 66  3b 46 32 7 6a  56 3 5a 28 27 <BR>2d 54 22 23 49  4e 27 d 36 4a  6a 25 2a 7 44  44 64 1a 4c 60  75 40 22 16 21 <BR>47 44 1 28 64  6e 10 67 30 8  47 78 6 75 5f  26 3a 22 16 18  4d 6b 47 5e 61 <BR>28 4 63 4b 2e  e 4f 46 24 2e  31 e 6a 20 57   </dl>

puzzles/crypto/220/key

@@ -0,0 +1 @@
+open meadows

puzzles/crypto/220cbc.py

@@ -0,0 +1,15 @@
+
+import cbc, crypto
+from transform import transform
+
+alice = b"""You know, I just realized it's kind of smug for us to be talking about how easy or difficult these puzzles are we we're making them rather than solving them.  We've tried really hard to make them so that you don't have to follow some specific thread of logic to get to the correct answer; you just have to puzzle out the mechanism involved."""
+bob = b"""The next crypto function is something simple, but new.  Here, have some more Lovecraft again: Ammi shewed them the back door and the path up through the fields to the ten-acre pasture. They walked and stumbled as in a dream, and did not dare look back till they were far away on the high ground. They were glad of the path, for they could not have gone the front way, by that well. It was bad enough passing the glowing barn and sheds, and those shining orchard trees with their gnarled, fiendish contours; but thank heaven the branches did their worst twisting high up. The moon went under some very black clouds as they crossed the rustic bridge over Chapman's Brook, and it was blind groping from there to the open meadows. open meadows """ 
+
+IV = b'ahiru'
+keyE = [2, 4, 0, 1, 3]
+keyD = [2, 3, 0, 4, 1]
+
+encode = lambda t : cbc.cipherBlockChainingE(keyE, IV, transform, t)
+decode = lambda t : cbc.cipherBlockChainingD(keyD, IV, transform, t)
+
+crypto.mkIndex(encode, decode, alice, bob, crypto.hexFormat)

puzzles/crypto/230/key

@@ -0,0 +1 @@
+quavering tendrils

puzzles/crypto/230cbc.py

@@ -0,0 +1,38 @@
+
+import cbc, crypto
+import diffie
+
+alice = """Lets do a diffie hellman key exchange, Bob.  The next puzzle will be encrypted using CBC and sha512(<name>.<key>) ^ text as the cipher function, 
+and an IV of 0xaa 64 times. The prime is: %d, mod: %d, and I chose %d.  Also, have some more Lovecraft: Too awed even to hint theories, the seven shaking men trudged back toward Arkham by the north road. Ammi was worse than his fellows, and begged them to see him inside his own kitchen, instead of keeping straight on to town. He did not wish to cross the nighted, wind-whipped woods alone to his home on the main road. For he had had an added shock that the others were spared, and was crushed forever with a brooding fear he dared not even mention for many years to come. As the rest of the watchers on that tempestuous hill had stolidly set their faces toward the road, Ammi had looked back an instant at the shadowed valley of desolation so lately sheltering his ill-starred friend. And from that stricken, far-away spot he had seen something feebly rise, only to sink down again upon the place from which the great shapeless horror had shot into the sky. It was just a colour—but not any colour of our earth or heavens. And because Ammi recognised that colour, and knew that this last faint remnant must still lurk down there in the well, he has never been quite right since. """ % \
+(diffie.prime, diffie.mod, diffie.a)
+bob = """Umm, ok.  You'll need this: %d. The key this time is 'quavering tendrils'.  Some more text to decode:  West of Arkham the hills rise wild, and there are valleys with deep woods that no axe has ever cut. There are dark narrow glens where the trees slope fantastically, and where thin brooklets trickle without ever having caught the glint of sunlight. On the gentler slopes there are farms, ancient and rocky, with squat, moss-coated cottages brooding eternally over old New England secrets in the lee of great ledges; but these are all vacant now, the wide chimneys crumbling and the shingled sides bulging perilously beneath low gambrel roofs.
+The old folk have gone away, and foreigners do not like to live there. French-Canadians have tried it, Italians have tried it, and the Poles have come and departed. It is not because of anything that can be seen or heard or handled, but because of something that is imagined. The place is not good for the imagination, and does not bring restful dreams at night. It must be this which keeps the foreigners away, for old Ammi Pierce has never told them of anything he recalls from the strange days. Ammi, whose head has been a little queer for years, is the only one who still remains, or who ever talks of the strange days; and he dares to do this because his house is so near the open fields and the travelled roads around Arkham.
+There was once a road over the hills and through the valleys, that ran straight where the blasted heath is now; but people ceased to use it and a new road was laid curving far toward the south. Traces of the old one can still be found amidst the weeds of a returning wilderness, and some of them will doubtless linger even when half the hollows are flooded for the new reservoir. Then the dark woods will be cut down and the blasted heath will slumber far below blue waters whose surface will mirror the sky and ripple in the sun. And the secrets of the strange days will be one with the deep’s secrets; one with the hidden lore of old ocean, and all the mystery of primal earth. 
+When I went into the hills and vales to survey for the new reservoir they told me the place was evil. They told me this in Arkham, and because that is a very old town full of witch legends I thought the evil must be something which grandams had whispered to children through centuries. The name “blasted heath” seemed to me very odd and theatrical, and I wondered how it had come into the folklore of a Puritan people. Then I saw that dark westward tangle of glens and slopes for myself, and ceased to wonder at anything besides its own elder mystery. It was morning when I saw it, but shadow lurked always there. The trees grew too thickly, and their trunks were too big for any healthy New England wood. There was too much silence in the dim alleys between them, and the floor was too soft with the dank moss and mattings of infinite years of decay. """ % \
+(diffie.B,)
+
+alice = crypto.strip(alice)
+bob = crypto.strip(bob)
+
+def Ce(text, key):
+    out = bytearray()
+    for i in range(len(text)):
+        out.append( ( (text[i] + key[i]) % 256) ^ key[i] )
+
+    return bytes(out)
+
+def Cd(text, key):
+    out = bytearray()
+    for i in range(len(text)):
+        out.append( ( (text[i] ^ key[i]) - key[i]) % 256 )
+
+    return bytes(out)
+
+IV = b'ahiru'
+key = b'space'
+
+encode = lambda t : cbc.cipherBlockChainingE(key, IV, Ce, t)
+decode = lambda t : cbc.cipherBlockChainingD(key, IV, Cd, t)
+
+if __name__ == '__main__':
+    crypto.mkIndex(encode, decode, alice, bob, crypto.hexFormat)

puzzles/crypto/240/index.html

@@ -0,0 +1,2 @@
+<dl><dt>Alice<dd> e3 75 ff 47 8e  96 a3 b 46 47  76 af a9 4 d6  13 99 65 79 d7  bd 3f 3a 5e f1 <BR>c4 29 f5 c 45  74 77 b6 84 4c  dd 9 38 9c f6  bf a6 d6 ef 11  b5 22 b7 f7 b7 <BR>2 65 6b 84 7  3e 76 68 e3 d6  9b 3e 8a 95 92  a1 e6 a6 f9 a0  e4 ae aa a8 ab <BR>bd ef fe b3 b2  b5 f0 b6 ae ee  f0 e5 c3 ed ab  e1 ef ee de b6  a0 f3 ec a2 a2 <BR>aa a9 a0 ae aa  f8 fe a8 b7 aa  aa ab bb f8 bb  e2 b1 b0 ed b2  e7 ee f9 b7 ac <BR>a0 bc a4 
+<dt>Bob<dd> bb 29 86 18 a7  e0 a6 33 ec bc  df 73 3e b5 dc  76 66 6d 74 68  30 81 9b 42 a1 <BR>41 ac 3b ee ab  3d ae d4 ae d0  33 d9 11 1 e4  57 3f 61 14 9b  e2 85 f5 89 e0 <BR>cf 94 d8 56 71  a ec 99 7a 5d  4 7e 68 93  </dl>

puzzles/crypto/240/key

@@ -0,0 +1 @@
+in the same vein

puzzles/crypto/240diffie.py

@@ -0,0 +1,25 @@
+import crypto
+import cbc
+import diffie
+import hashlib
+
+IV = [0xaa]*64
+aliceKey = hashlib.sha512(bytes('alice.%d' % diffie.key, 'utf-8')).digest()
+bobKey = hashlib.sha512(bytes('bob.%d' % diffie.key, 'utf-8')).digest()
+
+alice = b"""Only one more puzzle to go.  They'll never get it though, since we use a one time pad. I need to add more text here to pad this."""
+bob = b"""I wouldn't be so sure of that.    The key is:  in the same vein """
+
+def C(text, key):
+    out = bytearray()
+    for i in range( len( text ) ):
+        out.append(key[i] ^ text[i])
+
+    return bytes(out)
+
+c = cbc.cipherBlockChainingE(aliceKey, IV, C, alice)
+print('<dl><dt>Alice<dd>', crypto.hexFormat(c))
+assert cbc.cipherBlockChainingD(aliceKey, IV, C, c) == alice
+c = cbc.cipherBlockChainingE(bobKey, IV, C, bob)
+assert cbc.cipherBlockChainingD(bobKey, IV, C, c) == bob
+print('<dt>Bob<dd>', crypto.hexFormat(c), '</dl>')

puzzles/crypto/400/index.html

@@ -0,0 +1,2 @@
+<dl><dt>Alice<dd> f4 c9 40 41 ac  4b 9c 3f 32 58  2f 70 1c 49 fb  bf a8 56 72 72  2 88 2c 87 cc <BR>d 13 6c 25 d5  da 30 64 dd dd  b8 ba 58 c1 a3  17 26 6d ff 64  62 cb 69 b3 e2 <BR>ae 2d dd 11 2f  a1 5d 79 b6 63  cb 51 5b de 9c  57 20 45 72 7b  f2 35 15 40 60 <BR>8c 45 c9 a6 38  e0 79 7 a4 cc  18 e9 7e eb 4b  38 e2 ed 6b 17  a1 ee fd 69 2a <BR>24 b5 21 be 96  92 d4 f6 5b 40  59 1d b f6 8a  cb dd 6 43 16  6 f ab c8 4 <BR>fc b2 f3 c3 64  11 40 db 9e d6  7 f9 40 17 bd  2 1e cc b2 14  81 6a c1 6b b9 <BR>2c 6c ab 5f 7f  
+<dt>Bob<dd> e9 d5 6 46 ac  52 92 38 32 5d  32 37 59 10 e3  af a8 46 72 6b  18 89 68 c2 c0 <BR>15 13 2f 3d 94  d0 2b 31 9e db  ae ea 5f c1 ef  11 36 37 e4 66  7e 9e 21 99 e3 <BR>a7 6a ce 13 2f  a1 50 74 ae 73  84 5b 41 96 da  1e a 10 76 60  a2 39 5b 19 6e <BR>d9 1 da ba 75  ac 71 1b b5 89  1e a1 7e f3 b  36 ab a3 6b 43  e9 ab fd 23 75 <BR>68 f6 68 b3 c8  dc 81 ae b 18  44 4f 50 eb aa  cb d5 6 4f 16  a 49 b0 d2 41 <BR>df bb 93 cd 7d  d 42 c6 cc 8d  1a b0 f 43 f6  46 52 8d bf 5d  c5 21 8a 22 fa <BR>79 20 ff 6 71   </dl>

puzzles/crypto/400/key

@@ -0,0 +1 @@
+--------========Thanks for Pl@y|ng========--------

puzzles/crypto/400onetimepad.py

@@ -0,0 +1,23 @@
+import crypto
+import random
+
+def mkPad(length):
+    pad = bytearray()
+    for i in range(length):
+        pad.append( random.randint(0,255) )
+    return bytes(pad)
+
+alice = b'That was it, you solved the last crypto puzzle! Congratulations.  I hope you realize that, in the grand scheme of things, these were of trivial difficulty.'
+bob =   b"It's not like we could expect you to solve anything actually difficult in a day, after all.       --------========Thanks for Pl@y|ng========--------       "
+
+assert len(alice) == len(bob)
+key = mkPad(len(alice))
+
+def encode(text):
+    out = bytearray()
+    for i in range(len(text)):
+        out.append(key[i] ^ text[i])
+    return bytes(out)
+
+crypto.mkIndex(encode, encode, alice, bob, crypto.hexFormat)
+    

puzzles/crypto/cbc.py

@@ -0,0 +1,52 @@
+
+def cipherBlockChainingE(key, IV, C, text):
+    """Cypher block chaining encryption.  Works in blocks the size of IV.
+@param key: the key for the Cipher.  
+@param IV: initialization vector (bytes object).
+@param C: the cypher function C(text, key). 
+@param text: A bytes object of the text. The length of the text
+                  must be a multiple of the length of the IV.
+"""
+    mod = len(text) % len(IV)
+    assert mod == 0, 'The text length needs to be a multiple of the key '\
+           'length.  %d of %d' % (mod, len(IV))
+   
+    feedback = IV
+    block = len(IV)
+    out = bytearray()
+    while text:
+        p, text = text[:block], text[block:]
+
+        c = bytearray(block)
+        for i in range(block):
+            c[i] = p[i] ^ feedback[i]
+
+        c2 = C(c, key)
+        out.extend(c2)
+        feedback = c2
+
+    return bytes(out)
+
+def cipherBlockChainingD(key, IV, C, text):
+    """Cipher block chaining decryption.  Arguments are the same as for the 
+encrypting function."""
+    mod = len(text) % len(IV)
+    assert mod == 0, 'The text length needs to be a multiple of the IV '\
+           'length.  %d of %d' % (mod, len(IV))
+   
+    feedback = IV
+    block = len(IV)
+    out = bytearray()
+    while text:
+        c, text = text[:block], text[block:]
+
+        p = C(c, key)
+        p = bytearray(p)
+        for i in range(block):
+            p[i] = p[i] ^ feedback[i]
+
+        out.extend(p)
+        feedback = c
+
+    return bytes(out)
+   

puzzles/crypto/crypto.py

@@ -0,0 +1,46 @@
+def mkIndex(encode, decode, alice, bob, 
+            format=lambda s: str(s, 'utf-8')):
+    """Write out the index.html contents.
+@param encode: function to encrypt the plaintext
+@param decode: function to decrypt the plaintext
+@param alice: plaintext of alice line
+@param bob: plaintext of bob line
+@param format: formatter for the cypher text, run out output of encode before
+               printing. Does string conversion by default."""
+    c = encode(alice)
+    print('<dl><dt>Alice<dd>', format(c))
+    assert decode(c) == alice
+    c = encode(bob)
+    print('<dt>Bob<dd>', format(c), '</dl>')
+    assert decode(c) == bob
+
+def hexFormat(text):
+    return groups(text, 5, '{0:x} ')
+
+def groups(text, perLine=5, format='{0:c}'):
+    i = 0
+    out = []
+    while i < len(text):
+        out.append(format.format(text[i]))
+        
+        if i % (perLine*5) == (perLine * 5 - 1):
+            out.append('<BR>')
+        elif i % 5 == 4:
+            out.append(' ')
+
+        i = i + 1
+
+    return ''.join(out)
+   
+def strip(text):
+    """Strip any unicode from the given text, and return it as a bytes 
+    object."""
+
+    b = bytearray()
+    for t in text:
+        if ord(t) > 255:
+            t = ' '
+
+        b.append(ord(t))
+
+    return bytes(b)

puzzles/crypto/diffie.py

@@ -0,0 +1,8 @@
+prime = 51237129793
+mod = 321454621
+a = 341
+A = prime ** a % mod
+b = 573
+B = prime ** b % mod
+key = A**b % mod
+assert B**a % mod == key, 'Bad diffie math.'

puzzles/crypto/transform.py

@@ -0,0 +1,13 @@
+def transform(text, map):
+    size = len(map)
+    div = len(text) % size
+    assert div == 0, 'Text must be a multiple of the key size in length. '\
+                     'At %d out of %d' % (div, size)
+
+    out = bytearray()
+    i = 0
+    while i < len(text):
+        for j in range(size):
+            out.append( text[i + map[j]] )
+        i = i+size
+    return bytes(out)

puzzles/forensics/forensic100/index.html

@@ -0,0 +1,13 @@
+<HTML>
+<HEAD>
+<TITLE>Forensic 100</TITLE>
+</HEAD>
+<BODY>The FBI has asked for your team's assistance in conducting a forensic analysis of a seized hacker's drive.
+The FBI tells you that the suspect is a known terrorist and may be using encryption on his disk.
+They have put their best agent on the job, but he has been unsuccessful in mounting and analyzing the drive on
+their forensic tool. Where do you tell Special Agent Dumas to begin looking to determine what type of filesystem
+is being used and whether disk encryption may be employed?
+<p>
+Enter the key in all lower case letters
+</BODY>
+</HTML>

puzzles/forensics/forensic100/key

@@ -0,0 +1 @@
+master boot record

puzzles/forensics/forensic150/index.html

@@ -0,0 +1,11 @@
+<HTML>
+<HEAD>
+<TITLE>Forensic 150</TITLE>
+</HEAD>
+<BODY>Special Agent Dumas has looked for the structure you told him but can't find it.  He thinks the
+subject has taken evasive measures to hide the data on his drive.  What signature should he look for to
+identify the structure?
+<p>
+Enter the key as a set of hex characters. (E.g. 0xde 0xad 0xbe 0xef)
+</BODY>
+</HTML>

puzzles/forensics/forensic150/key

@@ -0,0 +1 @@
+0x55 0xaa

puzzles/forensics/forensic200/index.html

@@ -0,0 +1,13 @@
+<HTML>
+<HEAD>
+<TITLE>Forensic 200</TITLE>
+</HEAD>
+<BODY>Special Agent Dumas is still stumped.  He has looked where you told him but is unable to decipher
+what filesystem is on the disk.  He has extracted the portion of the disk you pointed him to and has
+<BR>
+<P>
+<a href="eff21d462a07b09b0cb34f9255baa768">eff21d462a07b09b0cb34f9255baa768</a>
+<p>
+Provide the answer in all capital letters
+</BODY>
+</HTML>

puzzles/forensics/forensic200/key.txt

@@ -0,0 +1 @@
+NTFS

puzzles/forensics/forensic300/index.html

@@ -0,0 +1,11 @@
+<HTML>
+<HEAD>
+<TITLE>Forensic 300</TITLE>
+</HEAD>
+<BODY>
+Special Agent Dumas really appreciates your team's assistance.  If you can just tell him the cylinder:head:sector
+of the partition you identified for him, he thinks he can get started in analyzing this disk.
+<P>
+<a href="eff21d462a07b09b0cb34f9255baa768">eff21d462a07b09b0cb34f9255baa768</a>
+</BODY>
+</HTML>

puzzles/forensics/forensic300/key

@@ -0,0 +1 @@
+0:32:33

puzzles/forensics/forensic350/index.html

@@ -0,0 +1,12 @@
+<HTML>
+<HEAD>
+<TITLE>Forensic 350</TITLE>
+</HEAD>
+<BODY>
+Special Agent Dumas is really grateful you were able to provide him the Cylinder:Head:Sector of the partition
+but he just realized that his forensic tool requires a LBA instead of C:H:S.  Please give SA Dumas the
+information he needs.
+<P>
+<a href="eff21d462a07b09b0cb34f9255baa768">eff21d462a07b09b0cb34f9255baa768</a>
+</BODY>
+</HTML>

puzzles/forensics/forensic350/key

@@ -0,0 +1 @@
+2048

puzzles/pcrap/20/index.html

@@ -0,0 +1,4 @@
+<a href="1.pcap">Data</a>
+<pre>
+Protocol: _
+</pre>

puzzles/pcrap/20/key

@@ -0,0 +1 @@
+http

puzzles/pcrap/200/index.html

@@ -0,0 +1,4 @@
+<a href="1.pcap">Data</a>
+<pre>
+_ amongst _
+</pre>

puzzles/pcrap/200/key

@@ -0,0 +1 @@
+domo pumpkins

puzzles/pcrap/800/index.html

@@ -0,0 +1,4 @@
+<a href="1.pcap">Data</a>
+<pre>
+_ amongst _
+</pre>

puzzles/pcrap/800/key

@@ -0,0 +1 @@
+domo lettuce

puzzles/webapp/10/,ctf.css

@@ -3,7 +3,7 @@ html,body {
 	min-height: 100%;
 	background-color: #000000;
 	background-image: url(",binary.png");
-	background-repeat: repeat-x repeat-y;
+	background-repeat: repeat;
 	margin: 0;
 	padding: 0;
 }
@@ -52,3 +52,11 @@ h1,h2,h3,h4 {
 	margin: 2em auto 2em auto;
 	border-bottom: 1px dotted #222;
 }
+
+.error {
+	padding: 1em;
+	background: #fff;
+	color: red;
+	border: 1px solid red;
+	font-weight: bold;
+}

puzzles/webapp/50/,binary,png

@@ -0,0 +1 @@
+../10/,binary.png

puzzles/webapp/50/,ctf.css

@@ -0,0 +1 @@
+../10/,ctf.css

puzzles/webapp/50/5.cgi

@@ -0,0 +1,89 @@
+#!/usr/bin/python
+
+import os
+import cgi
+import cgitb
+cgitb.enable(context=10)
+
+if os.environ.has_key('QUERY_STRING'):
+	os.environ['QUERY_STRING'] = ''
+
+fields = cgi.FieldStorage()
+
+print 'Content-Type: text/html'
+print ''
+
+print '''
+<html>
+	<head>
+		<title>5</title>
+		<link rel="stylesheet" type="text/css" href=",ctf.css" media="all" />
+	</head>
+	<body>
+		<div id="wrapper">
+			<div id="content">
+				<h1>Web Application Challenge 5</h1>
+				<p>Through some manipulation or interpretation of this CGI script 
+				and the HTML page(s) that it generates, a 10 character key can be 
+				found.</p>
+				<p><strong>Find the key!</strong></p>
+
+				<div class="vertsep"></div>
+'''
+
+PRODUCT_NAME = "Alex Brugh"
+QUANT_LIMIT = 1
+
+def purchase_success(quantity):
+	print '''
+				<p>Congratulations, your order for %d "%s" has been placed.</p>
+	''' % (quantity, PRODUCT_NAME)
+
+class InvalidQuantityError(Exception):
+	def __init__(self, value):
+		self.value = value
+	def __str__(self):
+		return repr(self.value)
+
+quantity = None
+if fields.has_key('quantity') and fields.has_key('product') and fields['product'].value == PRODUCT_NAME:
+	product = fields['product'].value
+	try:
+		quantity = int(fields['quantity'].value)
+		if quantity > QUANT_LIMIT:
+			# key = eVkIwHzOok 
+			raise InvalidQuantityError("%d is not a valid quantity (limit %d)" % (quantity, QUANT_LIMIT))
+	except ValueError:
+		print '''
+				<p class="error">There was an error with your order request. Sorry.</p>
+		'''
+		quantity = None
+	
+if quantity is not None:
+	purchase_success(quantity)
+else:
+	print '''
+
+				<h2>SALE: %s</h2>
+				<p>Use the order form below to place an order.</p>
+
+				<form method="post" action="5.cgi">
+					<em>Orders for "%s" are limited to 1 per customer.</em>
+					<br /><br />
+					<input type="submit" value="Order!" />
+					<input type="hidden" name="product" value="%s" />
+					<input type="hidden" name="quantity" value="1" />
+				</form>
+	''' % (PRODUCT_NAME, PRODUCT_NAME, PRODUCT_NAME)
+
+print '''
+
+			</div>
+			<div id="footer">
+				<p>Copyright &copy; 2009 LANS, LLC.</p>
+			</div>
+		</div>
+	</body>
+</html>
+'''
+

puzzles/webapp/50/key

@@ -0,0 +1 @@
+eVkIwHzOok

puzzles/webapp/60/,binary.png

@@ -0,0 +1 @@
+../10/,binary.png

puzzles/webapp/60/,ctf.css

@@ -0,0 +1 @@
+../10/,ctf.css

puzzles/webapp/60/6.cgi

@@ -0,0 +1,72 @@
+#!/usr/bin/python
+
+import os
+import cgi
+import cgitb
+cgitb.enable(context=10)
+
+#if os.environ.has_key('QUERY_STRING'):
+#	os.environ['QUERY_STRING'] = ''
+
+fields = cgi.FieldStorage()
+
+import Cookie
+c = Cookie.SimpleCookie()
+c['key'] = 'QJebByJaKX'
+c['content'] = '<p><em>Maybe I should have used sessions...</em></p>'
+
+print 'Content-Type: text/html\n%s\n\n\n' % c
+print ''
+
+print '''
+<html>
+	<head>
+		<title>6</title>
+		<link rel="stylesheet" type="text/css" href=",ctf.css" media="all" />
+		<script type="text/javascript">
+			function readCookie(key) {
+				var s = key + '=';
+				var toks = document.cookie.split(';');
+				for (var i = 0; i < toks.length; i++) {
+					var tok = toks[i];
+					while (tok.charAt(0) == ' ') {
+						tok = tok.substring(1, tok.length);
+					}
+					if (tok.indexOf(s) == 0) {
+						return tok.substring(s.length, tok.length);
+					}
+				}
+				return null;
+			}
+
+			function setContent() {
+				content = readCookie("content");
+				document.getElementById("stuff").innerHTML = content.substring(1, content.length-1);
+			}
+
+			window.onload = setContent;
+		</script>
+	</head>
+	<body>
+		<div id="wrapper">
+			<div id="content">
+				<h1>Web Application Challenge 6</h1>
+				<p>Through some manipulation or interpretation of this CGI script 
+				and the HTML page(s) that it generates, a 10 character key can be 
+				found.</p>
+				<p><strong>Find the key!</strong></p>
+
+				<div class="vertsep"></div>
+				<div id="stuff"></div>
+'''
+
+print '''
+			</div>
+			<div id="footer">
+				<p>Copyright &copy; 2009 LANS, LLC.</p>
+			</div>
+		</div>
+	</body>
+</html>
+'''
+

puzzles/webapp/60/key

@@ -0,0 +1 @@
+QJebByJaKX

puzzles/webapp/70/,binary.png

@@ -0,0 +1 @@
+../10/,binary.png

puzzles/webapp/70/,ctf.css

@@ -0,0 +1 @@
+../10/,ctf.css

puzzles/webapp/70/7.cgi

@@ -0,0 +1,86 @@
+#!/usr/bin/python
+
+import os
+import cgi
+import cgitb
+cgitb.enable(context=10)
+
+#if os.environ.has_key('QUERY_STRING'):
+#	os.environ['QUERY_STRING'] = ''
+
+fields = cgi.FieldStorage()
+
+import Cookie
+c = Cookie.SimpleCookie(os.environ.get('HTTP_COOKIE', ''))
+
+content = {
+	'joke1' : '<p>An infinite number of mathematicians walk into a bar. The first one orders a beer. The second orders half a beer. The third, a quarter of a beer. The bartender says <em>You are all idiots!</em> and pours two beers.<p>',
+	'joke2' : '<p>Two atoms are talking. One of them says <em>I think I lost an electron!</em> and the other says <em>Are you sure?</em> The first replies <em>Yeah, I am positive!</em></p>',
+}
+
+if c.has_key('content_name') and c.has_key('content'):
+	k = c['content_name'].value
+	try:
+		c['content'] = content[k]
+	except KeyError:
+		c['content'] = '<p><em>key = s4nNlaMScV</em></p>'
+else:
+	c['content_name'] = 'joke1';
+	c['content'] = content['joke1']
+
+
+print 'Content-Type: text/html\n%s\n\n\n' % c
+print ''
+
+print '''
+<html>
+	<head>
+		<title>7</title>
+		<link rel="stylesheet" type="text/css" href=",ctf.css" media="all" />
+		<script type="text/javascript">
+			function readCookie(key) {
+				var s = key + '=';
+				var toks = document.cookie.split(';');
+				for (var i = 0; i < toks.length; i++) {
+					var tok = toks[i];
+					while (tok.charAt(0) == ' ') {
+						tok = tok.substring(1, tok.length);
+					}
+					if (tok.indexOf(s) == 0) {
+						return tok.substring(s.length, tok.length);
+					}
+				}
+				return null;
+			}
+
+			function getContent() {
+				content = readCookie("content");
+				document.getElementById("stuff").innerHTML = content.substring(1, content.length-1);
+			}
+
+			window.onload = getContent;
+		</script>
+	</head>
+	<body>
+		<div id="wrapper">
+			<div id="content">
+				<h1>Web Application Challenge 7</h1>
+				<p>Through some manipulation or interpretation of this CGI script 
+				and the HTML page(s) that it generates, a 10 character key can be 
+				found.</p>
+				<p><strong>Find the key!</strong></p>
+
+				<div class="vertsep"></div>
+				<div id="stuff"></div>
+'''
+
+print '''
+			</div>
+			<div id="footer">
+				<p>Copyright &copy; 2009 LANS, LLC.</p>
+			</div>
+		</div>
+	</body>
+</html>
+'''
+

puzzles/webapp/70/key

@@ -0,0 +1 @@
+s4nNlaMScV

puzzles/webapp/80/,binary.png

@@ -0,0 +1 @@
+../10/,binary.png

puzzles/webapp/80/,ctf.css

@@ -0,0 +1 @@
+../10/,ctf.css

puzzles/webapp/80/,jokes/bar

@@ -0,0 +1,4 @@
+<p>An unsigned integer walks into a bar and orders a drink.<br />
+The bartender delivers it and says, &quot;Is something wrong?&quot;<br />
+The int looks up and replies, &quot;Parity error.&quot;<br />
+&quot;Ah,&quot; the bartender replies, &quot;I thought you looked a bit off.&quot;</p>

puzzles/webapp/80/,jokes/binary

@@ -0,0 +1,2 @@
+<p>There are 10 types of people in the world: those who understand binary and those who don't.</p>
+

puzzles/webapp/80/,jokes/christmas

@@ -0,0 +1,2 @@
+<p>Why do programmers confuse Halloween and Christmas?<br /><br />
+Because OCT 31 == DEC 25!</p>

puzzles/webapp/80/,jokes/help

@@ -0,0 +1,2 @@
+<p>Once a programmer drowned in the sea. Many people were at the beach at the time,
+but the programmer was shouting &quot;F1! F1!&quot; and nobody understood it.</p>

puzzles/webapp/80/,jokes/java

@@ -0,0 +1,6 @@
+<p>&quot;Knock, Knock.&quot;<br />
+&quot;Who's there?&quot;<br />
+<br />
+... long pause ...<br />
+<br />
+&quot;Java.&quot;</p>

puzzles/webapp/80/,makedb.py

@@ -0,0 +1,45 @@
+#!/usr/bin/env python2.6
+
+import os
+import sys
+import sqlite3
+import base64
+import stat
+
+# new db
+if os.path.exists(',zomg.sqlite3'):
+	os.remove(',zomg.sqlite3')
+db = sqlite3.connect(',zomg.sqlite3')
+cur = db.cursor()
+
+# pics table
+cur.execute('create table pics(id integer primary key, data blob)')
+paths = os.listdir(',pics/')
+for path in paths:
+	f = open(os.path.join(',pics/', path), 'rb')
+	data = f.read()
+	f.close()
+	encoded = base64.encodestring(data)
+	html = '<img src="data:image/jpg;base64,%s"/>' % encoded
+	cur.execute('insert into pics(data) values(?)', (html,))
+
+# jokes table
+cur.execute('create table jokes(id integer primary key, data text)')
+paths = os.listdir(',jokes/')
+for path in paths:
+	f = open(os.path.join(',jokes/', path), 'r')
+	html = f.read()
+	f.close()
+	cur.execute('insert into jokes(data) values(?)', (html,))
+
+# key
+cur.execute('create table key(id integer primary key, data text)')
+for k in [None, None, None, None, None, 'dmW5f9P54e']:
+	cur.execute('insert into key(data) values(?)', (k,))
+
+# clean up
+db.commit()
+cur.close()
+db.close()
+
+os.chmod(',zomg.sqlite3', stat.S_IRUSR | stat.S_IRGRP | stat.S_IROTH)