Amends

  1. forensic

    All our music CDs contain a rootkit software that monitors the keyboard driver to detect what the user is doing with our music. This is a snippet of the rootkit output:

    0x9c 0x23 0xa3 0x14 0x94 0x14 0x94 0x19 0x99 0x2a 0x27 0xa7 0xaa 0x35 0xb5 0x35
0xb5 0x02 0x82 0x0b 0x8b 0x34 0xb4 0x0b 0x8b 0x34 0xb4 0x0b 0x8b 0x34 0xb4 0x0a
0x8a 0x0a 0x8a 0x35 0xb5 0x20 0xa0 0x18 0x98 0x11 0x91 0x31 0xb1 0x26 0xa6 0x18
0x98 0x1e 0x9e 0x20 0xa0 0x35 0xb5 0x30 0xb0 0x17 0x97 0x26 0xa6 0x26 0xa6 0x30
0xb0 0x18 0x98 0x1e 0x9e 0x13 0x93 0x20 0xa0 0x23 0xa3 0x17 0x97 0x14 0x94 0x34
0xb4 0x18 0x98 0x22 0xa2 0x22 0xa2 0x1c 0x9c

    We believe that the user was listening to some music, can you tell us of which singer?

  2. trivia

    We just found the following message on a pirate mailing list:

    jav loS  wej Soch   wa' chorgh cha'  jav wa'

    We believe that it corresponds to a big provider of illegal music

    Can you decode the message and identify the suspect?

  3. reveng

    Provide the right key to get the secret message

    File: key_validator

Copyright

  1. forensic

    We were able to infiltrate one of the machines used to manage the shakedown business and to sniff the following network traffic trace.

    Your task is to analyze the traffic and identify the boss who has the most victims.

    File: traffic918.dump

  2. reveng

    Pac Man, the ever-popular game. You can run this version in a web page or with an applet viewer. However, level 8 contains a surprise.

    Send us the the surprise to pass this challenge.

    File: PacMan.tgz

  3. crypto

    What's the last word in the message?

    File: messimage.png

Petition

  1. trivia

    What's the name of the character who defends hackers in this scene?

    File: hacker_scene__.mp4

  2. reveng

    Return the "Data", followed by the "Secret".

    The Data and the Secret are both printed using this simple Java application.

    File: SecretData.tgz

  3. forensic

    We have recovered the following database file from the hard disk of a suspect. Apparently, the database backed up the MAFIA's wiki site. Your task is to find out the nicknames of the users who performed the last 5 modifications to the wiki.

    Insert your answer as a single string with no spaces. Nicknames should be ordered in the same order of the modifications, starting from the most recent one to the oldest one.

    For example, if the modifications are as follows:

    1 (most recent): a
2: b
3: c
4: d
5 (oldest): e

    the correct answer is "abcde"

    File: trac.db.broken

Shakedown

  1. forensic

    You're on the FBI team investigating MAFIA bosses.

    Our trash-and-garbage unit has just recovered part of a hard disk that was precipitately tossed by one of the mobsters during the latest chase mission.

    Your task is to determine if the hard disk contains the secret key of "shakedowns king", J. Abruzzi, and to upload the key's fingerprint.

    The fingerprint is a 40-character string with no spaces.

    File: abruzzi.hd

  2. trivia

    The Mafia is considering entering in the pizza delivery market.

    What would be a good brand name?

  3. reveng

    We used our contacts at Tony's ISP to examine his e-mail account. In attachment to an interesting e-mail, we found a program that, apparently, is going to be used by mobsters to scramble their messages. The program is somewhat incomplete but we think it contains the secret key used by the re organization. Recover it and upload the key (in hex format).

    File: scrambler

Snitch

  1. reveng

    What is the value of result variable at the end of its computation?

    File: module.pyc

  2. trivia

    Who is this guy?

    guy

  3. crypto

    In /usr/local/.crypto you can find two files.

    The first contains a 32 bytes "plain text" and the second contains a 32 byte "cypher text" obtained applying a double encryption in cascade (i.e., cypher text=E_k2(E_k1(plain text))) with 2 different 16 bytes (128 bit) keys (k1, and k2, in the example above) using the AES algorithm. To simplify the problem, the two keys have a maximum of 2 non-zero bytes.

    In the same directory you can find a library that provides some convenient functions to encrypt and decrypt using AES.

    You are required to retrieve and submit those keys in hexadecimal form with every byte of the key expressed as a two hex digits.

    For example, if k1=0000000000000044000000000000F500 and k2=00BB00C100000000000000000000000, you should submit the concatenation 0000000000000044000000000000F50000BB00C100000000000000000000000

Therapy

  1. trivia

    Find the password that has been typed! No more secrets!

    File: login.mp4

  2. reveng

    There is a DRM-protected backup file under /var/backups named "self".

    The backup is PIN-protected and contains watermarked digital content.

    Find out what the watermark is.

  3. forensic

    Do not trust your eyes.

    In this network dump there is definitely more than a late night IRC talk

    File: night_talk.dump

Wouldyou

  1. trivia

    Would you steal a handbag?

    Would you steal a cell phone?

    Well, tell us what Fredrik is stealing...

  2. reveng

    Get the secret message out of this program.

    File: give_it_to_me

  3. reveng

    The secure copy command in /usr/bin/drmcp allows to copy files only if an authorization file containing the proper key is provided on the command line. You have to provide the bytes that have to be stored in the authorization file to allow the copy of file "foo" into file "bar". The bytes of the authorization key have to be submitted in hexadecimal form, where each byte is separated by a space.

    For example, the right authorization could be: "08 A2 88 90 01 00 00 98" or maybe "13 37 A4 F2".