Hi. Long story short now I am a Senior Web developer :) So as always, here is puzzle/giveaway for you :) I've done similar "puzzles" in the past, just look through my old discussions if you need some help. Or ask here :) JUST BE SURE NOT TO SHARE ANY ANSWERS!!! OR I WILL BLACKLIST YOU :)

I don't want to call it a puzzle cause it's really not, so I will call it a challenge instead. For now there is only one giveaway at the end but I will add more as time goes on :) Giveaways will end on October 1st 12:00 AM UTC+3.

Challenge is simple - giveaway code is inside an archive, you need to find a password. That's it. I made a zip and rar archives, if you want any other archive type to be added like tar or tar.gz for example, I can add them.

Hints (may be updated over time): https://pastebin.com/aEG2QSu6
Answer: rHoBitjgrYrhmduW


Archives: https://mega.nz/folder/O5YClR5C#Ytm3OLO-MUINXSHojEWP0A

First giveaway is level 2. Might do different levels for other giveaways depending on how many people below level 2 would get to the end :)

Mood Music: https://www.youtube.com/watch?v=XKdKU6p78TQ

please bump

I suggest john :)

this will happen just not yet :(

View attached image.
1 month ago*

Comment has been collapsed.

Grats.

1 month ago
Permalink

Comment has been collapsed.

NICE! Congratulation.

Not time for the puzzlechallenge :/ Wishing everyone good luck!

1 month ago*
Permalink

Comment has been collapsed.

too lazy for puzzle, but congratulation for your promotion !

1 month ago
Permalink

Comment has been collapsed.

Gratz :)

1 month ago
Permalink

Comment has been collapsed.

Do we need both the rar and zip?

1 month ago
Permalink

Comment has been collapsed.

nope. only one

1 month ago
Permalink

Comment has been collapsed.

Congrats ozo!

1 month ago
Permalink

Comment has been collapsed.

Congratulations! :)

1 month ago
Permalink

Comment has been collapsed.

Yay, nice! Have a bump!

1 month ago
Permalink

Comment has been collapsed.

Congrats on the promotion!

1 month ago
Permalink

Comment has been collapsed.

Congratulations to that, earned, Promotion :o)

No time anymore for puzzles or challenges^^ on sg. So i wish the rest fun with it.

1 month ago
Permalink

Comment has been collapsed.

Congrats on the well earned promotion Ozo!

1 month ago
Permalink

Comment has been collapsed.

nice, gratz!

1 month ago
Permalink

Comment has been collapsed.

Grats on the job.

1 month ago
Permalink

Comment has been collapsed.

Congrats on the promotion. :)

1 month ago
Permalink

Comment has been collapsed.

Congrats on the promotion!

1 month ago
Permalink

Comment has been collapsed.

Congrats, I hope it comes with a corresponding raise! What are your next goals, aiming to be an analyst as well? Or would you rather be an architect? Or is it enough for you already?

1 month ago
Permalink

Comment has been collapsed.

i like to code. i might go higher if i don't lose the chance to code

1 month ago
Permalink

Comment has been collapsed.

Yeah, that's the programmer's paradox, the best programmers usually get promoted to non-programming roles. I think it's more important to be as happy as you can in your job rather than getting to a position you don't enjoy, but in any case, good luck with whatever you end up doing :)

1 month ago
Permalink

Comment has been collapsed.

Congratulations!

1 month ago
Permalink

Comment has been collapsed.

Congratulations!

1 month ago
Permalink

Comment has been collapsed.

Well done! Nice to hear of this great promotion and recognition of your work!

1 month ago
Permalink

Comment has been collapsed.

congratulations

1 month ago
Permalink

Comment has been collapsed.

A well deserved position. Congratulations!

1 month ago
Permalink

Comment has been collapsed.

Congratulation for your promotion, ozo 💙

1 month ago
Permalink

Comment has been collapsed.

Probably not joining in the password hunt, but congrats on the promotion! :D

1 month ago
Permalink

Comment has been collapsed.

Congrats on being an Older Web. Kekeke XD

1 month ago
Permalink

Comment has been collapsed.

how much should john take to give answers because he's keeping me waiting

1 month ago
Permalink

Comment has been collapsed.

Assuming bruteforce as the only viable option as op pretty much rules out dictionary based approaches:

(26*2)^16 = 2857942574656970690381479936 search space
on average half through you'd find the correct one, so at password 1428971287328485345190739968

Say you can check a million a second
1428971287328485345190 seconds
you do the math - you'll not live to see results :)

Not checked alternatives to bruteforce such as scrutinizing low level implementation or comparing the encrypted payloads from zip and rar.

But unless the search space can be narrowed down considerably with hints - I'm sitting this one out :)

1 month ago
Permalink

Comment has been collapsed.

yep, with the current hints, completely unattainable with brute-forcing.

16 symbols
only uses lowercase and uppercase letters
completely random string of letters

I remember participating in an older event like this one by ozo (I can't seem to find the old thread!), but I recall there were a lot more "constraints" to narrow down the search space, and after including all the constraints the actual "cracking" part took 5 minutes tops using JtR.

I guess for now we wait for more hints :)

1 month ago
Permalink

Comment has been collapsed.

Yep. Although I don't see how 'completely random string of letters' can be narrowed down.
Perhaps the set of letters can be narrowed down.

Shame it's not the decryption key of the fileshare link

1 month ago
Permalink

Comment has been collapsed.

I processed most of the links in his posts - nothing came up :)
Now I'm looking for hints in old topics
Correct me if I'm doing nonsense

1 month ago
Permalink

Comment has been collapsed.

I imagine the last link(s) of the OP can be useful, especially the weird 'please bump' one but no time to investigate now.
Happy hunting!

1 month ago
Permalink

Comment has been collapsed.

If I remember correctly from the previous event, hints were added one at a time, something like:

  • second letter is upper case
  • forth letter is smaller than E
  • 8th and 10th letters are the same
  • etc.

I had written some notes on JtR last time I did this, probably with a link to the old thread, but the files are on my old laptop I can't access for now (battery died).

Maybe it was a puzzle by someone else not ozo? I can't say for sure, my memory is not what it used to be XD

1 month ago
Permalink

Comment has been collapsed.

But isn't 1428971287328485345190739968 just the maximum? You could find the password earlier, right?

(Just from a technical perspective)

1 month ago
Permalink

Comment has been collapsed.

Its half of all the choices he picked that number as an "average"

1 month ago
Permalink

Comment has been collapsed.

Oh.

1 month ago
Permalink

Comment has been collapsed.

Technically you could find the correct one as the first (or last) possibility you check.
The number is an average over all possible outcomes.

I am not sure if John is deterministic when checking possibilities or whether he systematizes/randomizes the order in which possibilities are checked. If you had reliable insight into that you could construct an impossible sounding puzzle where the solution is brute-forced almost instantly. That would be a fun exercise :)

1 month ago
Permalink

Comment has been collapsed.

Closed 2 weeks ago by ozo2003.