Hi. Long story short now I am a Senior Web developer :) So as always, here is puzzle/giveaway for you :) I've done similar "puzzles" in the past, just look through my old discussions if you need some help. Or ask here :) JUST BE SURE NOT TO SHARE ANY ANSWERS!!! OR I WILL BLACKLIST YOU :)

I don't want to call it a puzzle cause it's really not, so I will call it a challenge instead. For now there is only one giveaway at the end but I will add more as time goes on :) Giveaways will end on October 1st 12:00 AM UTC+3.

Challenge is simple - giveaway code is inside an archive, you need to find a password. That's it. I made a zip and rar archives, if you want any other archive type to be added like tar or tar.gz for example, I can add them.

Hints (may be updated over time): https://pastebin.com/aEG2QSu6
Answer: rHoBitjgrYrhmduW


Archives: https://mega.nz/folder/O5YClR5C#Ytm3OLO-MUINXSHojEWP0A

First giveaway is level 2. Might do different levels for other giveaways depending on how many people below level 2 would get to the end :)

Mood Music: https://www.youtube.com/watch?v=XKdKU6p78TQ

please bump

I suggest john :)

this will happen just not yet :(

View attached image.
1 month ago*

Comment has been collapsed.

Congrats!
I think I'll wait for a while. Last time I cracked the code after some hints but this is a lot more difficult for me with the given information.

1 month ago
Permalink

Comment has been collapsed.

what hint would you like?

1 month ago
Permalink

Comment has been collapsed.

I'll use brute force methods of course and this will take some time. I'd prefer knowing the order of some of the letters/numbers. Let's just say, the third character is "7". Something like that. Also, you already added some hints, so I have to think about how to use them in my code.

1 month ago
Permalink

Comment has been collapsed.

Congratulations, ozo2003!

1 month ago
Permalink

Comment has been collapsed.

Congratulations! Do you have any advice for junior web devs who are looking for their first job?

1 month ago
Permalink

Comment has been collapsed.

Heh my sister's company is getting most of its web dev done where you are, I hope you're not working for that company, they're jerks :D

Congrats on the promotion. Remember that doesn't give them license to make you do the work of 3 junior web devs and enjoy the perks ;)

1 month ago
Permalink

Comment has been collapsed.

company i work at only makes websites for our own use, rarely doing stuff for other people

1 month ago
Permalink

Comment has been collapsed.

Good. Less clients, less pressure. Or at least if there's pressure you know who to punch ;)

1 month ago
Permalink

Comment has been collapsed.

bump

1 month ago
Permalink

Comment has been collapsed.

No idea how to start this one unlike the last but if you're so kind I would like to hear about it afterwards. I thought of putting producing... something (no spoilers) for john and going from there but producing the whole thing to check (a-z and A-Z for 16 characters) was something like 6 petabytes lol.

1 month ago
Permalink

Comment has been collapsed.

There are hints that limit the possible combinations a bit, but it's not enough yet to be able to solve it in reasonable time

1 month ago
Permalink

Comment has been collapsed.

Yeah, the best way to solve this one is with code (to brute force things due to the thousands and thousands of potential permutations), and I'm too lazy to write it. 😆😁🤓

1 month ago
Permalink

Comment has been collapsed.

Congrats!

1 month ago
Permalink

Comment has been collapsed.

Omedetou... SENPAI?!
Since you are a senior now! xD

1 month ago
Permalink

Comment has been collapsed.

Congratulations!

Here are some suggestions about hints:
I think a part of letter appearance analyzed from this would help? :)
A clearer hint can be like the position of capital letters.

1 month ago
Permalink

Comment has been collapsed.

41016

1 month ago
Permalink

Comment has been collapsed.

so capital letters are in the 4,10, and 16 position but you said that there were 4 capital letters can you tell us the other one?

1 month ago
Permalink

Comment has been collapsed.

yep

1 month ago
Permalink

Comment has been collapsed.

bumpy

1 month ago
Permalink

Comment has been collapsed.

Bump

1 month ago
Permalink

Comment has been collapsed.

Woah, thanks to this challenge I've gone from knowing nothing about what JTR was 2 weeks ago to now learning about modes and rules and what not. Thanks for the motivation ozo!
I don't know if somebody already cracked the password, but I would need some more hints to get it. Could you please tell us if any lowercase letter is repeated just after its appearance? I mean if there is any lowercase letter that appears twice without any other between them, in case I didn't explained it well enough.

1 month ago
Permalink

Comment has been collapsed.

We definietly need hints about letter locations, becuase even if we know all 16 letters it would take years (if not centuries) to brute force it

1 month ago
Permalink

Comment has been collapsed.

updated hints

1 month ago
Permalink

Comment has been collapsed.

bump for thinking that the hints are updated enough for me to at least give it a go. I have a python program that I think should reduce the combinations of things enough to have a bit of a chance, but I'll probably need to find a way to optimize it further.

If I were to request one additional hint, the main thing that I can think of that would help my program further would be revealing more details about the repeated character(s) [eg: which letters / how they are distributed among the lower/upper case letters].

EDIT: Even with parallel processing just the first set of characters found is taking longer than I anticipated

4 weeks ago*
Permalink

Comment has been collapsed.

updated hints

4 weeks ago
Permalink

Comment has been collapsed.

Belated congratulations mate! I don't check the discussions and missed this announcement.

4 weeks ago
Permalink

Comment has been collapsed.

Bump for solved! The last hint was key.

4 weeks ago
Permalink

Comment has been collapsed.

Bump for solved.

4 weeks ago
Permalink

Comment has been collapsed.

Hmm, despite the geneours hints I think the number of password candidates will be too big to generate and then try agains the archive before time is out. I'll give it a shot, but we'll see.

3 weeks ago
Permalink

Comment has been collapsed.

bump for solved

3 weeks ago
Permalink

Comment has been collapsed.

how much time did it took to process because my script still takes like 1 year just to generate to wordlist

3 weeks ago
Permalink

Comment has been collapsed.

cracking hash from RAR archive took me 40 hours on i7-9850H CPU @ 2.60GHz, Kali on WSL

1g 1:16:04:50 DONE (2021-09-28 05:00) 0.000006g/s 1401p/s 1401c/s 1401C/s

edit: you should get much better results with GPU running it natively

3 weeks ago*
Permalink

Comment has been collapsed.

That is good to know for the script that I'm running. Well more accurately two instances of the same script starting at different points in the generation space.

That is a good idea creating a separate word list. Mine uses a python library to attempt to open the file directly, but I couldn't figure out how to get the parallelization library I'm using to run on the GPU.

3 weeks ago
Permalink

Comment has been collapsed.

Actually you might not need to run it on GPU, just make sure you run it natively. I used Kali on WSL, and it looks like WSL slows that down a lot, even up to x20

3 weeks ago
Permalink

Comment has been collapsed.

regarding wordlist generation, I didn't track time here, but it was less than 1 hours

3 weeks ago
Permalink

Comment has been collapsed.

did you use custom code or just stuff like John/crunch?

3 weeks ago
Permalink

Comment has been collapsed.

custom code to generate wordlist

3 weeks ago
Permalink

Comment has been collapsed.

1 more question how much space did your wordfile took?

Thanks for your answers. also would love to check the code to generate the wordlist after the GA is over cos my attemps are slower than using crunch

3 weeks ago*
Permalink

Comment has been collapsed.

~ 4 GB

3 weeks ago
Permalink

Comment has been collapsed.

There must be something I'm missing around this then. So far I've generated 40 GB of data spread out over two files and growing. I join smog in looking toward to seeing your code after all of this.

3 weeks ago*
Permalink

Comment has been collapsed.

Deleted

This comment was deleted 3 weeks ago.

3 weeks ago
Permalink

Comment has been collapsed.

I looked at terms of service and they don't prevent me from asking this:
Kur tu mācījies? LU? Es skatos pāriet uz tiešāku programmēšanu. Uni mācījos viegli Python un R, bet tas nebija tādā līmenī, lai to pielietotu reālā darba vietā. Ir kādi ieteikumi, lai to mācītos pašmācības ceļā? Šobrīd skatos uz Javu. Pieteicos bootcampam uz Java un Javascript.

3 weeks ago
Permalink

Comment has been collapsed.

tik vien kā tehnikumā, bet programmēšanu es esmu apguvis pašmācībā/darbā. es pārsvarā programmēju php, brīvajā laikā nedaudz python un node.
pašmācībai laikam galvenais būtu atrast mērķi un mēģināt novest līdz galam. piemēram, atrast kko, ko vajag pašam vai kādam draugam. bez mērķa būs grūtāk. vari sākt ar kādiem loģikas uzdevumiem, piemēram, project euler vai codewars. drīz noteikti advent of code būs

3 weeks ago
Permalink

Comment has been collapsed.

Congrats!

3 weeks ago
Permalink

Comment has been collapsed.

Bump, password found :)

3 weeks ago
Permalink

Comment has been collapsed.

Another bump

3 weeks ago
Permalink

Comment has been collapsed.

bump for "welp, my code didn't work, at least there is some time to try another approach"

3 weeks ago
Permalink

Comment has been collapsed.

Closed 2 weeks ago by ozo2003.