Hallo,
bin vor kurzem zufällig auf http://www.hackthissite.org gestoßen, und dachte mir, ich arbeite mich mal durch die Missionen durch (kann ja nicht schaden). Bei den meisten Missionen (außer den ersten paar Basic Missions) muss ich mir zwar die Lösung oder Lösungsansätze googlen, aber dann versuche ich immer den Weg zu dieser Lösung möglichst gut zu verstehen, um mein (software-)technisches Verständnis zu erweitern.
Jetzt bin ich bei realistic mission 6 angekommen und da soll ich folgenden "Text" entschlüsseln:
I believe this document to be encrypted using the XECryption algorithm. Please recover the original text of this document and return it to me. .296.294.255.268.313.278.311.270.290.305.322.252.276.286.301.305.264.301.251.269.274.311.304. 230.280.264.327.301.301.265.287.285.306.265.282.319.235.262.278.249.239.284.237.249.289.250. 282.240.256.287.303.310.314.242.302.289.268.315.264.293.261.298.310.242.253.299.278.272.333. 272.295.306.276.317.286.250.272.272.274.282.308.262.285.326.321.285.270.270.241.283.305.319. 246.263.311.299.295.315.263.304.279.286.286.299.282.285.289.298.277.292.296.282.267.245.304. 322.252.265.313.288.310.281.272.266.243.285.309.295.269.295.308.275.316.267.283.311.300.252. 270.318.288.266.276.252.313.280.288.258.272.329.321.291.271.279.250.265.261.293.319.309.303. 260.266.291.237.299.286.293.279.267.320.290.265.308.278.239.277.314.300.253.274.309.289.280. 279.302.307.317.252.261.291.311.268.262.329.312.271.294.291.291.281.282.292.288.240.248.306. 277.298.295.267.312.284.265.294.321.260.293.310.300.307.263.304.297.276.262.291.241.284.312. 277.276.265.323.280.257.257.303.320.255.291.292.290.270.267.345.264.291.312.295.269.297.280. 290.224.308.313.240.308.311.247.284.311.268.289.266.316.299.269.299.298.265.298.262.260.337. 320.285.265.273.307.297.282.287.225.302.277.288.284.310.278.255.263.276.283.322.273.300.264. 302.312.289.262.236.278.280.286.292.298.296.313.258.300.280.300.260.274.329.288.272.316.256. 259.279.297.296.283.273.286.320.287.313.272.301.311.260.302.261.304.280.264.328.259.259.347. 245.291.258.289.270.300.301.318.251.305.278.290.311.280.281.293.313.259.300.262.315.263.319. 285.282.297.283.290.293.280.237.234.323.289.305.279.314.274.291.309.273.294.249.283.262.271. 286.310.305.306.261.298.282.282.307.287.285.305.297.275.306.280.292.291.284.301.278.293.296. 277.301.281.274.315.281.254.251.289.313.307.244.256.302.301.317.305.239.316.274.277.296.269. 305.301.279.287.317.284.277.305.298.264.304.286.273.275.293.309.286.282.240.287.239.268.269. 267.315.311.292.270.271.272.336.282.237.275.316.306.239.305.314.240.296.306.270.247.245.302. 317.316.241.291.310.266.274.274.313.288.262.319.280.276.238.297.295.287.285.288.301.272.275. 247.305.292.286.272.310.291.301.322.256.315.298.263.281.276.237.294.284.296.284.302.273.298. 287.298.301.265.305.270.315.278.283.302.287.263.270.345.258.270.266.302.309.262.260.277.327. 263.277.254.283.276.239.272.264.276.279.264.267.298.264.244.245.273.292.289.273.248.259.263. 288.290.294.210.288.268.311.318.312.242.285.293.216.262.276.340.292.299.275.259.293.311.234. 266.294.278.307.286.267.307.285.269.310.288.274.270.326.273.276.311.304.267.302.318.265.299. 263.283.248.257.314.288.321.321.236.284.283.227.320.312.246.261.289.316.288.263.312.241.265. 288.298.286.287.274.306.279.276.289.307.303.293.281.298.317.252.312.283.278.263.304.305.258. 266.270.294.286.293.290.291.291.258.254.282.282.283.313.268.282.316.310.299.254.264.234.296. 270.265.326.288.292.293.321.305.250.320.299.253.270.296.297.298.266.312.234.273.287.309.286. 278.269.279.316.284.276.234.293.255.267.242.253.318.270.246.278.292.285.282.314.266.292.286. 263.313.249.290.255.289.264.292.301.299.278.291.292.225.250.261.283.303.262.264.264.303.299. 297.274.288.267.293.316.320.317.233.303.258.302.271.283.323.247.279.268.312.269.297.313.280. 280.273.266.332.276.313.284.281.316.279.290.273.313.308.305.260.302.306.273.234.279.281.284. 298.278.259.290.314.275.264.339.293.322.266.261.296.306.277.275.311.284.270.318.259.249.286. 292.301.285.280.303.283.287.299.277.273.293.228.311.283.272.304.292.277.271.306.302.278.298. 300.287.281.309.243.272.279.282.300.291.295.284.285.252.291.251.285.283.245.250.252.318.298. 277.235.288.259.263.278.274.307.261.260.350.250.288.256.282.316.261.285.295.292.300.298.264. 245.241.308.301.261.253.289.264.267.300.262.248.287.257.266.275.287.297.320.287.264.279.297. 232.231.256.288.243.252.277.274.245.256.253.229.290.263.305.278.260.294.312.283.301.275.276. 299.297.312.275.282.294.272.228.302.324.257.261.286.326.280.283.316.294.254.258.275.264.236. 240.277.255.231.258.286.242.277.253.296.290.250.314.320.239.292.313.261.294.261.317.273.285. 236.292.282.271.264.297.300.272.308.299.300.269.301.269.317.284.286.262.315.276.279.328.269. 254.252.232.272.268.309.273.264.296.305.272.267.291.324.302.297.268.268.263.298.300.261.312. 241.254.299.280.263.292.260.301.311.317.297.248.314.272.293.298.281.298.276.311.291.297.318. 261.274.300.293.297.267.295.261.275.334.289.238.267.289.283.257.300.262.304.311.278.274.265. 261.345.301.296.270.273.299.289.274.272.313.282.268.320.287.320.270
Es steht dabei, dass der "Text" mit dem XECryption Algorithmus Verschlüsselt ist. Da ich mit diesem Algorithmus so nichts anfangen konnte, hab ich gegooglet und habe auch schon herausgefunden, wie man den Algorithmus entschlüsseln kann. Da ich aber wie gesagt mein technisches Verständnis erweitern will, hab ich nach einer Beschreibung des VERschlüsselnungsprozesses gesucht, habe aber nur das hier gefunden:
Every letter, when encrypted, takes on the following format: ".193.144.164". Three numbers seperated by periods. To produce this, the following happens to each character of the text the user wishes to encrypt. The password key is added to the ASCII value of the letter, then it is divided by three. A random number between -10 and 10 is added to this new number. This becomes the first number in the series, and is repeated to produce the second number. The third number is the difference between the first two final numbers and the original ASCII value plus the password key. ... When decrypting, the password key is found in the same way that it's encrypted. Each triplet is added together, and then the password key is subtracted. This is the ASCII value of the letter.
Quelle: http://www.criticalsecurity.net/index.php?showtopic=29085
Der Teil zur ENTschlüsselung ist ausreichend, da in Texten meist das Leerzeichen mit dem ASCII code 32 am häufigsten+regelmäßigsten vorkommt und man durch subtrahieren der 32 von der als SPACE identifizierten Zahl das VERschlüsselungspasswort erhält.
Die Anleitung zum VERschlüsseln lässt bei mir aber noch folgende Fragen offen:
Auf welche Zahl ist die zweite Addition des Zufallswertes bezogen? auf die "first number in the series" oder auf die ursprüngliche zahl die durch 3 geteilt wurde.
Beides ist in dem gewählten Beispiel meines Erachtens unmöglich, da die Differenz zwischen 193 und 144 die maximal mögliche Differenz von 20 übersteigt: |193-144|>20
Was passiert wenn beim teilen durch 3 Nachkommastellen entstehen?
Was, wenn beim addieren des Zufallswertes eine negative Zahl herauskommt?
Der letzte Satz der VERschlüsselung ist unglücklich formuliert!
Worauf bezieht sich die Differenz?
Worauf bezieht sich das "plus"?
Ich hoffe ihr könnt mir weiterhelfen, sodass ich den Verschlüsselungsalgorithmus komplett verstehe 😀
EDIT (30.05.09):
Kennt keiner den Algorithmus?
Ich weiß nicht obs hilft, aber die Zahlenfolge da oben ist die Verschlüsselte Version von folgendem Text:
Samuel Smith Thank you for looking the other way on the increased levels of toxic chemicals in the river running alongside our industrial facilities. You can pick up your payment of $20,000 in the mailbox at the mansion on the corner of 53 and St. Charles tomorrow between the hours of 3:00am and 5:00am. Thank you, John Sculley ToxiCo Industrial Chemicals