I Challenge You To Crack The Code
-------------------------------------
I had quite an interesting experience recently. I was hired by a company to perform a vulnerability assessment and penetration test on their network. During the initial meeting, one of the key technical staff presented me with a challenge; He handed over the NTLM hash of the domain Administrator account and challenged me to decipher it. He explained that the complexity and length of the password would prevent me from deciphering it during the time allotted for the project. He was actually quite confident in my impending failure.
In most cases, this individual would have been right on the mark. On the other hand, I'm not sure he expected to challenge someone who has close associates with discretionary time on some of the most powerful computers in the world.
6 Hours, 2 Servers, 64GB of Memory, and 32 Processors Later and.....
------------------------------------
It took just under six hours to decipher the password. Of course, my 'associates' were using a program of my choice on servers with 32 processors and 64GB of RAM a piece. It's nice to have friends with access like this. Especially in my line of work. Needless to say, my client was shocked when I called him the next day and gave him the password.
Let's Have Some Fun: A Challenge For You
----------------------------------------------
(In order for you to do this, you need to go to: http://www.defendingthenet.com/NewsLetters/ CrackTheCode-ThatsADirectChallenge.htm)
Shortly after this experience, I started thinking about writing an article about it. Then I thought to myself, why write just an article? Why not come up with a challenge for our readers?
Hidden in this article is information that will ultimately provide you with a phrase that has been encrypted. You will need to know a few pieces of general information such as, where to find the hash in this article, how to extract the hash from the article, what the password is that will reveal the hash, and what type of hash is being used! Still with me on this? You will need to do all this before you can start cracking the encrypted phrase.
First, you need to find the hashed phrase located in this article. I'll give you a hint; I recently wrote an article about hiding messages in files. This article can be found on the Defending The Net Newsletter Archive. It is also in the www.CastleCops.com archive. Oh, and once you find where the hash is you will need a password to extract it. This one I am going to give away. The password to extract the hash is 'letmein' (without the ' ' of course).
Then, you will need a tool that can easily handle deciphering of the hash once you extract it from this article. There are quite a few out there that will do the job, however, I highly recommend using pnva naq noyr i2.69, a publicly available security tool that no self respecting security engineer should be without. You will also need to know the type of hashing algorithm that was used. I decided to use zrffntr qvtrfg svir because it is relatively well-known. (Try saying that 13 times real fast!)
Conclusion
----------------
The first person to successfully unravel this riddle and e-mail me at riddle@paralogic.net with the deciphered phrase, along with a detailed description of how they accomplished the task, will receive a 512MB, USB2.0 Jump Drive. As soon as we receive this information we will post it on the main page of www.defendingthenet.com.
About The Author
----------------
Darren Miller is an Information Security Consultant with over sixteen years experience. He has written many technology & security articles, some of which have been published in nationally circulated magazines & periodicals. If you would like to contact Darren you can e-mail him at Darren.Miller@ParaLogic.Net
Saturday, MasterCard blamed a vendor of ALL credit card providers... Read More
When we think of adware, what comes to mind are... Read More
Viruses are, however, not the only malicious software programs out... Read More
There you are busily typing away on your PC or... Read More
Viruses, Bugs, Worms, Dataminers, Spybots, and Trojan horses. The Internet... Read More
Ebay is a great site and is used by many... Read More
So called phishers try to catch the information about the... Read More
Spyware is software that runs on a personal computer without... Read More
The movie Little Black Book features a young woman, Stacy,... Read More
Today,on most internet user's computers, we have the ability to... Read More
A few nights ago I received an email from "2CO"... Read More
Watching how the traditional media covers the latest virus or... Read More
As more people are logging onto the Internet everyday, Network... Read More
The internet is undoubtedly a fantastic resource for families and... Read More
With the advent of the World Wide Web, a whole... Read More
The Federal Bureau of Investigation has identified "phishing" as the... Read More
Sooner or later everyone with an email account will receive... Read More
Protect Your PCHaving problems with your pc? Do your kids,... Read More
I am in the midst of Oscar Wilde's The Picture... Read More
If you use the internet, you have probably been infected... Read More
Identity theft is one of the most common criminal acts... Read More
First off I should explain what phishing is. Phishing is... Read More
There has not been a time in the history of... Read More
Internet is the ocean of knowledge. In this ocean you... Read More
High-tech private investigators are becoming the answer for many Internet... Read More
Have you ever got an email asking you to confirm... Read More
Since its birth, the Internet has grown and expanded to... Read More
It's late. You've been scouring the web for that perfect... Read More
Have you ever had to call Symantec or McAfee to... Read More
As the number of people using the Internet as an... Read More
Spyware SolutionProbably Today's Biggest Computer Problem. You Suffer Without Knowing... Read More
Fishing on the Internet has come a long way. However,... Read More
The Message Must Get Through The year is 300A.D.,... Read More
Identity Theft is one of the most serious problems facing... Read More
Have you ever had to call Symantec or McAfee to... Read More
Millions of people make purchases online, but many people are... Read More
Can You Prevent Spyware, Worms, Trojans, Viruses, ... To Work... Read More
Can you protect your computer from all possible viruses and... Read More
Today the internet is a mine field of malicious code... Read More
Have you ever got an email asking you to confirm... Read More
Having a good Spyware eliminator on your computer is vital... Read More
This really chapped my lips...I recently bought a new computer.... Read More
Remember the television show about the nosy neighbor Mrs. Kravitz... Read More
Someone recently told me, "You would have to be a... Read More
The Internet offers a global marketplace for consumers and businesses.... Read More
Spyware is software that runs on a personal computer without... Read More
Identity theft ? also known as ID theft, identity fraud... Read More
First the basic definition of Spyware: It is a type... Read More
While clicking from site to site on the internet you... Read More
As soon as almost all computer users already got used... Read More
You and I are a lot alike. We are both... Read More
The most frustrating part of having Spyware on your computer... Read More
Today,on most internet user's computers, we have the ability to... Read More
Spies, spyware, internet parasites are among what they are usually... Read More
In the past I've never really paid much attention to... Read More
I am in the midst of Oscar Wilde's The Picture... Read More
Your computer is as slow as molasses. Your mouse freezes... Read More
Phishing in its "classic" variant is relatively well-known. Actually, 43.4... Read More
You may not realize it, but as you are surfing... Read More
Be careful of sites that promise to send you "instant... Read More
I'm in the Anti-Spyware business, and I'm doing a lot... Read More
Internet is the ocean of knowledge. In this ocean you... Read More
Recently I have received email from my bank/credit Card Company,... Read More
IPv6, IntroductionThe high rate at wich the internet continualy evolves... Read More
Is your enterprise following the rules?The bulk of financial information... Read More
After Two Security Assessments I Must Be Secure, Right? ... Read More
Internet Security |