Rizzrack (OP)
|
|
March 21, 2022, 04:21:54 PM Last edit: March 30, 2022, 09:41:57 AM by Rizzrack |
|
Okay the only one I could think of that had a dataset available was the Million Song Dataset, and I tried encoding all of the song title names to SHA-1 via some sqlite3 queries and python, and output that out to a csv file. But I couldn't find the hash that I had found in the previous step. My guess is that the database is some different one altogether, I guess I'll give it a few more tries later. Do not complicate the trivial ! Search engines are your friend P.S. probably did not find it due to uppercase letters or stuff like that. wrote the name of the song by hand and all lowercase
|
|
|
|
PhoenixZephyrus
|
|
March 21, 2022, 04:33:49 PM Last edit: March 21, 2022, 04:54:20 PM by PhoenixZephyrus Merited by Rizzrack (5), DdmrDdmr (3), nc50lc (2) |
|
Okay the only one I could think of that had a dataset available was the Million Song Dataset, and I tried encoding all of the song title names to SHA-1 via some sqlite3 queries and python, and output that out to a csv file. But I couldn't find the hash that I had found in the previous step. My guess is that the database is some different one altogether, I guess I'll give it a few more tries later. Do not complicate the trivial ! Search engines are your friend P.S. probably did not find it due to uppercase letters or stuff like that. wrote the name of the song by hand and all lowercase Ah its all lowercase. Then I would say the song is "Who Let The Dogs Out" by "Baha Men" Method: Well I had already got the SHA-1 hash from the previous posts. Then I used the track_metadata from FMA Data for music analysis. Then I wrote a short python code to get the SHA-1 hash name for each of the files and appended that with the track names. I wrote a pythonic script (instead of trying to find an online music search db) just because I wanted to check out some of its functions and also get familiar with some Capture The Flag contest method - this challenge was quite like some preliminary CTF contest Here is the code: import csv import hashlib import os.path
BASE_DIR = os.path.dirname(os.path.abspath(__file__)) db_path = os.path.join(BASE_DIR, "songs.db") file = open("C:\\hashes_tracks.csv", "w", encoding="utf-8") with open("C:\\tracks.csv", "r", encoding="utf-8") as dataset: reader = csv.DictReader(dataset) for row in reader: name = row["title"].lower().strip() result = hashlib.sha1(name.encode()) file.write(result.hexdigest() + name + '\n') And then a simple search for the hash was enough to get the song name. Proof that the hash matches
|
|
|
|
Rizzrack (OP)
|
|
March 21, 2022, 05:06:26 PM Last edit: March 30, 2022, 09:42:01 AM by Rizzrack |
|
Ah its all lowercase. Then I would say the song is "Who Let The Dogs Out" by "Baha Men" Method: Well I had already got the SHA-1 hash from the previous posts. Then I used the track_metadata from FMA Data for music analysis. Then I wrote a short python code to get the SHA-1 hash name for each of the files and appended that with the track names. I wrote a pythonic script (instead of trying to find an online music search db) just because I wanted to check out some of its functions and also get familiar with some Capture The Flag contest method - this challenge was quite like some preliminary CTF contest And then a simple search for the hash was enough to get the song name. You went the whole nine yards ! I assumed at some point someone would get to the SHA1 hash and try some websites with different databases like this one: https://hashes.com/en/decrypt/hashBut because you did it all on your own and also shared the repositories and code used ... 1 merit did not feel enough. You may not be a newbie anymore but heck, it's my thread and I'll merit if I want toP.S. Morale of the story: do not use generic passwords because even if they are hashed we can still find the hash online and whip up a small piece of code that finds it in a minute or two !
|
|
|
|
Kwsikh
Newbie
Offline
Activity: 26
Merit: 0
|
|
March 21, 2022, 06:11:35 PM |
|
But from what I know, SHA-1 is a one way hash right? It isnt possible to decrypt it without maybe brute forcing? Because thats what the hash is meant to be - irreversible? -snip- Unless I'm missing something here...
Yes, you're correct, there's no way to reverse it aside from bruteforce. But there's only about 600million song titles out there, just make a database of all the songs titles, create a simple code to perform SHA1 to each of the titles ( and probably variations of them) and a typical computer can bruteforce it within a few minutes/hours. Then you can get 1 merit All things going out of my head if it was known by me then may be i also might be a Hero member!!
|
|
|
|
BitcoinIsABubble
Jr. Member
Offline
Activity: 30
Merit: 14
|
|
March 23, 2022, 09:10:54 AM |
|
Okay the only one I could think of that had a dataset available was the Million Song Dataset, and I tried encoding all of the song title names to SHA-1 via some sqlite3 queries and python, and output that out to a csv file. But I couldn't find the hash that I had found in the previous step. My guess is that the database is some different one altogether, I guess I'll give it a few more tries later. Do not complicate the trivial ! Search engines are your friend P.S. probably did not find it due to uppercase letters or stuff like that. wrote the name of the song by hand and all lowercase Ah its all lowercase. Then I would say the song is "Who Let The Dogs Out" by "Baha Men" Method: Well I had already got the SHA-1 hash from the previous posts. Then I used the track_metadata from FMA Data for music analysis. Then I wrote a short python code to get the SHA-1 hash name for each of the files and appended that with the track names. I wrote a pythonic script (instead of trying to find an online music search db) just because I wanted to check out some of its functions and also get familiar with some Capture The Flag contest method - this challenge was quite like some preliminary CTF contest Here is the code: import csv import hashlib import os.path
BASE_DIR = os.path.dirname(os.path.abspath(__file__)) db_path = os.path.join(BASE_DIR, "songs.db") file = open("C:\\hashes_tracks.csv", "w", encoding="utf-8") with open("C:\\tracks.csv", "r", encoding="utf-8") as dataset: reader = csv.DictReader(dataset) for row in reader: name = row["title"].lower().strip() result = hashlib.sha1(name.encode()) file.write(result.hexdigest() + name + '\n') And then a simple search for the hash was enough to get the song name. Proof that the hash matches Oh wow, good job there!
|
|
|
|
Rizzrack (OP)
|
|
March 29, 2022, 03:46:32 PM Last edit: March 30, 2022, 09:42:06 AM by Rizzrack |
|
Upload the below image to imgur or a similar service and post it here: NB2HI4DTHIXS65DFPB2GE2LOFZXGK5BPOFRWI2DPMF2GMZDQ
|
|
|
|
Rizzrack (OP)
|
|
April 04, 2022, 02:42:02 PM |
|
I'm starting to think you guys do not want/need merit ! Hint #1: it's not base58 or base64
Hint #2: if you would decode "NB2HI4DTHIXS65DFPB2GE2LOFZXGK5BPOFRWI2DPMF2GMZDQ" from base32 to text the output would be Extra hint: 2 more steps and you can find the image !
|
|
|
|
Rizzrack (OP)
|
|
April 07, 2022, 11:56:34 AM |
|
Upload the below image to imgur or a similar service and post it here: NB2HI4DTHIXS65DFPB2GE2LOFZXGK5BPOFRWI2DPMF2GMZDQ Decided to post the response since there were no takers this round ! How to solve:Step 1: decode from base32 to text NB2HI4DTHIXS65DFPB2GE2LOFZXGK5BPOFRWI2DPMF2GMZDQ and you would get https://textbin.net/qcdhoatfdp Step 2: The code from the pastebin is too big to fit in the post so if you are curious check the link yourselves. Symbols are HTML URL-encoded. So you would need to decode them first. " %3A" would be " :", " %2F" would be " /" etc. Step 3: Decode from base64 to image. For example I used https://codebeautify.org/base64-to-image-converterAnd it shows you the image ! Uploading it to imgur and posting it here should not require any further explanations
|
|
|
|
BitcoinIsABubble
Jr. Member
Offline
Activity: 30
Merit: 14
|
|
April 27, 2022, 07:09:35 AM |
|
This was a tough one for me I admit, do you plan to release further challenges anytime soon?
|
|
|
|
Rizzrack (OP)
|
|
May 04, 2022, 10:52:12 AM |
|
This was a tough one for me I admit, do you plan to release further challenges anytime soon?
To be honest I was a little bummed that there was no interest in the last one and kind of let it go for the moment... Either way there are so many ways you can encode stuff and running dry on ideas. Will think about it and see if I can come up with a few more Anyone else is invited to chip in with a suggestion or an interesting question ! P.S. You also solved 2 of them so I might incline to add an extra rule about how many times you would be allowed to participate. Well done though
|
|
|
|
nc50lc
Legendary
Offline
Activity: 2548
Merit: 6199
Self-proclaimed Genius
|
|
May 04, 2022, 01:10:30 PM |
|
-snip- Anyone else is invited to chip in with a suggestion or an interesting question !
How about if N-days have passed and the puzzle isn't solved yet, open that round for all ranks instead of just newbies? You can decide on the number of days.
|
|
|
|
m2017
Legendary
Offline
Activity: 1946
Merit: 1388
keep walking, Johnnie
|
|
May 04, 2022, 05:12:24 PM Last edit: May 04, 2022, 07:37:17 PM by m2017 |
|
-snip- Anyone else is invited to chip in with a suggestion or an interesting question !
How about if N-days have passed and the puzzle isn't solved yet, open that round for all ranks instead of just newbies? You can decide on the number of days. I think this is a good intention and Rizzrack will support your proposal. I like the idea of a thread like this, allowing beginners to learn something new about crypto. And as a bonus, get merit, which will also encourage them to be active. But most importantly, this interactive format allows to involve beginners in bitcoin world and allows to practically contact with it. It also has informational benefits for everyone who follows similar activities and reads the topic. Something similar is implemented in topic [Merit] Hey Newbies! Can You Sign A Message? I hope there will be more such forms of active involvement of newcomers in the future.
|
|
|
|
nakamura12
|
|
May 04, 2022, 05:53:13 PM |
|
It would be good of the title is not newbie puzzles instead it should be Newbie friendly Puzzles. Though you may say that it is a newbie puzzles but what about those who doesn't have knowledge on what to do like binary codes for example. You can make this challenge the same as Pmalek's Word Game where newbies are given an advantage where they are the one who can participate first until the time runs out and then higher ranks can participate too if lower ranks can't find the answer or solution. Nice puzzles by the way.
|
|
|
|
Bamjos
Member
Offline
Activity: 71
Merit: 22
|
|
May 04, 2022, 07:06:56 PM |
|
Question 3 (more of a challenge actually than a question) : -----BEGIN BITCOIN SIGNED MESSAGE----- Tjho uijt nfttbhf: "Xf bsf bmm tbuptij fydfqu gps DTX" vtjoh uif tbnf beesftt J bn (1K7neh5scRzVIFOZey39XWXL7gtMqFpYAz) -----BEGIN BITCOIN SIGNATURE----- 1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZy IDt1vr8Ahx4Yt3Rm5zfvwbGIis7MrpSDNx8ev6inxMr+NB8CWOHoTPVeujlfYMpsW58Txp1scaxXY5WtNQhbS94= -----END BITCOIN SIGNATURE-----
-----BEGIN BITCOIN SIGNED MESSAGE----- Tjho uijt nfttbhf: "Xf bsf bmm tbuptij fydfqu gps DTX" vtjoh uif tbnf beesftt J bn (1K7neh5scRzVIFOZey39XWXL7gtMqFpYAz) -----BEGIN BITCOIN SIGNATURE----- Version: Bitcoin-qt (1.0) Address: 3K1AAUvgrYNH6Syp5e1zjqAWpe3dapBUPS
IFTQanseMw7GHwJKUzka0CxEV5XaHy2xcm+CflZrxzmlVwaeamI++5SqHPTYXZCvN04J7BW7Sou7cdp+qj0eXFc= -----END BITCOIN SIGNATURE-----
|
|
|
|
Rizzrack (OP)
|
|
May 05, 2022, 12:53:12 PM |
|
How about if N-days have passed and the puzzle isn't solved yet, open that round for all ranks instead of just newbies? You can decide on the number of days.
Not a bad idea ! Once I come up with a new one will try this out. Thanks -----BEGIN BITCOIN SIGNED MESSAGE----- Tjho uijt nfttbhf: "Xf bsf bmm tbuptij fydfqu gps DTX" vtjoh uif tbnf beesftt J bn (1K7neh5scRzVIFOZey39XWXL7gtMqFpYAz) -----BEGIN BITCOIN SIGNATURE----- Version: Bitcoin-qt (1.0) Address: 3K1AAUvgrYNH6Syp5e1zjqAWpe3dapBUPS
IFTQanseMw7GHwJKUzka0CxEV5XaHy2xcm+CflZrxzmlVwaeamI++5SqHPTYXZCvN04J7BW7Sou7cdp+qj0eXFc= -----END BITCOIN SIGNATURE----- If you would have read the post you would have seen that it was already solved: Tjho uijt nfttbhf: "Xf bsf bmm tbuptij fydfqu gps DTX" vtjoh uif tbnf beesftt J bn (1K7neh5scRzVIFOZey39XWXL7gtMqFpYAz) when you change every letter to the previous one in the alphabet becomes Sign this message: "We are all satoshi except for CSW" using the same address I am (1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZy)
You were supposed to sign it with the above address, not a random one you own. Please read and think a bit before replying next time
|
|
|
|
Rizzrack (OP)
|
|
June 14, 2022, 12:33:16 PM |
|
Here's a brain teaser for y'all ! for (i = 3): type(X) == string print(X) =
|
|
|
|
Rizzrack (OP)
|
|
June 15, 2022, 02:16:29 PM |
|
BUMP !
*Take it one step at a time. What do you think the above equation is ?
|
|
|
|
Majestic-milf
|
|
June 15, 2022, 03:22:45 PM |
|
Answer(Q1) The quick brown fox jumps over 13 lazy dogs.
|
| █▄ | R |
▀▀▀▀▀▀▀██████▄▄ ████████████████ ▀▀▀▀█████▀▀▀█████ ████████▌███▐████ ▄▄▄▄█████▄▄▄█████ ████████████████ ▄▄▄▄▄▄▄██████▀▀ | LLBIT | ▀█ | THE #1 SOLANA CASINO | ████████████▄ ▀▀██████▀▀███ ██▄▄▀▀▄▄█████ █████████████ █████████████ ███▀█████████ ▀▄▄██████████ █████████████ █████████████ █████████████ █████████████ █████████████ ████████████▀ | ████████████▄ ▀▀▀▀▀▀▀██████ █████████████ ▄████████████ ██▄██████████ ████▄████████ █████████████ █░▀▀█████████ ▀▀███████████ █████▄███████ ████▀▄▀██████ ▄▄▄▄▄▄▄██████ ████████████▀ | ........5,000+........ GAMES ......INSTANT...... WITHDRAWALS | ..........HUGE.......... REWARDS ............VIP............ PROGRAM | . PLAY NOW |
|
|
|
DdmrDdmr
Legendary
Offline
Activity: 2450
Merit: 11000
There are lies, damned lies and statistics. MTwain
|
|
June 15, 2022, 03:42:07 PM Last edit: June 15, 2022, 03:55:18 PM by DdmrDdmr |
|
Not sure about one thing here, and without giving it away (others should scoop the Merit reward), I can’t make out why the "-1" is there nor whether it is meant to be included in the summation or rather subtracted after it (the latter I believe, since it lacks brackets). I wouldn’t have thought it (the "-1") to be part of the original formula, but I may be wrong. Note: If anyone wants to perform the calculus, you can easily do it on Excel (start with i=3 for a reason). <...> It's about the meaning of subtracting 1 from the equation where i=3, not the calculation. And finding a "string" ...
I know, that's why I said "wants to" as opposed to saying it in a "needs to" context.
|
|
|
|
Rizzrack (OP)
|
|
June 15, 2022, 03:51:42 PM |
|
Answer(Q1) The quick brown fox jumps over 13 lazy dogs.
Reddit did not help on this occasion. It was already solved and still gave a wrong answer. Damn... Not sure about one thing here, and without giving it away (others should scoop the Merit reward), I can’t make out why the "-1" is there nor whether it is meant to be included in the summation or rather subtracted after it (the latter I believe, since it lacks brackets).
Subtracted after the SUM I wouldn’t have thought it (the "-1") to be part of the original formula, but I may be wrong.
Note: If anyone wants to perform the calculus, you can easily do it on Excel (start with i=3 for a reason).
It's about the meaning of subtracting 1 from the equation where i=3, not the calculation. And finding a "string" ...
|
|
|
|
|