Last year I had a go at the GCHQ hacking challenge and managed to solve it, so when a colleague informed me that there was a new challenge I thought I might give it a shot if I found some time.

Step 1
The first step is to figure out what the data on the website is. The payload is as follows:

AWVLI QIQVT QOSQO ELGCV IIQWD LCUQE EOENN WWOAO
LTDNU QTGAW TSMDO QTLAO QSDCH PQQIQ DQQTQ OOTUD
BNIQH BHHTD UTEET FDUEA UMORE SQEQE MLTME TIREC
LICAI QATUN QRALT ENEIN RKG

The first thing I did was to paste this into HXD and remove the spaces (which I suspected were just there to break up the structure of the message). I generated a histogram of the bytes and it looked like this.

gchq_image_1

Apart from the anomalous ‘Q’ the distribution of the letters is basically consistent with average English. Implying that the message has not been subject to a substitution cipher or Ceaser shift (of any variant thereof) and is probably just transposed. At that point I looked at the length of the payload, 143 bytes (which has obvious factors), arranging the characters in this configuration yielded the following:

AWVLIQIQVTQOS
QOELGCVIIQWDL
CUQEEOENNWWOA
OLTDNUQTGAWTS
MDOQTLAOQSDCH
PQQIQDQQTQOOT
UDBNIQHBHHTDU
TEETFDUEAUMOR
ESQEQEMLTMETI
RECLICAIQATUN
QRALTENEINRKG

Substituing the Q for a space of . gives the sentence:

A.COMPUTER.WOULD.DESERVE.TO.BE.CALLED.INTELLIGENT.IF.IT.COULD.DECEIVE.A.HUMAN.
INTO.BELIEVING.THAT.IT.WAS.HUMAN.WWWDOTMETRODOTCODOTUKSLASHTURING

The URL embedded in Turing’s quote is the start of the second phase of the challenge. With “turing” an obvious candidate for the first of the five answers.

Step 2
You’re presented with a RSA key.

-----BEGIN RSA PRIVATE KEY-----
MIIC2gIBAAKBgDfABK8+joDLdbFTDJ+y3PTTzkqCi1L2qEjgxdg1iyZshJTeKUck
SYVyKBeOBtB3FwwqXVa6iNEHJeLFewFE6ulEOIcatVp11Zg0ibMfnqTivbd6t8/z
3KzqrFksg9xQiicMactmTqFkm8ro5ODc2NTQzMjEwLy4tLCslBOCOVHxAgMBAAEC
gYATW12FB2BtQbecmSxh6rWjYENZRZhgdvoZS8oF9xlYfwdNtRF5/RR1/BwFia++
BAuBktgTu/KzORsjcNPzrd0uTCbTG6hW8YPK2ROVOOeAMHek8Nl3+SW5wdePKuWw
MdjDDjqxXDns+ZC1d2Cpz5V+x+2znOYL0bsEKei0sWl7LQKBgDfABK8+joDLdbFT
DJ+y3PTTzkqCi1L2qEjgxdg1iyZshJTeKUckSYVyKBeOBtB3FwwqXVa6iNEHJeLF
ewFE6uhVSior5HGPArFhsOQ0v9ob1NCV7P8M99qN4XplmX/xs05HgQCVh9aMWtio
pKCcmJSQjIiEgHx4dHBsU9JB+TvkAkB3dy53aHRzaXNpbGd1b2VjdHNyZWhzcmku
ZW9jdS4va2xidGVoY2VsIHkgICAgICAgICAgICAgICAgICAgIAuPAkATpSSd/C5S
IEAbUPk+ZYAdt7OYVzay7ViAiaukhkt+/sJG+m8GmHnAKyLf9ohx3/aIcd/2iHHf
9ohx3/ayirJPAkAIefJYEpdAoRjJQCHPGUpOVjLiyQMyPcnsutG+ctAGGU8lZTDU
yUim9V7iwqTE4sKkxOLCpMTiwqTE4sKkxOFNAoGAFInzTsAOkauW3crd1XfxMhxi
tUkapdQqlwvFhZuouNIybfEOfW6WkjtghBDyqf50cEFWXMJ7Vk8mr6cwTosPvYKU
VXKUCblretLTeU95TlbkprizPky++5b7pQuSi3mpLMi+6VgvcjTthfXPYNg2JjJp
gmteC4felYL/2FTAmT8=
-----END RSA PRIVATE KEY-----

The key is base64 encoded (the equals sign as padding gives that away). If you decode it you get what looks mostly like a load of crap, except there is some text that kinda looks like a URL in there:

@ww.whtsisilguoectsrehsri.eocu./klbtehcel y

I was actually able to just read it by looking at it you can kind of read the words, but while writing this I tried to work out how you would explain to somehow how to read it, so it’s just pairs of letters switched around, think 16bit endianness-style.

http://www.thisisgloucestershire.co.uk/bletchley

Of course, “bletchley” is the second answer. I’m starting to see a pattern here. Before I began the next section I tried a few keywords in the answers boxes, “tunny”, “tutte”, “enigma” and even “entscheidungsproblem” all yielded nothing. “Colossus” on the other hand was the answer to Step 4. I thought this sort of obvious pattern actually spoilt the puzzle somewhat, but ah well. I carried on.

Step 3
At stage 3 you are met with the following sequence:

2910404C21CF8BF4CC93B7D4A518BABF34B42A8AB0047627998D633E653AF63A873C\
8FABBE8D095ED125D4539706932425E78C261E2AB9273D177578F20E38AFEF124E06\
8D230BA64AEB8FF80256EA015AA3BFF102FE652A4CBD33B4036F519E5899316A6250\
840D141B8535AB560BDCBDE8A67A09B7C97CB2FA308DFFBAD9F9

I tried all sorts for this one, disassembling it, checking various hashes, looking for patterns which would generate bits for the gaps on the last line, after about 30 minutes of fail I wondered if you were supposed to decrypt it with the key you were given in Step 2.
I used OpenSSL to take a closer look at the key we are given in Step 2.

C:\OpenSSL\bin>openssl pkey -in comp1.key -text
WARNING: can't open config file: /usr/local/ssl/openssl.cnf
-----BEGIN PRIVATE KEY-----
MIIC9AIBADANBgkqhkiG9w0BAQEFAASCAt4wggLaAgEAAoGAN8AErz6OgMt1sVMM
n7Lc9NPOSoKLUvaoSODF2DWLJmyElN4pRyRJhXIoF44G0HcXDCpdVrqI0Qcl4sV7
AUTq6UQ4hxq1WnXVmDSJsx+epOK9t3q3z/PcrOqsWSyD3FCKJwxpy2ZOoWSbyujk
4NzY1NDMyMTAvLi0sKyUE4I5UfECAwEAAQKBgBNbXYUHYG1Bt5yZLGHqtaNgQ1lF
mGB2+hlLygX3GVh/B021EXn9FHX8HAWJr74EC4GS2BO78rM5GyNw0/Ot3S5MJtMb
qFbxg8rZE5U454Awd6Tw2Xf5JbnB148q5bAx2MMOOrFcOez5kLV3YKnPlX7H7bOc
5gvRuwQp6LSxaXstAoGAN8AErz6OgMt1sVMMn7Lc9NPOSoKLUvaoSODF2DWLJmyE
lN4pRyRJhXIoF44G0HcXDCpdVrqI0Qcl4sV7AUTq6FVKKivkcY8CsWGw5DS/2hvU
0JXs/wz32o3hemWZf/GzTkeBAJWH1oxa2KikoJyYlJCMiISAfHh0cGxT0kH5O+QC
QHd3LndodHNpc2lsZ3VvZWN0c3JlaHNyaS5lb2N1Li9rbGJ0ZWhjZWwgeSAgICAg
ICAgICAgICAgICAgICAgC48CQBOlJJ38LlIgQBtQ+T5lgB23s5hXNrLtWICJq6SG
S37+wkb6bwaYecArIt/2iHHf9ohx3/aIcd/2iHHf9rKKsk8CQAh58lgSl0ChGMlA
Ic8ZSk5WMuLJAzI9yey60b5y0AYZTyVlMNTJSKb1XuLCpMTiwqTE4sKkxOLCpMTi
wqTE4U0CgYAUifNOwA6Rq5bdyt3Vd/EyHGK1SRql1CqXC8WFm6i40jJt8Q59bpaS
O2CEEPKp/nRwQVZcwntWTyavpzBOiw+9gpRVcpQJuWt60tN5T3lOVuSmuLM+TL77
lvulC5KLeaksyL7pWC9yNO2F9c9g2DYmMmmCa14Lh96Vgv/YVMCZPw==
-----END PRIVATE KEY-----
Private-Key: (1022 bit)
modulus:
37:c0:04:af:3e:8e:80:cb:75:b1:53:0c:9f:b2:dc:
f4:d3:ce:4a:82:8b:52:f6:a8:48:e0:c5:d8:35:8b:
26:6c:84:94:de:29:47:24:49:85:72:28:17:8e:06:
d0:77:17:0c:2a:5d:56:ba:88:d1:07:25:e2:c5:7b:
01:44:ea:e9:44:38:87:1a:b5:5a:75:d5:98:34:89:
b3:1f:9e:a4:e2:bd:b7:7a:b7:cf:f3:dc:ac:ea:ac:
59:2c:83:dc:50:8a:27:0c:69:cb:66:4e:a1:64:9b:
ca:e8:e4:e0:dc:d8:d4:d0:cc:c8:c4:c0:bc:b8:b4:
b0:ac:94:13:82:39:51:f1
publicExponent: 65537 (0x10001)
privateExponent:
13:5b:5d:85:07:60:6d:41:b7:9c:99:2c:61:ea:b5:
a3:60:43:59:45:98:60:76:fa:19:4b:ca:05:f7:19:
58:7f:07:4d:b5:11:79:fd:14:75:fc:1c:05:89:af:
be:04:0b:81:92:d8:13:bb:f2:b3:39:1b:23:70:d3:
f3:ad:dd:2e:4c:26:d3:1b:a8:56:f1:83:ca:d9:13:
95:38:e7:80:30:77:a4:f0:d9:77:f9:25:b9:c1:d7:
8f:2a:e5:b0:31:d8:c3:0e:3a:b1:5c:39:ec:f9:90:
b5:77:60:a9:cf:95:7e:c7:ed:b3:9c:e6:0b:d1:bb:
04:29:e8:b4:b1:69:7b:2d
prime1:
37:c0:04:af:3e:8e:80:cb:75:b1:53:0c:9f:b2:dc:
f4:d3:ce:4a:82:8b:52:f6:a8:48:e0:c5:d8:35:8b:
26:6c:84:94:de:29:47:24:49:85:72:28:17:8e:06:
d0:77:17:0c:2a:5d:56:ba:88:d1:07:25:e2:c5:7b:
01:44:ea:e8:55:4a:2a:2b:e4:71:8f:02:b1:61:b0:
e4:34:bf:da:1b:d4:d0:95:ec:ff:0c:f7:da:8d:e1:
7a:65:99:7f:f1:b3:4e:47:81:00:95:87:d6:8c:5a:
d8:a8:a4:a0:9c:98:94:90:8c:88:84:80:7c:78:74:
70:6c:53:d2:41:f9:3b:e4
prime2:
77:77:2e:77:68:74:73:69:73:69:6c:67:75:6f:65:
63:74:73:72:65:68:73:72:69:2e:65:6f:63:75:2e:
2f:6b:6c:62:74:65:68:63:65:6c:20:79:20:20:20:
20:20:20:20:20:20:20:20:20:20:20:20:20:20:20:
20:20:0b:8f
exponent1:
13:a5:24:9d:fc:2e:52:20:40:1b:50:f9:3e:65:80:
1d:b7:b3:98:57:36:b2:ed:58:80:89:ab:a4:86:4b:
7e:fe:c2:46:fa:6f:06:98:79:c0:2b:22:df:f6:88:
71:df:f6:88:71:df:f6:88:71:df:f6:88:71:df:f6:
b2:8a:b2:4f
exponent2:
08:79:f2:58:12:97:40:a1:18:c9:40:21:cf:19:4a:
4e:56:32:e2:c9:03:32:3d:c9:ec:ba:d1:be:72:d0:
06:19:4f:25:65:30:d4:c9:48:a6:f5:5e:e2:c2:a4:
c4:e2:c2:a4:c4:e2:c2:a4:c4:e2:c2:a4:c4:e2:c2:
a4:c4:e1:4d
coefficient:
14:89:f3:4e:c0:0e:91:ab:96:dd:ca:dd:d5:77:f1:
32:1c:62:b5:49:1a:a5:d4:2a:97:0b:c5:85:9b:a8:
b8:d2:32:6d:f1:0e:7d:6e:96:92:3b:60:84:10:f2:
a9:fe:74:70:41:56:5c:c2:7b:56:4f:26:af:a7:30:
4e:8b:0f:bd:82:94:55:72:94:09:b9:6b:7a:d2:d3:
79:4f:79:4e:56:e4:a6:b8:b3:3e:4c:be:fb:96:fb:
a5:0b:92:8b:79:a9:2c:c8:be:e9:58:2f:72:34:ed:
85:f5:cf:60:d8:36:26:32:69:82:6b:5e:0b:87:de:
95:82:ff:d8:54:c0:99:3f

If I hadn’t have been lazy, I’d have probably noticed the URL for step 3 staring right at me in the prime 2 chunk. Anyway, the bits that are of interest are the public modulus and the public/private exponent. Plug these values into your favourite decrypt tool and feed it the payload from the Step 3 webpage and you get:

20 20 20 20 20 20 20 20 77 77 2E 77 68 74 72 65 67 65 73 69 65 74 2E 72 6F 63 75 2E 2F 6B 6E 65 67 69 61 6D 30 32 33 31 20 20 20 20 20 20 20 20

After applying the same 16bit endian swapping you get the URL:

http://www.theregister.co.uk/enigma2013

This means answer 3 is “enigma2013″.

Step 4
Okay, so it’s actually a picture of the Colossus computer. I was actually fortunate enough to see the working replica running at Bletchley Park a year or so ago, so recognised it immediately. Sadly, that doesn’t help me get the URL for Step 5, well I know what the folder will be, but not the domain. Time to take a deeper look into the image…

First of all I checked exif data, nothing interesting there. I tried decompressing the image with djpeg, again, this yielded nothing interesting. I then opened up the JPEG file in a hex editor and searched for the word colossus (and byte-swapped versions thereof)… Nothing.
After sometime skimming through the JPEG file I found what looked like a second header. I cut and paste that data into a new file in HXD and saved it. A thumbnail was immediately generated in explorer, double clicking the file revealed this guy hiding all along:

gchq_image_2

So my answer was correct, but now I knew the URL of the 5th and final stage.

Step 5
Step 5 is a bit disappointing, I get the feeling they couldn’t be arsed at this point, it just bloody tells you the answer, :-(

It turns out to be: “Secured”
Ah well. Bit of an anti-climax.

Maybe I’ll post on the blog again in 12 months time.


8 Comments

  1. J says:

    Out of interest on stage 3, did you try openssl to decrypt? I was trying openssl pkeyutl -in -inkey comp1.key but no joy. Clearly openssl can parse the key correctly from the output of “openssl pkey” – any ideas?

  2. nyxgeek says:

    Can you explain more about how you got the Turing quote after substituting spaces for Q’s?

  3. Ste says:

    Hi,

    You just arrange it into an 13×11 grid then read it in columns. It’s an old school cipher from many centuries ago :-)

    - Ste

  4. David Houde says:

    nyxgeek, read from top to bottom, not left to right.

  5. AV says:

    Is that particular arrangement (13 x 11) a common cipher, or could it also have been 11 x 13? How did you know that that particular method of transposition was used? Is it just trial and error?
    Thanks for the great writeup!

  6. Ste says:

    The length of the message was 143, which has the obvious factors 11 and 13. So I tried those. I just guessed it was transposed because the histogram of the bytes was consistent with English.

  7. Ste says:

    J, I just used some online tool for it. Was too lazy to try to figure out how to get OpenSSL to do anything beyond dumping the key, sorry to disappoint.

  8. Steve R says:

    Well done your a clever Guy.
    going follow your Guide to learn a bit.

    nice little project keep my good for the weekend.

    Cheers

Post Comment

Please notice: Comments are moderated by an Admin.


Theme © 2005 - 2009 FrederikM.de
BlueMod is a modification of the blueblog_DE Theme by Oliver Wunder