[CONTEST]Can Ya Crack This??

[PLuNK]

I've uploaded a new version of the "Can you crack me"

I'm not going to provide ANY hints at all regardless.

Feel free to help each other out as much as you want.

http://rapidshare.com/files/162316349/arr_pirate.rar

*SKIP TO THIS POST*

*OLD POST BELOW*

Hey,

I've encrypted a file,

It's your job to try and decode it all.

You're going to need:

Hex editor

WinRAR

Analytic mind

Have fun!

http://rapidshare.com/files/161393762/worl...ongest-dog.dent

[Zimmer]

Soinds fun :)

[PLuNK]

It's gonna take a while...

[digip]

Um, I get two files, with one that says you win with some funky stuff and one that is a string of numbers. But I think maybe I'm not done yet?? I do know the one is the Rar Hex Signature.

[PLuNK]

It'll say if you've completed it within the file,

And instructions also.

[X3N]

instructions?

and is the completed decryption just a string of text?

[digip]

I'm not good with trying to copy over a password hex value from one file to another, so I'm going to just tyr an brute force it to see if I can even coem up with the password. I have about 16 hours left on my password cracker, and even then, its only going to find it if its a word on my list.

instructions?

and is the completed decryption just a string of text?

No instructions. You are supposed to figure this out based on what he said in the first post. But I can tell you, no, its not a single string of text, there are two files. In one of the files is a bit of a hint though.

[PLuNK]

Haha.. I'm just laughing right now..

Once you've completed it you'll know.

It'll have instructions.

[digip]

Well, I tried a good 2 million paswords and still nothing. This is where a cluster would come in nive to just try every possible combination of characters. I just don't have the resources to do it.

As for HEX editing the password, if I knew what part of the file was the password, then maybe I could do it, but as of right now, I can't figure out which bits to change. Every time I try to edit the file, it breaks and gets either an "unexpected end of archive" or "corrupted header file" yet still prompts me for a password.

[Sparda]

Why does the 'encrypted' file contain "you-win" in the middle of it?

I don't understand what the value stored in Deston.pentacts.hex is meant to be? The encrypted password?

[PLuNK]

I can't tell you,

I've kinda given heaps of hints..

[digip]

Problem I find is that rar files do not have a specific area that is just the password of the file, or at least I have not been able to find any documentation to specify what part is just the password. I wonder if repairing it under someth prior to 2.5 would still make it openable? I am using 3.x and I know that it uses AES 128 bit hashes of the key, but that still doesn't help me find the damn key to replace it.

Just looked more closely at the file, its not AES Encrypted, just passworded, so maybe there is an easy way to break this open. If it were AES Encrypted, as soon as you open the archive, it would prompt you for the password, but since it lets you see whats in the archive when opening it, then that means its just password protected without AES encryption on the internal file.

[DrCheeseit]

>.< i tried to but i know nothin about hex and when i entered it into the hex editor i was like omg wtf but i found out that is was written in pascal XD at least i think i did lmao

[vector]

[PLuNK]

Yea that's just a image,

Not the answer...

I used it for a container.

But you'll see a ANSI encoded file at the end with instruction on how to provide proof you completed it.

And there shouldn't be any encryption on the files (Other then the encryption used to compress the file(s))

Just so you know I made this in about 10 minutes for fun and decided to post it here,

I tried to de-encode it last night and even I couldn't do it due to the fact I didn't right any instructions for myself.

I removed the first 4 headers in the file & placed the removed information in the .HEX file, So by added that back to the FRONT of the damaged RAR file should solve the problem. I haven't managed to correct the issue though.

That's all the information I'm giving you, No you have to go & debug the issue :D

Have fun!

[digip]

I had already repaired the file, its just that I can not figure out the password to the file "you_win". The others are not password protected, just the one file. If you don't even know what the password is, then how are we supposed to figure it out? A hint for the password would would have been nice.

I know pentacts means 5 or pertains to something with 5 limbs, or a 5 rayed structure in a sponge. The Deston part does not make any sense to me. Deston can be a boys name, which means Destiny. If the names have nothing to do with the password, at least let use know that much.

[PLuNK]

The file ext. used are just random,

The file password is VERY simple,

Only lowercase & no symbols etc.

[Zimmer]

I download the file and extract it with both WinRAR and 7-Zip neither ask for a password. I then get two files and one has hex that in ASCII is Rar!?. I tried extracting those two files but they aren't RAR files. So what files is the password protect one?

[Zimmer]

Ok this is what I've got so far. The two files you extract for the orignal download. One contains you_win in it. That file you need to repair as a RAR file. It will then go throught it. Then once it is repaired try to extract it. WinRAR will ask you for a password. :)

[digip]

I download the file and extract it with both WinRAR and 7-Zip neither ask for a password. I then get two files and one has hex that in ASCII is Rar!?. I tried extracting those two files but they aren't RAR files. So what files is the password protect one?

Yeah, see your post above - posted before I saw you figured it out. But yeah, the file asks for a password once its repaired.

[Zimmer]

For Passwords I've tried you_win the hex of it, Rar, Rar!? (From the other file.). What have you guys tried? Time to head to google.com :)

Just google the text of the other file not the you_win and "526172211A" look "http://corrupteddatarecovery.com/Repair/RAR-Archive-File-Repair-RAR-Data-Conversion.asp" Maybe its corrupt to.

Instead of using WinRAR to fix it just put this into the front of it Rar!

So damaged one in hex

07 00 cf 90 73 00 00 0d 00 00 00 00 00 00 00 6c 00 7a 00 80 23 00 18 00 00 00 0d 00 00 00 02 e9 b5 8d e1 00 00 00 00 1d 33 03 00 00 00 00 00 43 4d 54 08 15 47 ed 0f 15 31 46 31 ea 70 25 1f df e6 ff da 2a f3 93 29 34 7f 40 c6 3f 74 24 94 34 00 80 00 00 00 11 01 00 00 02 1c fa e3 d7 fa 73 67 39 1d 35 07 00 20 00 00 00 79 6f 75 5f 77 69 6e bc 7b 73 f0 8a 9d 17 71 00 b0 b5 97 0e 2e 49 02 65 5a b9 5d 39 76 b7 ba 15 65 23 b8 76 ba d8 12 45 f3 24 fd 69 8e 58 8b 70 7c cc 73 b1 0b 7d fe dc 31 56 8a d5 1e 81 09 89 f9 1f 42 3e ec 12 fe 5b d2 92 5e 49 15 9b 1c b8 f7 9a 53 ba a7 03 f7 75 cb 4e 94 d2 95 fc c2 d9 c6 4f 23 f5 72 95 55 cb 1a a0 41 64 da 50 bd ae f5 aa 95 dc 0a 88 97 21 25 5a 18 37 e6 76 2f 98 6a c9 1e 9b 62 ed b9 50 f9 72 df 0f 16 da 60 51 bc d5 78 c1 c4 3d 7b 00 40 07 00

Fixed

52 61 72 21 1a 07 00 cf 90 73 00 00 0d 00 00 00 00 00 00 00 6c 00 7a 00 80 23 00 18 00 00 00 0d 00 00 00 02 e9 b5 8d e1 00 00 00 00 1d 33 03 00 00 00 00 00 43 4d 54 08 15 47 ed 0f 15 31 46 31 ea 70 25 1f df e6 ff da 2a f3 93 29 34 7f 40 c6 3f 74 24 94 34 00 80 00 00 00 11 01 00 00 02 1c fa e3 d7 fa 73 67 39 1d 35 07 00 20 00 00 00 79 6f 75 5f 77 69 6e bc 7b 73 f0 8a 9d 17 71 00 b0 b5 97 0e 2e 49 02 65 5a b9 5d 39 76 b7 ba 15 65 23 b8 76 ba d8 12 45 f3 24 fd 69 8e 58 8b 70 7c cc 73 b1 0b 7d fe dc 31 56 8a d5 1e 81 09 89 f9 1f 42 3e ec 12 fe 5b d2 92 5e 49 15 9b 1c b8 f7 9a 53 ba a7 03 f7 75 cb 4e 94 d2 95 fc c2 d9 c6 4f 23 f5 72 95 55 cb 1a a0 41 64 da 50 bd ae f5 aa 95 dc 0a 88 97 21 25 5a 18 37 e6 76 2f 98 6a c9 1e 9b 62 ed b9 50 f9 72 df 0f 16 da 60 51 bc d5 78 c1 c4 3d 7b 00 40 07 00

[digip]

For Passwords I've tried you_win the hex of it, Rar, Rar!? (From the other file.). What have you guys tried? Time to head to google.com :)

Just google the text of the other file not the you_win and "526172211A" look "http://corrupteddatarecovery.com/Repair/RAR-Archive-File-Repair-RAR-Data-Conversion.asp" Maybe its corrupt to.

526172211A was just the first hexed values of the file. It is the hexed Rar! header signature. If the file were still corrupt, winRar would tell you.

[Zimmer]

Ok I add new text.txt to a rar and when opening it up the RAR had a string of new text.txt. From that I believe that the you_win string is the file that has been compressed

Ok The RARs Password is defintely not stored in the hex code. Becuase I password protected file with a password and it was not in the in the file. (You guys probably new that.)

[digip]

Ok I add new text.txt to a rar and when opening it up the RAR had a string of new text.txt. From that I believe that the you_win string is the file that has been compressed

Yup. If you try to open the repaired rar file, you will see the name of the file "you_win" that you then try to open and it asks for the password to the file "you_win". He stated the password is simple and all lower case letter. Although I'm debating on how simple it really is...

[Zimmer]

Wait is the file encrypted. If not would it be theoretically possible to have a program that extracts it ignoring the password? For some reason I doubt it but just maybe...