Monday, April 15, 2013

Ihack2013 - Forensic Writeup Challenge 100 Point - Cryptography

Ihack2013 already finished but most of the contestants still eager to know what's the solution for most of the questions.
Here's 1 of them.

They were given a file with this image as a clue.

A clue?!! yes..each image for every questions is THE CLUE!
So what's the relation between Ash Ketchum from Pokemon with this cryptography?

 Wait.How did I know that file is an image file? Basic forensic step. Use FILE command in linux to identify the type of that file.

So I can see some of the contestants using many ways to decode the code. Applause to them. Its great to see some efforts from the youngsters :D

So what's actually this code is about? And the important thing is,WTF IS THIS CODE?!!
Its a bionicle encoding.
Google about them :)

Hard to decode it 1 by 1? Here's the trick, you just need to decode the 1st line of the cryptography message. Once you decoded it, try to google them.
Yes! The code is coming from Pokemon's wikipedia which already mentioned by the clue!
So encode the paragraph where your 1st line decoded message were using online bionicle encoding tool, compare it with the question given by the forensic game, you'll notice a slightly difference in the coded message. Yes there's where the flag located. Decode that part and voilla. You got the flag!
Flag is g0tta.h4cK.th3m.@LL

Its not hard at all :P
Congratz for those manage to get the flag.