So, London BSides Logo challenge...
" Logos should be unique, original, should not infringe copyrighted, and
demonstrate the creativity and talent of our community.
**I submitted something last year it was ... Okay but a better design was chosen, This year I thought i'll do my best to not let that happen again." **
== I didn't get selected -_- haha, ==
anyway i think it's worth showing you guys how i interpreted the brief and take you on a little journey
My 2016 Design:
Pretty cool right? looks a bit tech but also has a nice ... whatever I like it.
Some of you may think, cool design bro, and get on with your life ... and other's will know... that's a sneaky QR Code in that graphic !
Scan the QR Code, this will give you a URL address.
Accessing the 'onion address'
(Hint: it's on the
DarkNet UnderNet DeepWeb Tor Network )
Take a copy of the
index.html page, it has everything you need within the page.
Inspect the source code, take notes of things that might be useful.
Save that cat.
save the image as
coolcat.gif there are a number of ways to do this so i'll let you find your own way, visual or command line.
open the cat up.
depending on how you have explored the
coolcat.gif file you may have noticed signatures of a zip file within it's self, cool let's extract the zip:
once you have unzipped the
coolcat.gif you will notice an extracted file called
toreachthisyoupassthepasswordby.enc you have an encrypted file.
Using your cool hacker derp brain you can enumerate possible passwords and assistance from the
index.html have a look in the code and you will identify the crypto in use and also the password is in that page too, hopefully there was enough hints.
openssl enc -aes-256-cbc -d -in toreachthisyoupassthepasswordby.enc > didiwin.txt (enter password)
When done correctly the contents of the piped output
didiwin.txt will say the following:
YOU ARE A WINNER:
Why did the computer go to the Doctor?
because it had a security problem that megahertz ... MEGAHERTZ ...
= = =
Topics we touch on in this challenge:
- Alternative URL vectors
- .onion networks
- Checking out the source
- Base64 Encoding and decoding
- Cryptography, Encryption & Decryption
- Space Cats & Bad Jokes