Announcement

Collapse
No announcement yet.

DEF CON Giveaways

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts
    TheCotMan
    *****Retired *****

  • TheCotMan
    replied
    Re: DEF CON Giveaways

    Originally posted by Nikita View Post
    Yeah, the grid didn't translate well to the forums, will look right on the main page, but you should get the idea. :-P
    Forums support markups that allows you to specify a "fixed width font" (or request from from browsers) which should help you keep your grid layout.

    try using "code" inside square brackets to open, and then same thing inside square-brackets prefixed with a "/" to close
    "[" + code + "]" to begin

    then to close:
    "[" + "/code" + "]"

    Here is a literal example:

    Code:
    Using code for fixed width font

    Leave a comment:


  • Nikita
    replied
    Re: DEF CON Giveaways

    Yeah, the grid didn't translate well to the forums, will look right on the main page, but you should get the idea. :-P

    Leave a comment:


  • Nikita
    replied
    Re: DEF CON Giveaways

    Here is the writeup, which I will get posted to the main site soon. This is from @DarthNull on twitter :-)

    ------

    About a month ago, Nikita mentioned on twitter that she wanted ideas for a badge giveaway contest. Banasidhe suggested she ask G. Mark Hardy to write a crypto contest, and he recruited me to help. So together we came up with the basic outline of the puzzle, he wrote the clues, and I built the puzzle. For reasons that will shortly become apparent, though, we kept his involvement quiet.

    The puzzle consisted of a word search game and two stages of cryptography. All the word search clues were contests at DEF CON (and apologies to any contests we couldn't fit in!). Once you found all the words, the real contest began. Trying to incorporate a coded message into the clues or the locations of the hidden words would be nearly impossible...but we had all kinds of letters left over. So rather than filling the grid with random letters, we filled them with cipher text.

    So, the original puzzle:

    L B H U N I S R Q B A R I R C E L J R Y Y
    F B S N E S C A V E N G E R H U N T A D B
    J E X P L O I T H A C K A T H O N S I B E
    G U L R C E S V C M R C U R E R V M F L H
    B H E I P D N Y H E K R P U R V A F G Y A
    U R A R P J E U B M J I F G B R S U R G C
    N G P X W M R F E R M O E W Y R B O A C K
    N E N Q A L O I E P K K R P K K T L H T E
    K H I I L V F C M H V W T P X S F R A Z R
    E O C Y L Y K Y D S T N O M T E T M C M J
    G L B J O O R P F N E T M R H E P F K Z E
    D O I U F A O X A C A S O T P E N P F X O
    A N C H S P W C K A B H E P R G C K O H P
    I A Z C H I T N E E S R S E S A B V R E A
    N J A W E L E Z W G U C V A D B B T T A R
    X L A X E T N Z O T A I M X R K B B R H D
    B C I F P I Y X P Q D R G L B C M L E B Y
    R N S C H E M A V E R S E C H A M P S G F
    G S T R H B C C N Z F Z A V F L X M S A F
    D X M G R J L T U F P R N G E B F J M K W
    C T J Q W D E X E J H E D W M b K K K K K

    Just the hidden words:

    . . . . . . S . . . . . . . C . . . . . .
    . . . . . S C A V E N G E R H U N T . D .
    . E X P L O I T H A C K A T H O N . I . .
    . . L . . . S . C . . C . . . . . M . . H
    . . . I . D N . . E K . P . . . A . . Y A
    . . . . P . E . . M J I . . . R . . R G C
    . G . . W M R F E . M O . . Y . . O A . K
    . . N . A . O I E P . . R P . . T L H T E
    . . . I L . F C M H . . T P . S F . A . R
    . . . . L Y K Y D . T N . . T E . M C . J
    . . . . O O R . . N E T . R H E P . K . E
    . . . U F A O . . C A . O T . E N . F . O
    . . C . S . W C K . . H E P R G . K O . P
    . A . C H . T N E . S R S E S A . . R . A
    N . A . E . E . . G U . V A . B . . T A R
    . L . . E T N . . T A I . . R K . . R . D
    . . . . P . . . P . D R . . . C . . E . Y
    . . S C H E M A V E R S E C H A M P S . .
    . . . . . . C . N . . . . V . L . . S . .
    . . . . . . . T . . . . . . E B . . . . .
    . . . . . . . . . . . . . . . B . . . . .


    What's left over:

    L B H U N I . R Q B A R I R . E L J R Y Y
    F B S N E . . . . . . . . . . . . . A . B
    J . . . . . . . . . . . . . . . . S . B E
    G U . R C E . V . M R . U R E R V . F L .
    B H E . P . . Y H . . R . U R V . F G . .
    U R A R . J . U B . . . F G B . S U . . .
    N . P X . . . . . R . . E W . R B . . C .
    N E . Q . L . . . . K K . . K K . . . . .
    K H I . . V . . . . V W . . X . . R . Z .
    E O C Y . . . . . S . . O M . . T . . M .
    G L B J . . . P F . . . M . . . . F . Z .
    D O I . . . . X A . . S . . P . . P . X .
    A N . H . P . . . A B . . . . . C . . H .
    I . Z . . I . . . E . . . . . . B V . E .
    . J . W . L . Z W . . C . . D . B T . . .
    X . A X . . . Z O . . . M X . . B B . H .
    B C I F . I Y X . Q . . G L B . M L . B .
    R N . . . . . . . . . . . . . . . . . G F
    G S T R H B . C . Z F Z A . F . X M . A F
    D X M G R J L . U F P R N G . . F J M K W
    C T J Q W D E X E J H E D W M . K K K K K


    Starting at the top left and going left-to-right, top-to-bottom, the following coded message is revealed:

    LBHUNIRQBARIRELJRYYFBSNEABJSBEGURCEVMRURERVFLBHEPY HRURVFGURARJUBFGBSUNPXREWR
    BCNEQLKKKKKHIVVWXRZEOCYSOMTMGLBJPFMFZDOIXASPPXANHP ABCHIZIEBVEJWLZWCDBTXAXZOM
    XBBHBCIFIYXQGLBMLBRNGFGSTRHBCZFZAFXMAFDXMGRJLUFPRN GFJMKWCTJQWDEXEJHEDWMKKKKK

    So how is the message hidden? We didn't want this to be too hard, so the first part was just a Caesar cipher: ROT-13.

    ABCDEFGHIJKLMNOPQRSTUVWXYZ
    NOPQRSTUVWXYZABCDEFGHIJKLM

    So every "A" turns into an "N", every "X" into a "K", etc. Applying that key to the code gives us (with spaces added for clarity):

    YOU HAVE DONE VERY WELL SO FAR
    NOW FOR THE PRIZE HERE IS YOUR CLUE
    HE IS THE NEW HOST OF HACKER JEOPARDY
    XXXXXUVIIJKEMRBPLFBZGZTYOWCSZSMQBVKNFCCKNAUCNOPUVM VROIRWJYMJPQOGKNKMBZ
    KOOUOPVSVLKDTYOZYOEATSTFGEUOPMSMNSKZNSQKZTEWYHSCEA TSWZXJPGWDJQRKRWURQJZXXXXX

    One last trick: because we were referring to Jeopardy...the answer had to be phrased as a question. “Who is G. Mark.” Was the answer, and submitting it got you an entry into a raffle for a free T-shirt. And now you see why we didn't credit G. Mark with helping -- we were afraid it might be too much of a hint for the solution.

    So, what about the rest of the message? Well, it's encrypted with a different cipher. We left it padded on each end with multiple Xs, because we hoped that maybe it'd serve as a confirmation that you'd gotten that part right. (otherwise, well, do you use the second half ROT-13d, or as it was originally presented, or what?) So now you've got a second ciphertext, but what do do with it?

    The second half was encrypted using a Vigenère cipher. This is what's known as a "Polyalphabetic Substitution Cipher," which is a fancy way of saying that every successive letter is encrypted with a different key. For example, if you had a key of "KEY", then the first letter of the message would be encrypted using a Caesar shift of "K" (where A maps to K), the second with a shift of "E" and the third with a shift of "Y". Then the key repeats, so the fourth letter of the message is encrypted using K, then E, etc.

    Several tools and techniques exist for attacking this kind of cipher, though they might not work as well for a short message like this one. In any event, the players already have the key for the second stage: "WHOISGMARK". Applying that to the ciphertext, using one of many online tools, provides the clue for the second stage prize:

    YOU ARE SMARTER THAN THE AVERAGE BEAR
    YOU SHOULD SIGN UP FOR HACKER JEOPARDY
    THE CODE TO ENTER THE DRAWING TO WIN A HUMAN BADGE IS THE FOLLOWING
    WINN IS OLDER THAN DIRT

    (Winn: Blame G. Mark for this clue, not me!)

    A couple funny points: Apparently we dropped an "E" in "SCHEMAVERSECHAMP" in the list of words to search for. It was properly spelled in the puzzle itself, though. Sorry about that, to everyone who thought that was the answer (we wouldn't make it *that* easy). Also, a hint was given on the DEF CON Facebook page to "Play by the rules." That made at least a couple people think that the second stage was encrypted with a "Playfair" (get it -- "Play Fair"?) cipher, as that's a standard G. Mark hint for Playfair. We did consider using Playfair for the second stage, but ended up with Vigenère instead, though I'm not positive why. This wasn't meant as a deliberate bit of misdirection...but it was sorta vaguely amusing to watch. Sorry.

    When the game finished, we had 903 unique entries, 319 were participants who got it right and remained eligible. 355 were correct entries for stage 1 (and were eligible to win a T-Shirt), and 349 entries had solved stage 2 (earning a chance at a T-Shirt and a Human badge).

    Because there were so many good entries, and because Nikita had wanted to do another badge challenge but ran out of time, she decided to double up on the winners. The incorrect answers were removed from the database and the remaining were picked using random.org generator to avoid any accusations of selective picking.

    "Contester"- Free Human Badge & T-shirt
    "Martina" Free Human Badge & T-shirt
    "Phil"- Free T-shirt
    "Greg"- Free T-shirt
    "Melinda"- Free T-shirt

    Anyway, that's the puzzle. Thanks so much to Nikita for asking us to do this, to G. Mark for letting me kind of run with it, and to everyone who played. I was thrilled to see so many first-time puzzle solvers attack the puzzle and succeed. Great job everyone!

    Leave a comment:


  • Nikita
    replied
    Re: DEF CON Giveaways

    A new contest giveaway has launched.
    This time for a free badge. Check out the puzzle at: https://defcon.org/#dc21badgechallenge

    Leave a comment:


  • Nikita
    started a topic DEF CON Giveaways

    DEF CON Giveaways

    Hey folks, another giveaway just launched.

    During the DEF CON Forum Meet & Party, We will hold a DEF CON trivia game. Those who are there can win various prizes and swag for getting the right answers. We need help coming up with awesome trivia questions to stump the old timers and newcomers alike. So submit a question for us and be entered in the drawing to win a free DEF CON 21 t-shirt. (Must be present at the con to redeem)

    The DEF CON Forum Meet will be held Friday Night from 20:30 until 02:00, in Amazon E. The forum meet is an awesome hangout meetup for current and future DEF CON Forum members, there will be plenty socializing, a performance from the goon band Recognize, and if we play our cards right a bouncy house.

    To enter, go to the DEF CON Giveaway Tab on our facebook, or use the following link: preview.tinyurl.com/DC21Trivia

    Entries, left as a comment in the post will not be considered in the drawing, you need to enter to play.


    More contests to come. We will be giving away free badges next week. :-)
Working...
X