GCHQ Challenge

[Solarmew]

Has anyone else got anywhere with this? There's a few smart guys here so I'm guessing someone must have made progress. Anyone figured out what the code is in the image or found the other chunk of data? I've been having a go at it this weekend and have managed to complete the first task, but it took me a good few hours! I've attached the image in case the site goes after the timer expires.

The next bit will take me more time I think... I don't I'll get it done before the timer runs out but it's a good challenge

Here's the (more obvious) code from the image for the first part:

Code: Select all

eb 04 af c2 bf a3 81 ec   00 01 00 00 31 c9 88 0c 
0c fe c1 75 f9 31 c0 ba   ef be ad de 02 04 0c 00 
d0 c1 ca 08 8a 1c 0c 8a   3c 04 88 1c 04 88 3c 0c 
fe c1 75 e8 e9 5c 00 00   00 89 e3 81 c3 04 00 00 
00 5c 58 3d 41 41 41 41   75 43 58 3d 42 42 42 42 
75 3b 5a 89 d1 89 e6 89   df 29 cf f3 a4 89 de 89 
d1 89 df 29 cf 31 c0 31   db 31 d2 fe c0 02 1c 06 
8a 14 06 8a 34 1e 88 34   06 88 14 1e 00 f2 30 f6 
8a 1c 16 8a 17 30 da 88   17 47 49 75 de 31 db 89 
d8 fe c0 cd 80 90 90 e8   9d ff ff ff 41 41 41 41

cyber.png

For those who would like some help with that code, I hear most of it is unrelated. But I know nothing of breaking codes so no idea if true or not

It's not true, whoever told you that clearly doesn't know what they're looking at

I figured out what the code is and i thought decoding it the right way will turn into one thing, but after decoding it, it turned out it wasn't ... or maybe i didn't decode it right ... or maybe it's missing something ... but if it's not, the actual code has what looks like equations in it, i'm not sure if they are relevant, they sure look like it tho ....

[jeffives69]

The first thing I did when I saw this, was to see if there was any other pages to the website by using google ( site:http://www.canyoucrackit.co.uk/ ) I use this from time to time when SEO to make sure google bot can see all pages of a website or sometimes not to see all pages.

This search brings up http://www.canyoucrackit.co.uk/soyoudidit.asp

And a couple of other pages that say

404 – Not Found

We can see you are trying hard but you are not quite there yet.
Look forward to seeing you when you have cracked the code.

As soon as I saw http://www.canyoucrackit.co.uk/soyoudidit.asp I was under the assumption that this was the only answer for two reasons.

1: If this is a mistake by their developers why has it not been blocked to search engines by now and/or the page name changed.

2: why is the link not chucking up a 404

I was a little disappointed when I found this, but if you all think the code is solvable I’ll try it out.

[bluesign2k]

I'm sure there is a final code that's solvable. I haven't got anything to enter in the box on the page as yet. From the code in the image I've got another url that gives me a file with another bunch of code that says it's stage 2 of 3.

I guess the page you've found is what happens when you crack it all which is cool but it's cracking the codes and puzzles that interests me.

[jeffives69]

I’m all about the codes and puzzles too, but it is GCHQ we’re talking about. Who’s to say the codes aren’t a red herring and that is the way to solve it.

I guess what I’d love to hear is someone has put in an answer and got to the next page/code.

[allardwza]

There's an article on the Telegraph website that pretty much talks you through it all. Including the bit at the end that points to a low level job advert... (think it was the Telegraph- there's a link from unfiction.)

Allard

[jeffives69]

There's an article on the Telegraph website that pretty much talks you through it all. Including the bit at the end that points to a low level job advert... (think it was the Telegraph- there's a link from unfiction.)

Allard

Thanks Allard

http://www.telegraph.co.uk/news/uknews/ ... cancy.html

I think I'll skip this one

[Solarmew]

From the code in the image I've got another url that gives me a file with another bunch of code that says it's stage 2 of 3.

how'd you do that? i dun see anything ... do you have to paste the actual code in the image in there somewhere or is it actually irrelevant?

[bluesign2k]

The code in the image is machine code. The code is used to decrypt some cypher text in some of the image's data....

At this point it's more than a little helpful to know some background about the structure of PNG files:
PNG files are structured in chunks, each chunk starts with 4 bytes that state the length of the data section of the chunk. The next 4 bytes define the chunk type. Then there is the block of data. Then the chunk ends with a further 4 byte CRC. It's done like this to enable backwards compatibility so that the code processing the image can ignore chunks that it doesn't recognise or know what to do with. While most chunk types, if used, require sensible data, an iTXt chunk can contain plain utf text. If you look, this image has an iTXt chunk with some apparently random text (found at offset 0x56):

Code: Select all

00 00 00 5D 69 54 58 74 43 6F 6D 6D 65 6E 74 00 ...]iTXtComment.
00 00 00 00 51 6B 4A 43 51 6A 49 41 41 41 43 52 ....QkJCQjIAAACR
32 50 46 74 63 43 41 36 71 32 65 61 43 38 53 52 2PFtcCA6q2eaC8SR
2B 38 64 6D 44 2F 7A 4E 7A 4C 51 43 2B 74 64 33 +8dmD/zNzLQC+td3
74 46 51 34 71 78 38 4F 34 34 37 54 44 65 75 5A tFQ4qx8O447TDeuZ
77 35 50 2B 30 53 73 62 45 63 59 52 0A 37 38 6A w5P+0SsbEcYR.78j
4B 4C 77 3D 3D 32 CA BE F1                      KLw==2...

So if you remove the head, junk and trailing CRC you land up with:
QkJCQjIAAACR2PFtcCA6q2eaC8SR+8dmD/zNzLQC+td3tFQ4qx8O447TDeuZw5P+0SsbEcYR
78jKLw==

The "==" at the end gave away the fact that the data is encoded... so I figured it probably needed to be decoded before being decrypted. I won't go further just yet incase you're still working on it

[Solarmew]

Yikes ...
Yeah, that's a lil beyond me >.< like I said, prolly be easier for comp sci ppls I dunno anything about that stuff I'm just glad I knew it was hex code (from playing Overture Facile btw!!! did you guys try it yet?!)

[Stigy]

Here's the answer in video form:
http://gchqchallenge.blogspot.com/