[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y ] [Search | Extra juicy! | Home]

Agartha Thread 2

This is a blue board which means that it's for everybody (Safe For Work content only). If you see any adult content, please report it.

Thread replies: 55
Thread images: 4

File: 1448643168639.png (40KB, 1885x2010px) Image search: [iqdb] [SauceNao] [Google]
1448643168639.png
40KB, 1885x2010px
Here was the original image. We have hexidecimal, qr code, and caesar cipher. Hexidecimal became a random string of characters, but I found that the anon who translated it to this forgot a few characters.
>>
The qr code result is here

http://pastebin.com/vfagaWp8

I found myself unable to decode the base64

The Caesar cipher is shifted 17 to say PAY ATTENTION TO THE COLORS

There's probably a message hidden if you open the image as a txt file, but Amaze isn't cooperating with me right now.
>>
>>51557907
Maybe the value of the colors have some significance
>>
>>51557907
Never mind, there wasn't a message found if you open it as a txt file.
>>51558023
Yes, I've wondered how though. Blue, orange, and maybe transparent if you count it. Perhaps their hexidecimal values would help?
>>
>>51558064
The blue is #049eef
and the orange is fb860c
>>
Can someone try outguess on that image?
I have no luhnix installed
>>
File: color.png (161KB, 500x900px) Image search: [iqdb] [SauceNao] [Google]
color.png
161KB, 500x900px
We have Blue(049eef), Orange(fb860c) and transparent if that counts.
>>
File: hex.png (13KB, 1086x137px) Image search: [iqdb] [SauceNao] [Google]
hex.png
13KB, 1086x137px
The code on the top is shorter than SHA-256 but longer than MD5 and SHA-1
>>
Uh, context?
>>
>>51558322
looks like something cicada 3301 like
>>
>>51558124
I never used outguess before, what should I be doing with it? So far I did this:

[Downloads]$ outguess -k '049eef' -r qr.png message.txt
Unknown data type of qr.png
>>
>>51558351
maybe try the color hex in combination or the width and height of the image
>>
>>51558392
None of those worked either.
Also the height and width is 2010 and 1885 respectively.
>>
>>51558105
Is there any variation in these color values over the entire image? If so, the message is probably hidden in the color values of the individual pixels.
>>
FB C5 11 57 D2 AC 6F BE F7 9D 76 9A 7A 57 E8 7A 3F 67 08 53 90 14 20 17

https://en.wikipedia.org/wiki/Tiger_(cryptography)
Pretty sure its Tiger, does anyone has good hardware for a brutforce attack? :)
>>
>>51558506
Nope, the colors appear to be uniform
>>
>>51558506
Maybe we have to decrypt the message itself first?
>>
>>51557874
>PAY ATTENTION TO THE COLORS
>Blue and Orange

fuck, it's everywhere
>>
>>51558566
>>51558541
>>51558506
Could it be that the colors are somehow related to this?

f4uJMze1m/kMLxyKTyAsmg==4aGc1DvU89LI7zvbDaCgGMu0HPKLAamcEEKJ+M.... (spam warning)
>>
>>51558611
no idea, but here's that base64 blob decoded into its hex values:

7F 8B 89 33 37 B5 9B F9  0C 2F 1C 8A 4F 20 2C 9A 
E1 A1 9C D4 3B D4 F3 D2 C8 EF 3B DB 0D A0 A0 18
CB B4 1C F2 8B 01 A9 9C 10 42 89 F8 C7 4D 12 5C
40 F2 34 57 2A 2C 1C CF DE 86 45 5C F4 3D A2 6B
7B 4E 79 28 24 AA 52 D1 3F 24 95 67 53 27 AC B7
AE E2 2F C3 C4 31 D1 4F 8C DC 83 86 2F 06 EE C7
87 BA 35 02 6F 85 17 B6 BD 41 3E C4 DB 2C A2 E0
83 81 AA D0 2E A3 AE BB EF 45 02 10 1A 10 8F D5
EA 77 B5 08 45 3C C8 8B F7 95 47 90 1F A1 B3 9A
>>
>>51558709
I should add that this represents 576 bytes.

576 % 16 is 0, which suggests that this Base64 blob is the output of AES encryption, which uses 16-byte blocks
>>
>>51557874
the base64 is salted
the salt is the color of the qr code converted from hex to dec
>>
>>51558832
you can shift/salt base64 with any value/string
you have to then unencode it using the same value
example
mTR4Z7+BQcwNf94lis1ztjVPc4aVJjdvKaQxzm0h3HC7Do4Ulr9B9Wk4z53sjarOG/khQFrRW9M7DU3wlTvuQXVLKa5eUqvJ5dzgojLfFGvNZhMeU+JzHtlfDD+IdiSkTB2uAnj83NkM9YLJcLTb+jC3o7rRuIcSX/HVyQ3+Fr0oDvlKqcW/vgHzj486sjgyHfk2EOMYpr5jRCKMZoKhHrAcesNbcdJjGc+x7ZkkKyrh7d/W78RPOnlWmCRBdNDNnZsKRSTH+IO/6mU==
>>
>>51558832
What do you mean? You can't salt Base64, it's just an encoding scheme. Do you mean the data is the output of a hashing algorithm that was salted, and then Base64-encoded?
>>
Anyone has something?
>>
>>51558881
>You can't salt Base64
code snippet example of what i mean
http://pastebin.com/raw.php?i=meizaD4U
modified encode/decode base64 functions
you can make it so you cannot decode an encoded base64 string which used a randomized base string of legal characters (like bac instead of abc) without using a modified version of the functions
tons of places do this
>>
what is this shit
>>
>>51559016
to be more clear
_i_fu: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="

is actually randomized like
_i_fu: "CHfYJZKABeIDgEpikFjhGLaPNQRqdMcOsTWUruVXSvbnomtl0z1xwy342567+98/="

if you don't know the seed (key/salt/whatever you want to call it) which was used to randomize it, then you're fucked
>>
>>51559030
https://archive.rebeccablacktech.com/g/thread/51557037
>>
>>51559016
Ok, yeah, I get what you mean now.

But that seems overly complicated. I think it's more likely that the base64 content in the QR code is simply the output of some encryption algorithm, which is a common practice.

One of the clues was already the Caesar cipher, which was child's play to crack, and it shouldn't be lost that the shift was 17, which is a favorite prime number of mathematicians. I would anticipate a more advanced encryption somewhere in this thing. Feel free to go down that path and let us know if it leads anywhere, I'm gonna try and just decrypt the content.
>>
"Look for the good, and you'll find it" That's gotta mean something, right?
>>
>>51559118
>I think it's more likely that the base64 content in the QR code is simply the output
no, if that was the case "==" would not appear in the middle of the code
it would only be able to appear at the end in normal base64 encoding.
>>
File: neo_genesis_1920.png (4MB, 1920x1080px) Image search: [iqdb] [SauceNao] [Google]
neo_genesis_1920.png
4MB, 1920x1080px
>>51559188
no idea (^‿^v)
>>
Shit, where did you get this?
>>
>>51559326
>>51559081
or what do you mean
>>
thanks
>>
>>51559197
Ok, yeah, your theory sounds more plausible now. So how does the seed work? Put your seed word first/last and then just put in the rest of the alphabet? There's no way we could try all the permutations, since there are 64! of them. What are the most common strategies?
>>
>>51559485
Are the colors the seed?
>>
>>51559540
I don't know, but here are some modified base64 alphabets to try:

// orange
orangeABCDEFGHIJKLMNOPQRSTUVWXYZbcdfhijklmpqstuvwxyz0123456789+/=

// ORANGE
ORANGEBCDFHIJKLMPQSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=

// FB860C
FB860CADEGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234579+/=

// fb860c
fb860cABCDEFGHIJKLMNOPQRSTUVWXYZadeghijklmnopqrstuvwxyz1234579+/=
>>
>>51559613
Since it says color's' i guess blue and orange should be combined or merged somehow.
>>
>>51559724
Yeah, that's true, but I have no idea how you would combine them. Should I just add them together? Because the G values would be more than 255 in that case.
>>
>>51559801
I have the same problem, i dont know in what relation the colors stand.
>>
>>51559829
I'm gonna have to call it quits on this one. Good luck, gents
>>
>>51558515
I have a 32 core server with 64gb of ram

lmk wut I gotta do
>>
>>51560006
Report back if you got something

>>51559973
Thx and bye anon
>>
>>51560037
I got no fucking idea what I'm supposed to do, was just reading thread because interested

I could run whatever, the server is in my room with me. Family went out black friday shopping (kek)
>>
>>51560056
It looks like there is no fucking software to bruteforce Tiger hashes -_-.
Normally you would generate as much hashes till you get one that matches
the right one.
>>
>>51560104
Ah I see
so if I randomized x amount of characters with assuming we can do alphanumeric since it's just sentences we're after.. and never repeated them

and just kept going until the one matched whatever I was trying to match

I wouldn't know how to multi thread that though
>>
>>51560144
>I wouldn't know how to multi thread that though
me neither, if someone knows how to code that with cuda or opencl:
pls halp :)
>>
>>51560172
could do in python or php or javascript easy, and then take a million years to find answer lel
>>
>>51560195
thats the problem if its not like 3 characters long.
>>
>>51559540
I thought the orange colour means that the top is tiger encrypted
>>
>>51560494
that would be to obvious for my taste.
Its also just a hash algorithm not encryption :)
>>
Bump for interest
>>
>>51557907
steganography
Thread posts: 55
Thread images: 4


[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y] [Search | Top | Home]
Please support this website by donating Bitcoins to 16mKtbZiwW52BLkibtCr8jUg2KVUMTxVQ5
If a post contains copyrighted or illegal content, please click on that post's [Report] button and fill out a post removal request
All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from that site. This means that 4Archive shows an archive of their content. If you need information for a Poster - contact them.