[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y ] [Search | Free Show | Home]

Israeli security services riddle

This is a blue board which means that it's for everybody (Safe For Work content only). If you see any adult content, please report it.
  1. Home
  2. /sci/ - Science & Math
  3. Israeli security services riddle
Thread replies: 28
Thread images: 5

Anonymous
Israeli security services riddle 2017-04-27 12:23:59 Post No. 8863365
[Report] Image search: [Google]
File: 71f510abb219e104e4b4067e4e4b32a9.png (784KB, 1057x454px) Image search: [Google]
71f510abb219e104e4b4067e4e4b32a9.png
784KB, 1057x454px
Israeli security services riddle Anonymous 2017-04-27 12:23:59 Post No. 8863365 [Report]
A riddle posted by recruiters from the israeli internal cyber security services- i guess its a cypher to decode:

MTAxMDAxMTAxMTAxMDAwMDExMDAwMDEwMTEwMDAxMDAxMTAwMDAxMDExMDEwMTEuY29t
>>
Anonymous 2017-04-27 12:28:13 Post No.8863371
[Report]
Anonymous 2017-04-27 12:28:13 Post No.8863371 [Report]
It's not a code. It's just what Hebrew sounds like.
>>
Anonymous 2017-04-27 12:36:26 Post No.8863388
[Report]
Anonymous 2017-04-27 12:36:26 Post No.8863388 [Report]
>>8863371
My man
>>
Anonymous 2017-04-27 01:10:23 Post No.8863436
[Report]
Anonymous 2017-04-27 01:10:23 Post No.8863436 [Report]
Did you decode that cypher?
>>
Anonymous 2017-04-27 01:11:41 Post No.8863440
[Report]
Anonymous 2017-04-27 01:11:41 Post No.8863440 [Report]
Did you decode that cipher?
>>
Anonymous 2017-04-27 01:15:24 Post No.8863452
[Report]
Anonymous 2017-04-27 01:15:24 Post No.8863452 [Report]
i think it translates to "oy vey palestinian terrorists are genociding us, we must conduct defensive genocide"
>>
Anonymous 2017-04-27 01:17:11 Post No.8863460
[Report]
Anonymous 2017-04-27 01:17:11 Post No.8863460 [Report]
>>8863365
1320012413040124132001241320012413040123130405241304012313040523132005231304012413040124132001231304012413040524130405231320052125 20

ez
>>
Anonymous 2017-04-27 03:05:12 Post No.8863668
[Report]
Anonymous 2017-04-27 03:05:12 Post No.8863668 [Report]
plz halp
>>
Anonymous 2017-04-27 03:12:01 Post No.8863685
[Report]
Anonymous 2017-04-27 03:12:01 Post No.8863685 [Report]
help me i want to hack terrorists
>>
Anonymous 2017-04-27 03:24:54 Post No.8863711
[Report]
Anonymous 2017-04-27 03:24:54 Post No.8863711 [Report]
omg i got i got it, it's in UTF-8
10100110110100001100001011000100110000101101011.com
>>
Anonymous 2017-04-27 03:31:29 Post No.8863734
[Report]
Anonymous 2017-04-27 03:31:29 Post No.8863734 [Report]
>>8863711
it's a website of some sort, someone should go to it, i don't want the israeli security agency on me
>>
Anonymous 2017-04-27 04:18:47 Post No.8863850
[Report]
Anonymous 2017-04-27 04:18:47 Post No.8863850 [Report]
The second site is another challenge with a rar folder..
>>
Anonymous 2017-04-27 04:26:43 Post No.8863874
[Report]
Anonymous 2017-04-27 04:26:43 Post No.8863874 [Report]
Inside plane first.exe, I've found an interesting string: %PROGRAMFILES%\meseeker inc
No actual folder has been created, though.
>>
Anonymous 2017-04-27 04:50:47 Post No.8863946
[Report] Image search: [Google]
Anonymous 2017-04-27 04:50:47 Post No.8863946 [Report]
File: Capture.png (31KB, 797x647px) Image search: [Google]
Capture.png
31KB, 797x647px
>>8863874
I saw that too.
>>
Anonymous 2017-04-27 04:53:58 Post No.8863956
[Report]
Anonymous 2017-04-27 04:53:58 Post No.8863956 [Report]
>>8863946
What are you using?
I just opened up the exe in archive manager.
>>
Anonymous 2017-04-27 05:03:30 Post No.8863979
[Report] Image search: [Google]
Anonymous 2017-04-27 05:03:30 Post No.8863979 [Report]
File: cap2.png (217KB, 1713x1076px) Image search: [Google]
cap2.png
217KB, 1713x1076px
>>8863956
IDA Pro and X32DBG.

I noticed a call to WriteConsole, followed the external reference to some sub routine responsible for taking a buffer and shifting / printing it. I jumped to it in my debugger and while stepping through the routine it shows unicode jibberish - prolly Hebrew.
>>
Anonymous 2017-04-27 05:22:11 Post No.8864025
[Report]
Anonymous 2017-04-27 05:22:11 Post No.8864025 [Report]
How you compiled the file? 0.0
>>
Anonymous 2017-04-27 05:44:47 Post No.8864065
[Report]
Anonymous 2017-04-27 05:44:47 Post No.8864065 [Report]
I don't know assembly much, but it seems that this program is decoding an internal code into a message to output.

>>8863946
This guy probably already knows this, but oh well.
>>
Anonymous 2017-04-27 05:54:14 Post No.8864079
[Report]
Anonymous 2017-04-27 05:54:14 Post No.8864079 [Report]
>>8864065
By internal code, I mean the encoded string, not actual code.
>>
Anon 2017-04-27 07:19:10 Post No.8864347
[Report]
Anon 2017-04-27 07:19:10 Post No.8864347 [Report]
decompiled with flow charts for easier understanding

https://dropfile.to/tEzb9Yo
>>
Anonymous 2017-04-27 07:21:30 Post No.8864352
[Report]
Anonymous 2017-04-27 07:21:30 Post No.8864352 [Report]
>>8863365

This one will be tough. You see, riddles exist on a spectrum...
>>
Anonymous 2017-04-27 07:25:37 Post No.8864366
[Report]
Anonymous 2017-04-27 07:25:37 Post No.8864366 [Report]
>>8863365
>MTAxMDAxMTAxMTAxMDAwMDExMDAwMDEwMTEwMDAxMDAxMTAwMDAxMDExMDEwMTEuY29t
Translates to
>Yes the jews did it
But what did they mean by this?
>>
Anonymous 2017-04-27 07:53:47 Post No.8864456
[Report]
Anonymous 2017-04-27 07:53:47 Post No.8864456 [Report]
Does anybody have something new ?
>>
Anonymous 2017-04-27 07:57:46 Post No.8864469
[Report]
Anonymous 2017-04-27 07:57:46 Post No.8864469 [Report]
>>8864456
Just saw this, plan on working on it when I get home.
>>
Dan 2017-04-27 08:09:52 Post No.8864506
[Report]
Dan 2017-04-27 08:09:52 Post No.8864506 [Report]
The original MTAx etc code is Base64. Translates to that long .com.
>>
Anonymous 2017-04-27 08:14:50 Post No.8864527
[Report] Image search: [Google]
Anonymous 2017-04-27 08:14:50 Post No.8864527 [Report]
File: 1493317815609.jpg (87KB, 600x900px) Image search: [Google]
1493317815609.jpg
87KB, 600x900px
it is a threat.
I will arise and kill there god.
they are scared.
>>
Dan 2017-04-27 09:05:11 Post No.8864684
[Report]
Dan 2017-04-27 09:05:11 Post No.8864684 [Report]
Some interesting references:
kernelbase.&RtlIntegerToUnicodeString
kernel32.WideCharToMultiByte
>>
Anonymous 2017-04-27 10:32:41 Post No.8864915
[Report] Image search: [Google]
Anonymous 2017-04-27 10:32:41 Post No.8864915 [Report]
File: 3deK80y.gif (1MB, 490x367px) Image search: [Google]
3deK80y.gif
1MB, 490x367px
In home base it wants you to compile c++ and run it.
Thread posts: 28
Thread images: 5
[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y] [Search | Top | Home]

I'm aware that Imgur.com will stop allowing adult images since 15th of May. I'm taking actions to backup as much data as possible.
Read more on this topic here - https://archived.moe/talk/thread/1694/


If you need a post removed click on it's [Report] button and follow the instruction.
DMCA Content Takedown via dmca.com
All images are hosted on imgur.com.
If you like this website please support us by donating with Bitcoins at 16mKtbZiwW52BLkibtCr8jUg2KVUMTxVQ5
All trademarks and copyrights on this page are owned by their respective parties.
Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from that site.
This means that RandomArchive shows their content, archived.
If you need information for a Poster - contact them.