PhreakNIC v3.0 Code Tutorial
Previous
Tutorial Index

Lesson 11 - Geography Ants
    (and addendum from Antimony)


Subj:  [SE2600-P] PhreakNIC Code Lab - Lesson 11 - Geography Ants
Date: 09/16/2000 5:40:29 PM Central Daylight Time
From: Elonka@aol.com
Reply-to: projects@se2600.org
To: projects@se2600.org

This is an ongoing series to dissect the PhreakNIC v3.0 code, which can be
seen at http://www.phreaknic.org/phreaknic.txt
---------------------------

Okay, we've looked at the source code of sekriter.html

And we've looked at the other pages that are referenced in there.

And we've done some searches on the numbers in the code01.bmp picture.  In
the top row, the hex numbers translate to "ISBN".  The second row gives the
rest of the ISBN number, which tells us that it's a pointer to the book,
"Disappearing Cryptography," by Peter Wayner.  In fact, that's the same book
that JonnyX mentioned during the "Hacking 101" panel at DragonCon 2000.

The book is definitely worth reading; however you don't have to have it (or
even read it) to solve the Code.  I do recommend reading a review or synopsis
of it though.  Again, use google.com to find one, or just go to Amazon.com
and read up on it there.

Next: As you may have noticed, the code01.bmp picture is a big, top-heavy
file. Think it might have some data encrypted in it?  Guess what:  IT DOES.

Now we just have to figure out how to get at it.  Fortunately, we don't have
to create a steganographic decryption system from scratch.  Finding a good
stego utility sure would help though.

So here's what you'll need to peer into the innermost sekrit of the PhreakNIC
v3.0 Code:
  (1) A steganographic utility to open code01.bmp from pix.zip
  (2) Which encryption method it uses: IDEA, DES, Triple DES, or MDC
  (3) The password
 

For #1: A Stego utility.  JonnyX recommends one right in the page.  The name
of it is typoed, but you can still find it.  Go to www.google.com, and search
on "steganography tools".  Poke around and see if anything looks interesting.

The utility I used, I got from:
 http://steganography.tripod.com/stego/software.html

#2: Encryption method.  I'll save you some trial and error, and just tell
you:  Triple DES

#3: The password.  Hmmm, what's the password?

Well, one thing we've learned about JonnyX throughout this Code, is that,
warped as his mind is, he did want this thing to be solved.

  - Earlier in the Code, he used ROT-13, but could have been really evil and
used ROT-14.

  - He named the UUdecoded file "un-uu-me.txt" instead of "fnord.vbs".

  - The Kryptos references were in plain English and weren't written
backwards or further rotated.

He *wants* this Code to be solved.  He's left clues.  And on the
sekriter.html page, he's given us the password.  In several places.  It's
below and above and within.  Each picture gives a clue to the password too.
You just have to find the common thread.

And here's another hint:  Geography Ants.

What are they?  Well, you should be really good at anagrams by now . . .
<grin>

Oh, and the password is case-sensitive.  Experiment.

C'mon, I know you can do it.

Homework:
  - Get a steganographic utility, and open the code01.bmp file (be sure to
use the version that's in pix.zip)
  - Want to make sure you're on the right track?  After you get the utility
installed, here's a sample picture to decode.  Its password and decryption
type are on the page:
    http://www.dis.org/erehwon/stegotest.html
 
 

Happy hacking,

Elonka   :)
http://members.aol.com/nova1337/tutorial.htm
AIM: Elonka

"While one person hesitates because he feels inferior; the other is busy
making mistakes and becoming superior."
  - Henry C. Link


Addendum from Antimony:

Subj:  Re: [SE2600-P] PhreakNIC Code Lab - Lesson 11 - Geography Ants
Date: 09/16/2000 5:50:45 PM Central Daylight Time
From: natalia.h.marek@vanderbilt.edu (Antimony)
Reply-to: projects@se2600.org
To: projects@se2600.org

>This is an ongoing series to dissect the PhreakNIC v3.0 code, which can be
>seen at http://www.phreaknic.org/phreaknic.txt
>---------------------------
 

Just a heads up to all of you... if your copy of either of the pictures is
"two-tone" (If it is, you'll know what I mean) Grab the zip file off of
sekriter.html, and use the copies there instead. It will save you a *lot* of
time

Antimony

+-----------------------------------------------------------------+
| Whoever fights monsters should see to it that in the process he |
| does not become a monster. And when you look into an abyss, the |
| abyss also looks into you.                                      |
| - Friedrich Nietzsche                                           |
+-----------------------------------------------------------------+
| Natalia Marek |                | natalia.h.marek@vanderbilt.edu |
+-----------------------------------------------------------------+
 

Previous
Tutorial Index