|
|
Post by jacksloststepkid on Jan 17, 2008 20:02:51 GMT -5
Post what passwords have been tried on the Stegosaurus.png file using openstego here: JLSK PS what the heck is this in relation to. Over at DarkUFO, some people have dug up a new directory and file here: www.find815.com/steg/stegosaurus.pngTheBruce there was able to determine positively that the png file uses OpenStego to hide another file within it. It is password protected and that is what is trying to be cracked. It came off a clue at this page: www.find815.com/bhf/When you e-mail the address there. Dark UFO is down at the moment, but there is a long post there describing the process to get where we are. While DarkUFO is down, I offered this thread to keep track of passwords already tried by people. So, welcome DarkUFOers! JLSK PPS If you want to help, go to: sourceforge.net/project/showfiles.php?group_id=211815Download OpenStego Then go download: www.find815.com/steg/stegosaurus.pngrun the .bat file and try to extract from the .png - post any passwords tried here. |
|
|
|
Post by jessislost on Jan 17, 2008 20:10:16 GMT -5
carpe diem
jurassic park
bX-uxu3fu
ianandpam
invitation
anniversary
pamian
|
|
|
|
Post by jacksloststepkid on Jan 17, 2008 20:13:47 GMT -5
carpe
diem
carpe diem
README
README.txt
Morse
morse
Carpe Diem
By Damon:
oscar, owen, sam, lost, tracey, sonja, ian, pam, talbot, find815, maxwell, penny, OMF42
|
|
|
|
Post by assassin on Jan 17, 2008 20:16:23 GMT -5
Our Mutual Friend
Our Mutual Friend42
OMF
OMF42
4815162342
Silas
Silas Wegg
Charles
richardens
Charles richardens
Lost
README
README.TXT
TXT
Stegasaurus
bali
open
find815
815
|
|
|
|
Post by jacksloststepkid on Jan 17, 2008 20:30:58 GMT -5
SOS
Amuses Mr Ole
Ole
Samuel Morse
Sunda
Bali (trying uppercase as well as lower)
|
|
|
|
Post by sprocket on Jan 17, 2008 20:44:02 GMT -5
Have tried these words/phrases in all possible combinations.. IE with capital letters/without, spacing when appropriate/without, etc...
020 7946 0893
jurassic
dinosaur
baliholidayfun
battow
dharma
dharmainitiative
hanso
widmore
maxwell
themaxwellgroup
|
|
|
|
Post by assassin on Jan 17, 2008 21:14:30 GMT -5
Walt
Lloyd
Aaron
Littleton
Kate
Jack
Extract
John
Locke
Morse
Sam
Sam Morse
Electromagnetism
|
|
|
|
Post by assassin on Jan 17, 2008 23:27:43 GMT -5
Well I recieved an email fromthe OpenStego Creator and this is what he said.
OpenStego uses Java Cryptography Extension (JCE) for encrypting data. I have used MD5 with DES algorithm. As the password is first hashed using MD5 (which is one-way function), we cannot get back the password from the file. There is no way to retrieve it, unless brute-force cracking is tried. That too might be difficult, because OpenStego allows any kind of characters (including space) of any length as password. So you might be waiting for years before you can crack it.
For brute-force cracking you can try using OpenStego from command-line (may be from a shell script which generates passwords).
Oh, one more thing - on why "README.txt" is not giving "Invalid Password".
The algorithm for encryption that I have used does not check that password is same as the original password. It is very much possible that some different password gets accepted while decrypting - only issue being that it will generate garbage. Thus there is no way to determine what is the correct password. Even brute-force cracking will return success for large number of passwords (even though only one of those will be the actual password).
So no luck. And I think that's good. It makes cracking the data highly difficult - and that's what we need!
Greeeeeeeeeeeeeeeeeat
|
|
|
|
Post by jacksloststepkid on Jan 17, 2008 23:38:29 GMT -5
well given that the Bali site was just released perhaps the password will come tomorrow as a follow on to the Bali clue.
I suspect that TPTB might have been worried it would take too long to get the steg PNG and figure out the program used, so they released it a half day early to the hard core players.
|
|
|
|
Post by wesh on Jan 18, 2008 9:23:02 GMT -5
Is it worth looking into my first hunch, which was:
the bali pic might contain the password, in morse code. to make up a morse code I used the periods and dashes in the sentences, which resulted in the following code:
* using only the actual text: ....--..-.
* using the text plus the email: ....--..-..
* using the text plus email plus title: .....--..-..
Ofcourse none of these will give anything usefull if you just enter them like that in a morse converter. But if you split the dots and dashes in groups you create more potential.
Ofcourse, the question is, how should we group them.
This could also be nothing.
|
|
|
|
Post by jacksloststepkid on Jan 18, 2008 9:49:19 GMT -5
Consolidated List:
[nothing] (no password entered)
carpe diem
jurassic park
bX-uxu3fu
ianandpam
invitation
anniversary
pamian
oscar
owen
sam
lost
tracey
sonja
ian
pam
talbot,
ind815
maxwell
penny
OMF42
Our Mutual Friend
Our Mutual Friend42
OMF
OMF42
4815162342
Silas
Silas Wegg
Charles
richardens
Charles richardens
Lost
README
README.TXT
TXT
Stegasaurus
bali
open
find815
815
Walt
Lloyd
Aaron
Littleton
Kate
Jack
Extract
John
Locke
Morse
Sam
Sam Morse
Electromagnetism
SOS
Amuses Mr Ole
Ole
Samuel Morse
Sunda
Bali
carpe
diem
carpe diem
README
README.txt
Morse
morse
Carpe Diem
Tried in all combinations:
020 7946 0893
jurassic
dinosaur
baliholidayfun
battow
dharma
dharmainitiative
hanso
widmore
maxwell
themaxwellgroup
|
|
|
|
Post by wesh on Jan 18, 2008 12:13:36 GMT -5
here are my tries (tried both all caps and lower case)
abaddon
matthew
adam
eve
test
test123
holden
opensesame
sesame
root
guest
nikki
paulo
powerlines
paulo lies
shiznit
faraday
catch22
black
white
plot
season 4
season4
cloverfield
108
tunis
Tunis
Maria
Aaron
aaron
Aron
aron
room 23
room23
23
bird
birds
animal
animals
smoke
monster
smokemonster
smoke monster
black smoke
blacksmoke
cheyne
cheyenne
meka
mekka
hadj id fix
wdxihadfji
with dxihadfji
WDXIHADFJI
WITH DXIHADFJI
with DXIHADFJI
|
|
|
|
Post by jacksloststepkid on Jan 18, 2008 12:56:33 GMT -5
Tropicana
tropicana
BaliHolidayFun
Tropicana fantasy delight
fantasy
delight
|
|
|
|
Post by charliegoth on Jan 20, 2008 14:12:38 GMT -5
|
|
|
|
Post by wesh on Jan 22, 2008 9:52:48 GMT -5
All in vain, but still nice effort all!
In the end it was just a cryptic bunch of characters: X4x98adf09 (found by vanessa over at find815.blogspot.com)
Leads to that README.txt (who came up with that in the first place? how did they guess the correct hidden file name?), leads to binary code, leads to a poem.
*edit: ah it appears the filename wasnt encrypted, so they were able to find that out.
|
|
