Mission #25

Discussion in 'Missions Center' started by crux, Mar 4, 2016.

  1. crux

    crux Special Adviser

    Use this thread to discuss Mission 25 of Season 2.
    Feel free to post theories, clues, hints, or anything else, as long as you DO NOT POST THE ANSWER.

    Spoiler tags are your friend!
    2 people like this.
  2. NomenLuni

    NomenLuni Senior Agent

    Stuck on 25.2

    Trying to find the decryption key. I've looked up everything related to zeus or cryptolocker encryption but I'm not sure how to use it.

    A hint, rather than the solution, please.
  3. MidDipper

    MidDipper Division-79

    Most of the information you're finding is likely on the most recent iteration of this Trojan. The SIGIL malware is based on an older version.
    2 people like this.
  4. NomenLuni

    NomenLuni Senior Agent

    Nope. I've allowed for that and have been reading up on all variations of Zeus made before 2013 all day. Still no closer to finding the xor decryption key. It's possible I'm over-complicating things again though and the answer is far simpler. LOL
    2 people like this.
  5. MidDipper

    MidDipper Division-79

    Would they really give us an unsolvable puzzle? Don't be silly.
    2 people like this.
  6. zaelong

    zaelong Moderator

    youre on the right track with XOR decryption, but you might want to put a word in front of it
    also, you already have the key
    2 people like this.
  7. PapaD

    PapaD Senior Agent

    Stuck here too, think I am struggling with the password needed, not seeing it for the trees
    Got some help on IRC, many thanks. I am still none the wiser at finding the key
    Finally got it, had some help finding the right decoder and it was not to far away from my original thoughts. Couldn't have done it with out the help on IRC though, thanks
    Last edited by a moderator: Mar 13, 2016
    2 people like this.
  8. DeiDhena

    DeiDhena Senior Agent

    Would you mind to give one more hint on
    youre on the right track with XOR decryption, but you might want to put a word in front of it
    Last edited by a moderator: Mar 19, 2016
  9. MidDipper

    MidDipper Division-79

    There are different types of XOR encryptions. For instance, during RUBYDRAGON we used a repeating pad XOR.
    2 people like this.
  10. Grey Ronin

    Grey Ronin Active Agent

    I could still use a hand on 25.2 here. I think I've gotten as far as research can get me. I know the type of encryption it's using (including "the word" mentioned by Zaelong). I simply don't have the cryptography chops to decrypt it.
    If someone could give me a harder nudge, or even the straight up answer at this point (in a PM so no spoilers on the thread), I would greatly appreciate it.
  11. zaelong

    zaelong Moderator

  12. raul_ct

    raul_ct Moderator

  13. nefaria

    nefaria Active Agent

    I'm still stuck on this one, part 2.
    I can't find the key. I've got the code & know what type of xor encryption they've used, but am I supposed to run it through all of the iterations the key could be?

    update: got it. whoa, that a-ha moment :O
    Last edited by a moderator: May 6, 2016
  14. Wo1fsBan3

    Wo1fsBan3 Senior Agent

    Okay... I am seriously going crazy with part 2... I think I have the encryption, and I have the key, but I can not find a place that can reliably decrypt the text... can anyone help me, even talk me through it at this point...
  15. zaelong

    zaelong Moderator

    @w01fsban3; in the spoiler tag from my previous post, you can get a link to a working decoder, if it doesnt work your either doing it wrong or not using the right key
    unless youre refering to the missing first letter...
    I never figured out how to compensate for that one...
  16. Wo1fsBan3

    Wo1fsBan3 Senior Agent

    I'll be honest, @zaelong, I have no clue what to do and it is pissing me off... if you could give more concrete hints, or even just a riddle that will lead me towards the answer, that would be very much appreciated.
  17. zaelong

    zaelong Moderator

    im terribly sorry for not reacting in the IRC...
    and just giving a riddle to get to the answer isnt really possible on this mission...
    so ill try from the beginning:
    you should have noticed this is an XOR-encryption which usually needs a key to decode
    you might get some help in this guide about zeus: http://www.few.vu.nl/~da.andriesse/papers/zeus-tech-report-2013.pdf and look for security
    its a stradling/rolling encryption: if abcdefg is the phrase, bcdefg is the key.
  18. exibition

    exibition Senior Agent

    As I mentioned during our conversations, I think this is the mission I found most unclear and difficult to solve.
    It is relatively easy to find the malware and the "type of encryption".
    However, I had a lot of troubles finding a good explanation on how to apply the encryption method, or a converter.
  19. Phonetic

    Phonetic Gold Member

    Im stuck on this. if anyone has the time to PM that would be cool.
  20. Wo1fsBan3

    Wo1fsBan3 Senior Agent

    Finally got it... the bastard. For those of you still stuck
    the second word is an IP Address
    4 people like this.

Share This Page