UGN Security
Posted By: Dexter "Hackers of the Lost Ark" Challenge - 06/15/04 07:49 PM
This may interest some of you guys...

"Help the great-grandson of Indiana Jones foil the plot of evil Neo-Nazis by solving Ed Skoudis' latest Crack the Hacker challenge. The best three responses will win a fine prize! Read this short forensics challenge and submit your answers by July 2, 2004."

Link: HACKERS OF THE LOST ARK
Posted By: Red Mage Re: "Hackers of the Lost Ark" Challenge - 06/19/04 10:31 AM
Interesting.. but I'm not talented enough. One of the _real_ hackers here could probably do it in their sleep..
Posted By: Satori Re: "Hackers of the Lost Ark" Challenge - 06/30/04 01:40 AM
Well, the LADS command isn't native to Win2k3...

LADS /S walks through subdirectories recursively, searching for Alternate Data Streams.

Alternate Data Streams are a function of NTFS that very, very few people know about. By exploiting this function it is possible to hide data in such a way that no tool within the OS can display it. This is how I'd go about hiding LostArk.txt if I was running a contest.

Still three days left to win this competition. I've given when you'd need to answer what is, IMO, the hardest question in their puzzle. The rest is up to you guys o.O

Cheers,

Satori
Posted By: weeve Re: "Hackers of the Lost Ark" Challenge - 06/30/04 01:50 AM
heh nice Satori. I might give it a whirl, or just check it out. Stuff likes this happens all the time. O um indiana jones 4 is coming out soon:) I'd bet if I was hiding a txt file it would be either fragmented data, not in .txt form, renamed to a system file, hidden in a system file, binded to pictures, or other things. so that a hex editor would need to be implimented, then I'd hide clues like knowing me being a jones movie lover, I'd do things like in the holy grail hide clues in the name of god, etc. But for real today I'd use symbology, and the true meaning of the holy grail to fool lots. Not to mention many other sub plots. For real NTFS data streams are just a start. I'd make it REAL hard for a good [censored] prize. I'd make ppl decompile false leads to only find a clue to the real lead that would be fragmanted, and need defragmantation on a binary level, and then compiling using sparce library resources that are not anywhere by default. Heh but that's just me. These numb nuts probably made it real easy, because ppl today are hardly challenged, and they want ppl to come in feeling like it's easy, and then just make it hard in the end. But purely logical based. I just bet they made a logic puzzle, based on the movies:)

meh, all excited I shall check it in a few hours actually then.
Posted By: weeve Re: "Hackers of the Lost Ark" Challenge - 06/30/04 02:04 AM
*posts after looking* are you guys serious? laugh

Questions:

1) What was the purpose of the attacker�s �dir� and �find� commands?
2) What was the purpose of the attacker�s �strings� command?
3) What was the purpose of the attacker�s �lads� command?
4) What was the purpose of the attacker�s �dd� command?
5) Where else might the file be hidden on the system, and how would the attacker (as well as New Jersey Jones) find it? Be creative!


:X wtf, that's easier then the hacker metwork neo or some one else on the irc got a few of us into having fun on, now a 2nd one was found. all fun but that's all web, and shell based stuff. This is like you get a hard drive or something weak prize I'm guessing. I didn't look but heh. That's because I read that. I'm all wow...wooooow...I could be creative. but they probably want the right answer, not creative, and the right answer is lame. I see no reason why their doing that but for the sheer joy of fun and teaching windows users how r u r become better at r using 2003 server r console. lol. Lets all play with NT console, and XP, and then lets play with 2000 server, and then lets go to 98 2nd edition, and look at how that [censored] has been wrapped into a converting to mostly gui system. I like my console control as much as gui lol. It's like the pipe on my bandwidth getting smaller(mental term) I can feel myself slowing down at what I'm doing. Like going from cable to modem after years of no modem use:D

but for real, dood is just selling a book lol:( not even a hard drive. Dan Brown didn't do that [censored], and that's why the da vinci code is becoming a movie, other then the fact that a lot of the stuff in his book is fact. lol friggin I've had tons of fun on da vinci code, and plain old da vinci sites:X not to buzz kill, it's just I hate poor marketing:D
Posted By: Satori Re: "Hackers of the Lost Ark" Challenge - 06/30/04 03:48 AM
Yeah, its a cheap marketing ploy... but I noticed that you didn't answer the questions o.O
Posted By: weeve Re: "Hackers of the Lost Ark" Challenge - 06/30/04 05:46 AM
you noticed correct. I wasn't asked to, nor do I have the time too:) wink a bit of childs play. I used to crack codes like that in reading books when I was 8. mentally I need to be challenges to even really pay attention. except for sex, sex comes pretty easy. But other stuff, if I'm not challenges...I know it's said to say, but it's like why bother. I want self improvement. Sure I can give others answers, but that just gets them more questions. Like "why can't I figure out this windows thing, I'm 30, and I've never used linux". I don't want to influence ppl, but I have. If I gave, and gave, and gave. If I was fully open, ppl wouldn't do around here much, or try that hard, they'd just come to me for answers. I think SR, and giz were the same about that. Now their both running businesses/working, so no sweat to them, they have not much time to. marketing ploys, who wants to find a loop hole in some company giveaways, and make out like banditos?

.....Not me. I'm happy a lot of the time, with less [censored], less people hounding me, and just relaxed chillness. I used to have like 30 contacts a day asking for help, an that's just ppl that wanted help. I didn't slam doors like some ppl though, I slowly backed off, and slide into the shadows.

Think about it this way Satori, a light touch, I do things with a light touch, hardly ever rough, or animal like...sept in the sack sometimes. a light touch means you were never here. If I go away who but giz, and like 2 other ppl will remember me after like 3-5 years? There are little reasons too, because of that light touch. I don't like the spotlight, or being known, that's my sister, and brother. I like chilling, and sometimes I can't hide. But I long for a time I won't need to hide. Where I have an actual life, and ppl don't get pissed at me for helping them, even though it doesn't look like I did much.

People want, and ask for too much. People don't know what they need. Doing just enough, and doing it right can help more, then over, or under doing. Jealousy is something that sucks though, that, and hate/loneliness/confusion. People are strange, and I like to be careful about the strange ppl I trust, because ppl take advantage of others whenever they can. But I do believe people are innately good. I just happen to have no found my place yet.

But yes I did not answer them, nor will I;P
Posted By: Ntd Re: "Hackers of the Lost Ark" Challenge - 06/30/04 11:09 AM
I run win98 and these commands dont work on my Pc
3) What was the purpose of the attacker�s �lads� command?
4) What was the purpose of the attacker�s �dd� command?
what was the purpose of them?
does anybody know a web site with the full listing of commands. I went to microsofts web site however it didn't have a full listing.
© UGN Security Forum