hacky easter 2017 summary - hacking-lab€¦ · points per hacker 12.32 13.31 19.17 19.22 perfect...

2

Summary

Hacky Easter 2017

PS, www.hacking-lab.com

Hack Easter 2017 Summary

Table of Contents

Intro .............................................................................................................................. 6

Outro .................................................................................................................................................................... 6

Credits .................................................................................................................................................................. 6

Volunteers ........................................................................................................................................................... 6

Awards .......................................................................................................................... 7

Perfect Solvers ................................................................................................................................................... 7

Hacking-Lab Awards ......................................................................................................................................... 8

Statistics ...................................................................................................................... 9

General ................................................................................................................................................................ 9

Event Activity ...................................................................................................................................................... 9

Solutions per Egg ............................................................................................................................................ 10

Score Distribution ........................................................................................................................................... 10

Fun .............................................................................................................................. 11

Images ............................................................................................................................................................... 11

1337 Submit...................................................................................................................................................... 12

Solutions .................................................................................................................... 13

Teaser Challenge ............................................................................................................................................. 13 Challenge ...................................................................................................................................................................................................................... 13 Solution of Seppel ...................................................................................................................................................................................................... 14 Solution of M................................................................................................................................................................................................................ 15

Egg 01 – Puzzle this! ........................................................................................................................................ 17 Challenge ...................................................................................................................................................................................................................... 17 Solution of QuQuk ...................................................................................................................................................................................................... 17 Solution of darkstar ................................................................................................................................................................................................... 17 Solution of ad0larb0ta0shi ....................................................................................................................................................................................... 18 Solution of sunscan ................................................................................................................................................................................................... 19

Egg 02 – Lots of Dots ....................................................................................................................................... 20 Challenge ...................................................................................................................................................................................................................... 20 Solution of brp64 ........................................................................................................................................................................................................ 20 Solution of trolli101 ................................................................................................................................................................................................... 20 Solution of muzido..................................................................................................................................................................................................... 21 Solution of sunscan ................................................................................................................................................................................................... 21

Egg 03 – Favourite Letters .............................................................................................................................. 22 Challenge ...................................................................................................................................................................................................................... 22 Solution of ad0larb0ta0shi ....................................................................................................................................................................................... 22 Solution of 1432 .......................................................................................................................................................................................................... 23 Solution of sym ........................................................................................................................................................................................................... 23 Solution of LlinksRechts ........................................................................................................................................................................................... 23 Solution of horst3000 ................................................................................................................................................................................................ 24

Egg 04 – Cool Car ............................................................................................................................................. 25 Challenge ...................................................................................................................................................................................................................... 25 Solution of patrice ...................................................................................................................................................................................................... 25 Solution of 1432 .......................................................................................................................................................................................................... 26


Solution of Seppel ...................................................................................................................................................................................................... 26 Solution of remmer .................................................................................................................................................................................................... 27

Egg 05 – Key Strokes ....................................................................................................................................... 28 Challenge ...................................................................................................................................................................................................................... 28 Solution of brp64 ........................................................................................................................................................................................................ 28 Solution of inik ............................................................................................................................................................................................................ 28 Solution of Dykcik ...................................................................................................................................................................................................... 28 Solution of TheVamp ................................................................................................................................................................................................. 28

Egg 06 – Message to Ken ................................................................................................................................ 29 Challenge ...................................................................................................................................................................................................................... 29 Solution of Buge ......................................................................................................................................................................................................... 29 Solution of soundrh ................................................................................................................................................................................................... 30 Solution of jcel ............................................................................................................................................................................................................ 31 Solution of inik ............................................................................................................................................................................................................ 31

Egg 07 – Crypto for Rookies ........................................................................................................................... 32 Challenge ...................................................................................................................................................................................................................... 32 Solution of evandrix ................................................................................................................................................................................................... 32 Solution of markie ...................................................................................................................................................................................................... 33 Solution of 1432 .......................................................................................................................................................................................................... 33 Solution of horst3000 ................................................................................................................................................................................................ 34

Egg 08 – Snd Mny ............................................................................................................................................. 35 Challenge ...................................................................................................................................................................................................................... 35 Solution of sym ........................................................................................................................................................................................................... 35 Solution of trolli101 ................................................................................................................................................................................................... 36 Solution of Kiwi.Wolf ................................................................................................................................................................................................. 37 Solution of SOKala ..................................................................................................................................................................................................... 37 Solution of mcia.......................................................................................................................................................................................................... 38

Egg 09 – Microscope ....................................................................................................................................... 39 Challenge ...................................................................................................................................................................................................................... 39 Solution of markie ...................................................................................................................................................................................................... 39 Solution of HomeSen ................................................................................................................................................................................................ 39 Solution of eash .......................................................................................................................................................................................................... 40 Solution of Seppel ...................................................................................................................................................................................................... 40

Egg 10 – An egg or not… ................................................................................................................................ 41 Challenge ...................................................................................................................................................................................................................... 41 Solution of darkstar ................................................................................................................................................................................................... 41 Solution of patrice ...................................................................................................................................................................................................... 42 Solution of LlinksRechts ........................................................................................................................................................................................... 42 Solution of remmer .................................................................................................................................................................................................... 42

Egg 11 – Tweaked Tweet ................................................................................................................................ 43 Challenge ...................................................................................................................................................................................................................... 43 Solution of sym ........................................................................................................................................................................................................... 43 Solution of jokker ....................................................................................................................................................................................................... 44 Solution of daubsi ...................................................................................................................................................................................................... 44 Solution of HaRdLoCk ............................................................................................................................................................................................... 45

Egg 12 – Once Upon a File ............................................................................................................................. 46 Challenge ...................................................................................................................................................................................................................... 46 Solution of HomeSen ................................................................................................................................................................................................ 46 Solution of HaRdLoCk ............................................................................................................................................................................................... 47 Solution of mcia.......................................................................................................................................................................................................... 48 Solution of Dykcik ...................................................................................................................................................................................................... 48

Egg 13 – Lost the Thread ................................................................................................................................ 49 Challenge ...................................................................................................................................................................................................................... 49 Solution of jamesdju ................................................................................................................................................................................................. 49 Solution of soundrh ................................................................................................................................................................................................... 50 Solution of SOKala ..................................................................................................................................................................................................... 51 Solution of Mitsch....................................................................................................................................................................................................... 51

Egg 14 – Shards ................................................................................................................................................ 53 Challenge ...................................................................................................................................................................................................................... 53


Solution of eash .......................................................................................................................................................................................................... 53 Solution of soundrh ................................................................................................................................................................................................... 53 Solution of sunscan ................................................................................................................................................................................................... 55 Solution of Buge ......................................................................................................................................................................................................... 55

Egg 15 –P Cap ................................................................................................................................................... 56 Challenge ...................................................................................................................................................................................................................... 56 Solution of evandrix ................................................................................................................................................................................................... 56 Solution of eash .......................................................................................................................................................................................................... 56 Solution of remmer .................................................................................................................................................................................................... 57 Solution of kumaus .................................................................................................................................................................................................... 58

Egg 16 – Pathfinder ......................................................................................................................................... 59 Challenge ...................................................................................................................................................................................................................... 59 Solution of darkstar ................................................................................................................................................................................................... 59 Solution of inik ............................................................................................................................................................................................................ 60 Solution of Morpheuz ................................................................................................................................................................................................ 61

Egg 17 – Monster Party ................................................................................................................................... 62 Challenge ...................................................................................................................................................................................................................... 62 Solution of Bikey ......................................................................................................................................................................................................... 63 Solution of Darkice ..................................................................................................................................................................................................... 63 Solution of darkstar ................................................................................................................................................................................................... 64 Solution of jokker ....................................................................................................................................................................................................... 65

Egg 18 – Nitwit's Doormat Key ...................................................................................................................... 66 Challenge ...................................................................................................................................................................................................................... 66 Solution of pyth0n33 ................................................................................................................................................................................................. 66 Solution of trolli101 ................................................................................................................................................................................................... 67 Solution of horst3000 ................................................................................................................................................................................................ 69 Solution of vitali .......................................................................................................................................................................................................... 70

Egg 19 – Disco Time ........................................................................................................................................ 71 Challenge ...................................................................................................................................................................................................................... 71 Solution of muzido..................................................................................................................................................................................................... 71 Solution of HomeSen ................................................................................................................................................................................................ 71 Solution of mcia.......................................................................................................................................................................................................... 72 Solution of kumaus .................................................................................................................................................................................................... 72

Egg 20 – Spaghetti Hash ................................................................................................................................ 75 Challenge ...................................................................................................................................................................................................................... 75 Solution of LlinksRechts ........................................................................................................................................................................................... 76 Solution of TheVamp ................................................................................................................................................................................................. 77 Solution of kumaus .................................................................................................................................................................................................... 79

Egg 21 – MonKey .............................................................................................................................................. 80 Challenge ...................................................................................................................................................................................................................... 80 Solution of jamesdju ................................................................................................................................................................................................. 80 Solution of mcia.......................................................................................................................................................................................................... 81 Dolution of Morpheuz ............................................................................................................................................................................................... 83 Solution of HaRdLoCk ............................................................................................................................................................................................... 84

Egg 22 – Game, Set and Hash ....................................................................................................................... 85 Challenge ...................................................................................................................................................................................................................... 85 Solution of Dykcik ...................................................................................................................................................................................................... 85 Solution of soundrh ................................................................................................................................................................................................... 86 Solution of Darkice ..................................................................................................................................................................................................... 87 Solution of jcel ............................................................................................................................................................................................................ 87

Egg 23 – Lovely Vase ....................................................................................................................................... 88 Challenge ...................................................................................................................................................................................................................... 88 Solution of SOKala ..................................................................................................................................................................................................... 88 Solution of Morpheuz ................................................................................................................................................................................................ 89 Solution of Darkice ..................................................................................................................................................................................................... 90 Solution of jokker ....................................................................................................................................................................................................... 91

Egg 24 – Your Passport, please ..................................................................................................................... 92 Challenge ...................................................................................................................................................................................................................... 92 Solution of daubsi ...................................................................................................................................................................................................... 92


Solution of Morpheuz ................................................................................................................................................................................................ 93 Solution of sunscan ................................................................................................................................................................................................... 95


Intro Outro

Hacky Easter 2017 is over! It was a great and exciting competition. Again, 1'700 participants tried to solve the 24 challenges. Nine challenges were sent in by volunteers, a big thank you to them!

For 2018, I already received a couple of challenges by volunteers again, and I have a lot of ideas myself. In case you want to implement one of the challenges, or if you have a good idea, let me know!

Thank you and stay tuned for next year!

PS

[email protected]

Credits Credits for the solutions go to (in alphabetical order):

• 1432

• Bikey

• Buge

• Dykcik

• HaRdLoCk

• HomeSen

• Kiwi.wolf

• LlinksRechts

• M.

• Mitsch

• Morpheuz

• QuQuk

• S0Kala

• Seppel

• TheVamp

• ad0larb0ta0shi

• brp64

• arkice

• darkstar

• daubsi

• eash

• evandrix

• horst3000

• inik

• jamesdju

• jcel

• jokker

• kumaus

• markie

• mcia

• muzido

• patrice

• pyth0n33

• remmer

• soundrh

• sunscan

• sym

• trolli101

• vitali

Volunteers A big thank you to the volunteers who provided challenges (in alphabetical order):

• CoderKiwi

• DeathsPirate

• Goo9ping

• MaMe82

• inik

• otaku

Hack Easter 2017

Awards Perfect Solvers Congrats to the following 53 hackers who solved all Easter eggs (alphabetical order)! Well done!

Buge

CH1ll

Darkice

DrSchottky

Floxy

FruFru

HaRdLoCk

HomeSen

LogicalOverflow

Mitsch

Morpheuz

OBI

QuQuk

Retr0id

ScaryFish1

Seppel

Stefan244

Stjubit

TheVamp

Wheat1ey

__vulture__

angelbot

apox

darkstar

daubsi

eash

etvr

evandrix

explo1t

faust

h44z

horst3000

ikarus31415

inik

jamesdju

jokker

k00g

kumaus

m-e

manuelz120

marwin

mcia

opasieben

otaku

pjslf

power2100

remmer

sunscan

thesiki24

thsv

tkabrt

trolli101

xdjibi

Hacking-Lab Awards As usual, we've created awards in Hacking-Lab for this competition. You got one of them, in case you reached the following total scores (Easter eggs, write-up, and teaser challenge).

130 points GOLD

110 points SILVER

90 points BRONZE

Your awards are shown on the profile page:


Statistics General

2017 2016 2015 2014

Hackers 1'735 2'154 1’313 728

Points total 21'374 28'672 25’170 13’992

Points per hacker 12.32 13.31 19.17 19.22

Perfect solvers 53 54 55

Eggs solved 7'458 10'050 7’698 4’140

Nations 78 104 86 -

Event Activity Number of hackers and solutions, growing with time.


Solutions per Egg Number of solutions, per egg. Not much of a difference, between medium and hard eggs.

Score Distribution Number of users, for each possible score.


Fun Images Found online and in solution documents provided.

In case you wondered what a bontebok and capybara are:


1337 Submit TheVamp again demonstrated the "1337 way" of how to submit Easter eggs (check out the time of the egg submissions):


Solutions

Teaser Challenge

Level: medium

Solutions: 283

Author: PS

Challenge


Solution of Seppel


Solution of M.


Egg 01 – Puzzle this!

Level: easy

Solutions: 882

Author: PS

Challenge

An easy one to start with.

(made with jqPuzzle)

Solution of QuQuk

I used Snipping Tool and Photoshop to get the QR Code. Sorry, I hate puzzles.

Solution of darkstar

For this challenge i used a Genetic Algorithm-Based Jigsaw-Puzzle Solver based on a paper from Dror Sholomon / Omid David / Nathan S. Netanyahu.


Solution of ad0larb0ta0shi

1. Look into the Source code of challenge01.html. Find the "https://hackyeaster.hacking-lab.com/hackyeaster/images/challenge/egg01_shuffled.png" Image which is randomly shuffled and save it locally.

2. Load Image in "Gimp" and place 7 horizontal + 7 vertical Guided Lines. Then apply "Filter > Web >

Slice" to divide the Image in 64 Pieces an let Gimp automatically generate an HTML Page with Tiles.

3. Add some Magic Lines of Code from "http://www.web-

toolbox.net/webtoolbox/dhtml/dragdrop/dhtml-dragdrop.htm" to the Gimp generated HTML "slice"

Page

4. .

5. Now you can move the Tiles in a Way you want and solve the Puzzle to get the Egg No.1.


Solution of sunscan

To solve the challenge, we create a HTML page using jqPuzzle and the shuffled image:

Then we can recover the QR code solving the sliding puzzle:


Egg 02 – Lots of Dots

Level: easy

Solutions: 647

Author: PS

Challenge

The dots in the following image contain a secret message. Can you find it?

(Click to enlarge)

Solution of brp64

Since it is a PNG that is driven by palettes, try to look at the palette in GIMP. Indeed, there are two levels with the same colour, changing one of them gives this picture:

Solution of trolli101

The dots picture looks a lot like those colorblind tests. When loading it into Stegsolve, see [1], we use the

random color map function to color it an immediately notice the numbers:

When entering the numbers into the egg-o-matic one can get the egg.


Solution of muzido

- I opened gimp. I noticed small dots that when using image zoom

- Then I deleted the following colors by using (Tools → Selection Tools → By Color Select)

- I found this image.

Solution of sunscan

In the image dots.png there is a series of pixels of a different color:

• Extract the red channel (our pixels will have a RGB value of (143,143,143));

• Filter out everything that is not our pixels;

• Detect the image edges;

• Convert the image into negative to improve readability.

convert dots.png -channel R -separate -fuzz 70% +opaque "#000000"

-edge 12 -negate result.png

And we obtain a numeric sequence:

Joining all the numbers we obtain the flag “705749361322842” that we can use to recover the egg.


Egg 03 – Favourite Letters

Level: easy

Solutions: 802

Author: Goo9ping

Challenge

Francesca's favourite letter is s Riley's favourite letter is o

Ellie's favourite letter is a

Vince's favourite letter is p

Quintain's favourite letter is r Otto's favourite letter is i David's favourite letter is p

Tom's favourite letter is l

Paul's favourite letter is e Ulrich's favourite letter is y Henry's favourite letter is w

Norman's favourite letter is h Louis' favourite letter is i

Zane's favourite letter is s York's favourite letter is c

Bob's favourite letter is h

Meave's favourite letter is s Ian's favourite letter is o

Sidney's favourite letter is g George's favourite letter is s

Kitty's favourite letter is d Wilbert's favourite letter is h

Adam's favourite letter is t Xander's favourite letter is i

Callum's favourite letter is e Jack's favourite letter is r

Solution of ad0larb0ta0shi

Notepad++: Edit > Line Operations > Sort Lines Lexicographically Ascending

thepasswordishieroglyphics


Solution of 1432

There are 26 names. Every name begins with another letter of the alphabet. So I just sorted the names alphabetically using Excel:

The message says "the password is hieroglyphics"

Solution of sym

Sorted the names alphabetically and then printed the letter after the comma. Here is the PowerShell script I used:

thepasswordishieroglyphics

Solution of LlinksRechts

Executing the command

cat ch3|sort|awk '{print $5}'|tr -d '\n'

(sort by name, then take the favorite letter of each), resulted in the password

thepasswordishieroglyphics .


Solution of horst3000

Extract first and last letters, use first letter for alphabetical sorting

soapripleywhischsogsdhtie

thepasswordishieroglyphics –> hieroglyphics


Egg 04 – Cool Car

Level: easy

Solutions: 481

Author: PS

Challenge

Borat wants to impress the girls. Can you help him find a cool car for this purpose?

The right car will make the Cool-o-Meter reach its full level.

Solution of patrice

Opened the App on my Phone (Intex Aqua Fish) but I didn’t get what was needed...

So I decompiled the App to see what was needed: some data of a sensor

The only sensor I could think of was a magnetometer, which the Aqua Fish hadn’t.

So I took the Jolla 1 Phone which showed me this after holding it slightly against a magnet:


Solution of 1432

It's pretty clear that this challenge uses a sensor of the phone. At first I thought it's the temperature sensor, since there is a COOL-O-Meter. But that didn't work. Then I remembered this scene from the movie:

So I need a magnet. I moved the magnet around on the back side of the phone and the Cool-O-Meter rised.

Solution of Seppel

Solve using Compass Sensor

1. Let‘s start with WHY by googling

Borat & cool car

https://www.youtube.com/watch?v=yAuu3xOsorQ

2. Solve by bringing a magnet near the phone


Solution of remmer

This challenge was strangely similar to a challenge from Hacky Easter 2016 for which you had to use the

phone as a car's steering wheel. This time, the Cool-o-Meter was controlled by the magnetic field sensor (it is normally used by the compass).

You could find it out by decompiling the Hacky Easter app .apk file; the source code contains the following line:

function sensorFeedback(json) {

var jsonResp = JSON.parse(json);

setLevel(jsonResp.l);

if (jsonResp.k) {

decryptScrambledEggWithKey(jsonResp.k);

clearInterval(intervalId);

}

}

sensorFeedback? Hmm, there are only so many sensors on most phones:

acceleration: I tried to toss it around and to leave it alone – no result.

light / camera: I tried to obstruct and shine a bright light into the light sensor and camera – no result.

sound: I tried to be quiet, to speak softly and to shout – no result

magnetic field: I put my phone on top of my old MacBook that has a magnet to hold the charging cable – it worked!


Egg 05 – Key Strokes

Level: easy

Solutions: 532

Author: PS

Challenge esc i c e l a n d esc a y a n k e e space f o x

space esc o f l o w e r up esc $ esc i y esc e esc a

y esc / l a return esc r w esc right right right

right esc x i f r esc e esc X x x : s / c e / a g i

c / return esc down d d esc i m esc Z Z

Solution of brp64

As an old UNIX-hand, I knew immediately that this is a vi entry sequence. So fire up vi, enter the characters one by one to get the solution (replace esc, space, up, down etc. by the respective key).

Solution of inik

This is a vi sequence. Typical is the sequence :s/ce/agic/

After playing this sequence on an empty vi I got: magicwandfrankfoxy, which is the solution.

Solution of Dykcik

The challenge specifies keys that have to be typed somewhere. The excessive usage of <esc> key suggests vim editor as a recipient of key strokes. I started vim by executing vi command, typed all keys and got:

agicwandfrankfox

mflower

I tried the upper word, the lower one, both concatenated but all trials were unsuccessful. The weird part of

typing in the editor was that <up> created a new line with 'A' written instead of going to the line above. After

some research, I learned that this weird behavior is present when the editor is started with 'vi'. I started vim

with 'vim' typed all keys again and obtained: magicwandfrankfoxy, which was a correct password and revealed the egg.

Solution of TheVamp

After many failed attempts of decrypting the message, I get the idea that I should type in the same keystrokes. I opened vim and typed in everything what the challenge said. At the end, I got the word “magicwandfrankfoxy”


Egg 06 – Message to Ken

Level: easy

Solutions: 460

Author: PS

Challenge

Barbie has written a secret message for her sweetheart Ken. Can you decrypt it?

Fabrgal JaeM Hsa faonah uiff;rnl tf btuxbrffuinhzoroyhitbM Fincta dd

Hint:

Solution of Buge

Googling barbie encryption found me this page http://www.cryptomuseum.com/crypto/mehano/barbie/

I implemented the described decryption method, trying all possible decoding methods.

#!/usr/bin/env python

# -*- coding: utf-8 -*-

alph = u'abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ 012345[…]'

code1 = u'icolapxstvybjeruknfhqg;dzw >FAUTCYOLVJDZINQKSEHG<.1PB 523406[…]'

code2 = u'torbiudfhgzcvanqyepskx¢1w; RC>GHAPND<VUBLIKJETOYXM2QF 634057[…]'

code3 = u'hrnctqlpsxwogiekzaufyd+b;¢ SARYO>QIUX<GFDLJVTHNP1Z3KC 740568[…]'

code4 = u'sneohkbufd;rxtaywiqpzl%c¢+ E>SPNRKLG1XYCUDV<HOIQ2B4JA 805679[…]'

enc = u'Fabrgal JaeM Hsa faonah uiff;rnl tf btuxbrffuinhzoroyhitbM Fincta dd'

for coding in [code1, code2, code3, code4]:

print(''.join(alph[coding.find(c)] for c in enc))

That gives the result

Beloved Ken. The secret password is lipglosspartycocktail. Barbie xx

Zndcjn€ QnrW Etn hnboni fehhzco€ ah dafvdchhfeoikbcbqieadW Zeolan gg

Mrxbmrg Pro, Sir trlcra snttybcg et xesjxbttsncaqlbluanex, Mncder vv

.ogl"ov Yoc€ Rao iodboe hriiklbv ni gnhmgliihrbeudldperng€ .rbxno jj

So it turns out decoding method 1 is the correct method (even though the challenge shows the hotkey to activate method 2). Entering lipglosspartycocktail gives the egg with the QR code.


Solution of soundrh

A Hint was given:

After several attempts, I found something on Google with "barbie computer shift lock". One result has the title "Barbie typewriter - Crypto Museum" which caught my attention of course. Link:

http://www.cryptomuseum.com/crypto/mehano/barbie/

It’s an article about a built-in cryptographic capability. The encryption is activated by pressing SHIFT + LOCK + Number. The hint leads to the key 2 and at the end are the substitution tables.

After trying to decode the message by hand, I wrote a little (and messy) Java application:


Running the application led to the following output:

Obviously the first line is the correct one, containing the password. (The hint to key 2 was misleading.)

Solution of jcel

The image of the cipher hints to the "Barbie-Cipher"

(http://www.cryptomuseum.com/crypto/mehano/barbie/#coding), found on a certain version of the barbie

typewriter. The hint provides the selected typewrite variant (the French version of the E-118) and the code version (referred to as code 1 in the page linked above). The following shell script

cipher="Fabrgal JaeM Hsa faonah uiff;rnl tf btuxbrffuinhzoroyhitbM Fincta dd"

in='icolapxstvybjeruknfhqg;dzw>FAUTCYOLVJDZINQKSEHG<.1PB523406789-'

out='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'

echo $cipher | tr "$in" "$out" | tr 'M' '.'

prints:


Solution of inik

It seems, that there was a barbie typewriter with a hidden cipher function. See

http://www.cryptomuseum.com/crypto/mehano/barbie/. It uses monoalphabetic substitution. For the details see: http://www.cryptomuseum.com/crypto/mehano/barbie/#coding

Result:



Egg 07 – Crypto for Rookies

Level: easy

Solutions: 458

Author: PS

Challenge

This crypto is not hard to crack.

Solution of evandrix

B O N T [B] B O K (dancing man cipher @ http://www.dcode.fr/dancing-men-cipher)

B O N T E [A] O K (b64)

B O N T E B [R] K (A=1,B=2,...,Y=25,Z=26)

B [A] N T E B O K (ONAGROBX => rot13 => BANTEBOK)

[C] O N T E B O K (pigpen cipher @ http://www.dcode.fr/pigpen-cipher)

B O N T E B O [A] (anagram)

B O [P] T E B O K (ERSWHERN => rot23 => BOPTEBOK)

B O N [Y] E B O K (hex)

password is the different letter in each col

=> CAPYBARA


Solution of markie

BONTBBOK Dancing Man Cipher

BONTEAOK Base64

B0NTEBRK Letters in alphabet

? ?

CONTEBOK Pigpen cipher

BONTEBOA Backwards

BOPTEBOK Ceaser (Key 23)

BONYEBOK HEX

I was not able to work out what the fourth crypto was, but this does not matter as you have enough info to solve if from the other 7 clear text. Examining the clear text shows each clear text has 1 letter different. Eg, taking the first letter from each you get B,B,B,B,B,B & C. Putting these into a grid helps to solve it, even with

the missing clue. The word spells: C?PYBARA. Guess this is “capybara”, reveals the egg: 2owhVG07plVCwLD1Ggmn

Solution of 1432

The challenge consists of eight differently encrypted texts.

The resulting words are quite similar, all have the same length. At each position they have the same character, except one word, for example only the fifth word starts with a 'C', all others start with a 'B':


The solution: CAPYBARA


BONTBBOK

BONTEAOK

BONTEBRK

BANTEBOK

CONTEBOK

BONTEBOA

BOPTEBOK

BONYEBOK

–> take the non-matching char from each column: CAPYBARA


Egg 08 – Snd Mny

Level: easy

Solutions: 330

Author: PS

Challenge

Please, I'm begging you!

Solution of sym

In the decompiled APK, there is a file called SndActivity.java.

The code “text = intent.getStringExtra("android.intent.extra.TEXT");” tells us it is listening for a text.

The text is checked via SHA1 hash c95259de1fd719814daef8f1dc4bd64f9d885ff0 which corresponds to the string: money.

Here is how I got the egg on my iPhone: I opened Safari and marked the text “money”. Then I used the “share…” function to send it to SndMnyAction.



In this challenge we need to exploit an activity of the Android application. After decompiling the

APK file we can read the details of the activity in the AndroidManifest.xml:

We see the activity method:

So we need to send our action with mime type text/plain and with an extra string that when hashed using SHA1 will give the hash c95259de1fd719814daef8f1dc4bd64f9d885ff0. Given the name of the activity we guess that the value might be money and this can be checked via:

Then we can use drozer to start the activity with the following command that includes all the parameters retrieved previously:

This will display the egg in the application on the phone:


Solution of Kiwi.Wolf

extracted the apk

decompiled the apk

navigated to: heaster.apk/ps/hacking/hackyeaster/android/SndActivity.java

if ("android.intent.action.SEND".equals(action) && type != null &&

HTTP.PLAIN_TEXT_TYPE.equals(type)) {

String text = intent.getStringExtra("android.intent.extra.TEXT");

if (text != null && "c95259de1fd719814daef8f1dc4bd64f9d885ff0".equals(

sha1(text.toLowerCase())) ) {

((TextView) findViewById(C0085R.id.sndTextView)).setText("Thank you!!");

ImageView image = (ImageView) findViewById(C0085R.id.sndImageView);

byte[] decodedString = Base64.decode(new StringBuilder(

getString(C0085R.string.f16e) + "ROBVi").reverse().toString(), 0);

image.setImageBitmap(BitmapFactory.decodeByteArray(

decodedString, 0, decodedString.length));

}

}

}

searched the sha1 of c95259de1fd719814daef8f1dc4bd64f9d885ff0 = "money"

So I opened the "notes" app (or any other with input) on my phone typed in "money"

Then I pressed long on it -> send to "sndActivity"

Afterwards I got my egg.

Solution of SOKala

By reversing the android .apk package and checking the SndActivity class code, I found that it depends on android.intent.action.SEND intent. Also, I found that it must get a word with

“c95259de1fd719814daef8f1dc4bd64f9d885ff0” SHA1 hash which is the word "money". So I have to share the word "money" with SndMnyAction to get the egg (After open the SndMnyAction activity).

Bingo!! The egg is here.


Solution of mcia

Not much information here. I again worked with the decompiled APK and went through the code. In one java class I found what was needed to solve this challenge.

ps/hacking/hackyeaster/android/SndActivity.java

We need to send an android action.SEND intent as PLAIN_TEXT_TYPE containing a text which matches the

sha1 hash “c95259de1fd719814daef8f1dc4bd64f9d885ff0”. Cracking the sha1 hash was easy as no salt was used. The needed text is “money”.

We can send Android intents from the command line with ADB:

I solved this challenge with the following two commands:


Egg 09 – Microscope

Level: easy

Solutions: 414

Author: PS

Challenge

In order to see this easter egg, you have to look closely!

Solution of markie

Opening the challenge shows a tiny egg with a qrcode on but it is too small to read. By luck, the browser lost internet connection when I tried to open this and gave me the URL:

https://hackyeaster.hacking-lab.com/hackyeaster/challenge09_su5z47IoTT7.html

Examining the source code reveals: src="images/challenge/egg09_fs0sYle2SN.png" which gives the egg: rcwuXWsHjUcU7BbOLC18

Solution of HomeSen

Investigating the reverse-engineered Android app’s code gave away that the microscopically tiny image

actually was retrieved via a URL, rather being stored that small inside the app itself:

Navigating to the correct URL and downloading the referenced image yielded egg #9


Solution of eash

I really don’t know if this was the right answer, but I will describe how I solved the challenge. Using my mobile

I have clicked on the “Show Microscope” button, after I did the small egg print screen and send me the PS by email. The egg URL was enbibed in the image. Below is the HTML code.

Solution of Seppel


Egg 10 – An egg or not…

Level: medium

Solutions: 233

Author: inik

Challenge

... an egg, that's the question!


This egg is an SVG file, but accidentally some coordinates were drawn twice with different colors. So the first used color per coordinate will be give the real egg.


Solution of patrice

Double entries for the same coordinates with different colors in the svg file?

I sorted and extracted the first entries with the following command:

~$ cat aneggornot.svg | grep "<use" | sort -u -k1,3 > new_coordinates.txt

Then I replaced the old coordinates in the svg file with the new ones, which produced an Egg PNG

which could be decoded by “zbarimg”.


When looking at the definition of the QR code in the svg, I noticed that some of the lines were duplicate. Thi s leads to the initial value being overwritten by a redefinition of the color of a cell. Therefore, I reversed the order of these lines, resulting in the real egg.

Solution of remmer

The QR code is a lie! It would have been too simple. But strangely, the egg is not a .png file, it is an .svg file:

I suspected that the black and white squares were in fact hiding something else, so I edited the definition of #b and #w to be half transparent red and half transparent blue respectively. This can

be done by changing the defs to the following:

The resulting picture looks like that:

As you can see, the black and white squares are not mutually exclusive! So, using a picture editing

software (that may or may not be MS Paint), flipped the color of all squares that were not only black

nor only white, and I obtained the solution.


Egg 11 – Tweaked Tweet

Level: medium

Solutions: 108

Author: PS

Challenge

Blue little birdie created a fancy message. Please tweet it!

Solution of sym

In the decompiled APK there is a file called Activity.java that contains the encoded tweet:

These are a lot of URL-encoded characters which after decoding look a bit strange.

The visible characters are not encoded but there are many non-standard characters that are not

visible. There must be a hidden message inside. After searching for Twitter Steganography, I found

this site: http://holloway.co.nz/steg/ which managed to decode the message: st3g4isfunyo.


Solution of jokker

This one took me several hours and got me some headache. I tried different things on my mobile, including

playing around with twitter settings, changing system language and activating VoiceOver, a feature that is so

damn annoying, I almost threw my mobile against a wall 😝.

I finally got on the right thought. The message was made out of ASCII and UTF-8 chars. So there’s some kind of secret message in it. With Google, I found the following page:

http://holloway.co.nz/steg/

If you put the string into the page with a computer, there is an issue with the copy and paste of the UTF-8 chars.

That’s why this challenge was a mobile one, because with a mobile, this issue isn’ t present. The page told me the right password: st3g4isfunyo

Solution of daubsi

This one was the most terrifying of all the eggs. I took me almost a month to crack this one. An in the end it was soooo simple. When we tweet blue little birdies tweet we immediately see that is looks quite awkward

with all this super positioned characters. We intercept the message using burp and get the raw bytes of the tweet. For days I tried to see some kind of pattern in the bytes.

[…]

Suddenly I stumbled over a guy you also tweeted a message that looked as wobbly as our tweet. And the text

actually suggested that there was more than met the eye… So there must be some way to actually create the

wobbly tweet on your own! Googled about hiding secret messages in tweets brought the solution: http://holloway.co.nz/steg/

When I found that page after all these days I almost cried ;-) That HAD to be the solution.

Unfortunately the decoded message was not accepted as the password. Tried the tweets from some other

hackers and found that the decoded messages changed. It seemed to be very dependent on the way you copy/paste it. Decided to pull the Javascript from the site and manipulate it so it would take directly the array

of bytes I recorded from the decompiled Android app instead of the text you enter manually in the textboxes… And suddenly the messaged decoded right: “st3g4isfunyo”


Solution of HaRdLoCk

this one made me scratch my head for quite some time. but this is because i was expecting something completely different and the title is somehow misleading.

however... it turned out, to be some sort of steganography for twitter or in other words, secret messages on twitter.

if we google these terms, we will find a webpage which offers us exactly this.

http://holloway.co.nz/steg/

i grabbed the twitter http post data from the IDA disassembly of the Hacky Easter App:

%23%EF%BC%A8a%EF%BD%83%EF%BD%8By%CE%95%EF%BD%81ste%EF%BD%92%E2%80%A9201%EF%B

C%97%E2%80%A9%E2%85%B0%EF%BD%93%E2%80%80a%E2%80%84l%EF%BD%8F%EF%BD%94%E2%80

%80%CE%BFf%E2%80%89%EF%BD%86un%EF%BC%81%E2%80%A8%23%D1%81tf%E2%80%88%23%EF%B

D%88%EF%BD%81%CF%B2king-lab

this is obviously URLEncoded. with the help of an online decoder i converted it:

and using the Twitter Secret Message decoder from the page above, i found the solution "st3g4isfunyo"


Egg 12 – Once Upon a File

Level: medium

Solutions: 252

Author: inik

Challenge

Once upon a file there was a hidden egg. It's still waiting to be saved by a noble prince or princess.

Solution of HomeSen

Egg #12 was hidden inside a CAB archive, nested inside a file named file which was found inside an encapsulated ZIP archive inside the provided file.



the zipfile here contains another file, which seems to be an image of a disk.

its time for winhex – the best tool for such forensic tasks. there we can select, interpret image as

filedisk and like this we can browse the filesystem very easy.

i noticed another file called disk, but it was deleted on this image, therefore it has this gray font. looking at this

"hidden" file, we can already see some information about the egg12 and also that this is a microsoft cabinet file (MSCF header) – lets save this as .cab then!

opening this cab file in normal explorer revealed the egg for this challenge:


Solution of mcia

‘binwalk’ is a tool to identify header information within a file. If multiple files are hidden in one single file, ‘binwalk’ can identify and automatically extract these files. With ‘binwalk’ this challenge is pretty easy to solve.

The QR code is in the file ‘egg12.png’.

Solution of Dykcik

Onceupon.zip contained a file, which was a disk image. I opened the disk image with autopsy and found a deleted file.zip archive.

Inside the archive was another disk image, I opened that as well and noticed an interesting file with egg12.png.

The interesting file was a Microsoft Cabinet archive, after extracting the archive I got the egg.


Egg 13 – Lost the Thread

Level: medium

Solutions: 126

Author: CoderKiwi

Challenge

Searching for eggs is fun! But sometimes they come in weird shapes and sizes. Download the image and wind up the strand!

Solution of jamesdju

Use Python Image Library to process the image (on pixel y=1) to get binary data of 0 for white and 1 for black pixel. The resulting binary blob has 2 different pattern:

a. 01011111111111100 - 607 of them

b. 11111111111111100 - 234 of them

Grouping this pattern to be x and y respectively also shows another pattern

This QR Code says kiwisarekewl


Solution of soundrh

The hint says “wind up”. So, I wrote a PHP script, which reads the middle line and creates a new image which displays that line wrapped.

Creating a loop around it with different sizes, every width with a factor of 17 looks a like:

Because every first and third column have the same pixels and the others are all black, only the first is relevant.

Thus, the same game again, but only with every 17th pixel. Also with different sizes. There was a QR-Code under the images:

It contains the password: kiwisarekewl.

Here’s my resulting script creating the image, with the divider to only parse every 17th pixel and a zoom to enlarge it directly.


Solution of SOKala

By downloading the image, I found it is 14500x3 pixels image. Mmm, looks like a thread that needs to be sewed to be a rectangle. By using Imagemagick tools, I cropped the image into pieces 493x3 by:

# convert thread.png -crop 493x3 +repage +adjoin thread%04d.png

Then reassembles it to a rectangle by using:

# montage -mode concatenate -tile 1x thread 0*.png Sew.png

By using the stegsolve.jar tool with the Sew.png and choose Analyse Stereogram

solver with offset=8. I got a secret QR code:

By redrawing and scanning it, the password is kiwisarekewl

Solution of Mitsch

What the hell? To get a little bit better idea of the thin line, the png is converted to text with

imagemagick.

convert thread13.png thread13.txt

The output looks like this with coordinates of the pixels and colours

17,1: (0,0,0,0) #00000000 none

18,1: (0,0,0,1) #000000 black

19,1: (0,0,0,0) #00000000 none

20,1: (0,0,0,1) #000000 black

After a lot of unsuccessful attempts to "wind up the strand" a closure look at the number of pixels

have a hint.

- 14.500 pixels in the line, minus 16px offset at the beginning and 187px at the end results in 14297.

- 14297 = 841 x 17 (length of each small subline is 17px)

- 841 = 29 x 29 -> is it a QR-code? It's worth to test it.

- Take only every 3rd pixel from a line. This is the only one which is toggling between black & white. - create a square 29 x 29 and fill it with the information from the strand.


with a little trick to create a svg-image

<defs>

<rect id="b" style="fill:rgb(0, 0, 0);fill-opacity:1" x="0" y="0"

width="6" height="6" shape-rendering="crispEdges"/>

<rect id="w" style="fill:rgb(255, 255, 255);fill-opacity:1" x="0" y="0"

width="6" height="6" shape-rendering="crispEdges"/>

</defs>

and awk

awk -F "," '

BEGIN {

l = 29

o = 19

x = 1

y = 1

}

{

if ( $5 == "1" ) {

rect = "#b"

} else {

rect = "#w"

}

if ( o > 0 ) {

o--

} else {

print " <use x=\"" x * 6 "\" y=\"" y * 6 "\" xlink:href=\"" rect "\"/>"

x++

o = 16

}

if ( x > l ) {

y++

x = 1

}

}' thread13.txt >> thread13_qr.svg

a QR-code is created with content: 6b 69 77 69 73 61 72 65 6b 65 77 6c 0a -> kiwisarekewl


Egg 14 – Shards

Level: medium

Solutions: 252

Author: PS

Challenge

Oh no! What a mess!

Solution of eash

I would like to thanks Jeff Kayser for amazing script to image join files at https://github.com/jeffkayser/imglue. I did some changes on the imglue.py to attend the needs.

First step I unzipped the file shards.zip to shards/ directory. And realized that I need to order the shards by date creation. To run the script use:

#python imglue.py grid shards/* egg-14.png

The script output is the egg-14.png.

Solution of soundrh

First of all, I removed the img_ from all filenames.

Then I tried various parts (between underscores) of the filenames as the first (for sorting), that the previews

looked like they could build an egg. With the last part (0 – 39) the first and last view were all white, so I carried on with that name pattern. Because the windows explorer sorts numerically, but some sort functions do not, I zero-padded the ones with only one digit in the first part.

After looking at the size of the shards and the one of a complete egg, I knew that the shards have to be placed in a 40 to 40 grid. I wrote a PHP script, which displays the shards in a table sorted by their name.


I got the following result, there’s more work to do

(which didn’t surprise me):

After displaying the names instead of the images, I

tried it with the letters as the second sort argument.

Better, but not ok. Again after looking at the names, the lowercase letters have to be put before the uppercase ones.

The shards have to be rotated:

Last thing: Invert order of lines:


Solution of sunscan

In the file shards.zip are present 1600 shards/files so this challenge is a 40x40 puzzle.

Each file has the name:

img_{SEQUENCE_NUMBER}_{ROW}_{RANDOM_NUMBER}_{COLUMN}.png

where ROW is in the range [a-z,A-N] and COLUMN is in the range [0-39].

Using a Bash script with ImageMagick we can combine all the shards in the correct sequence and obtain the egg:

Solution of Buge

This had 1600 images that were each 12x12 pixels. So we probably need to organize the images into a larger image 40x40 smaller images in size. I got a file containing the names with

ls shards/ > namesfile.txt

The names contain multiple parts separated by underscores. The last part is always a number from

0-39 so that is likely either the x or y position that the image should go. The 2nd part is always a

letter a-z or A-N. There are 26 possibilities a-z inclusive and 14 possibilities A-N inclusive, so that's 40 possibilities. So that letter is probably the other coordinate, with a-z indicating 0-25, and A-N

indicating 26-39. From testing I found that the letter was the y position, and the number was the x

position.

from PIL import Image

import re

def letternum(l):

return ord(l) - ord('a') if l >= 'a' and l <= 'z' else ord(l) - ord('A') + 26

names = open('namesfile.txt').read()

im = Image.new('RGBA', (480, 480))

for name in names.split():

m = re.match('img_([0-9]+)_([a-zA-Z])_([0-9]+)_([0-9]+).png', name)

im2 = Image.open('shards/' + name)

y = letternum(m.group(2))

x = int(m.group(4))

im.paste(im2.copy(), (x*12, y*12))

im.save('final.png')

That gave a file final.png that had the egg with the QR code.


Egg 15 –P Cap

Level: medium

Solutions: 181

Author: PS

Challenge

What about a little P cap?

Solution of evandrix

(wireshark ≥v2.3.0)

editcap cap.pcapng cap.pcap

tshark -r cap.pcap --export-objects "smb,smb.out.d"

binwalk -e smb.out.d/%5cR05h4L$1$.jpg

mv _%5cR05h4L$1$.jpg.extracted/imnothere.txt imnothere.jpg

convert imnothere.jpg -resize 1200% imnothere-resize.jpg

tesseract imnothere-resize.jpg imnothere

cat imnothere.txt

=> 7061n.php

@ https://hackyeaster.hacking-lab.com/hackyeaster/7061n.php

Solution of eash

Extracted R05h4L.jpg file that was in SMB protocol using Wireshark.


There is a hidden ZIP file in R05h4L.jpg, checked with binwalk command. In the ZIP there is a TXT file named

“imnothere.txt”. I used the command binwalk -e to extrat the ZIP and TXT files.

Checked the “imnothere.txt” and realized that was a JPG image file.

# file imnothere.txt

imnothere.txt: JPEG image data, JFIF standard 1.01, resolution (DPI), density

96x96, segment length 16, Exif Standard: [TIFF image data, big-endian,

direntries=6, orientation=upper-left], baseline, precision 8, 52x10, frames 3

Next step was access URL https://hackyeaster.hacking-lab.com/hackyeaster/7061n.php and grab the egg.

Solution of remmer

I solved this one using Wireshark. An SMB exchange between 192.168.1.112 and 192.168.1.10 seems to occur starting from packet No. 223. I right-clicked the packet No. 223 and select Follow > TCP stream, then chose 192.168.1.10:445 -> 192.168.1.112:53565 in order to filter only what the SMB server sent to the SMB client. Then, I chose Show and save data as Raw and saved the result.

Using Binary Ninja and binvis.io, I saw that the resulting file contains a .zip file between offsets 01bcf8 and

01c20d. This .zip file contains a .txt file named imnothere.txt, that is actually a .jpg. It can be opened after changing the extension.

The egg was finally revealed by browsing to https://hackyeaster.hacking-lab.com/hackyeaster/7061n.php.


Solution of kumaus

Being a total newbie regarding WireShark, the 1553 lines of capture look scary at first. Two HTTP exchanges

occur, GET requests to perdu.com and nothinghere.pl, which turn out to be red herrings. More promising is a lengthy SMB protocol exchange between line 226 and 658.

SMB (Server Message Block) is a protocol most commonly used for remote file access under Windows. This sequence of requests pokes around the directory tree on a remote laptop under a user account [email protected]. After quite some trying, a file R05h4L.jpg is identified and downloaded. The

interesting part is:

477 53.633535000 192.168.1.112 192.168.1.10 SMB 166 NT Create AndX Request,

FID: 0x28fa, Path: \R05h4L.jpg

478 53.635029000 192.168.1.10 192.168.1.112 SMB 193 NT Create AndX Response,

FID: 0x28fa

...

498 53.644356000 192.168.1.112 192.168.1.10 SMB 117 Read AndX Request,

FID: 0x28fa, 32768 bytes at offset 0







546 53.654455000 192.168.1.10 192.168.1.112 SMB 1514 Read AndX Response,

FID: 0x28fa, 32768 bytes





640 53.674049000 192.168.1.10 192.168.1.112 SMB 1342 Read AndX Response, FID: 0x28fa, 3472 bytes

Lines 546, 590, 636, 640 contain binary data in their payload which can indeed be combined in a hex editor to

form a valid JPG file. Or, simpler, wireshark can export the data (File -> Export Objects -> SMB/SMB2), which serves it on a silver platter. The image itself, however, is disappointing. Another red herring? Surely not ... The filename (Roshal > RAR) hints at compressed data, and starting at 0x1885F one indeed finds a ZIP file:

The file imnotthere.txt flies under false flag and is actually another JPG image: Looking at https://hackyeaster.hacking-lab.com/hackyeaster/7061n.php finally gives the egg.


Egg 16 – Pathfinder

Level: medium

Solutions: 181

Author: MaMe82

Challenge

Can you find the right path?

hackyeaster.hacking-lab.com:9999


In this challenge a server adress is given. nc hackyeaster.hacking−lab.com 9999

Ok, no answer, trying with HTTP request gives:

With User-Agent headerfield set the server responsed with:

Using a brute force approach to find the path.


Solution of inik

Found out, that it reacts to http. GET / will response with:

{"Answer":"I only talk to PathFinder!"}

So what’s that. I googled for Pathfinder and found 3 possibilities:

Its JSONPath, an Xpath for JSON with a similar syntax.

o See http://goessner.net/articles/JsonPath/

It’s geo-json-path-finder, a libaries for routing between to points.

o See http://www.liedman.net/geojson-path-finder/

Or is it: http://rpgbot.net/pathfinder/ a role playing game?

None of those links made sense to me, but I didn’t had another clue. I tried random paths as well or sending some random JSON message. Without success.

After putting away the Chall for a few days and looking at it again I thought, I tried to fetch robots.txt, which

wasn’t there. Thinking further I thought about ways another ways to (besides path, cookies) to change a http-request and found, that the User-Agent has to be changed to PathFinder to get an answer: Example with wget:

wget -qO- --user-agent="PathFinder" http://hackyeaster.hacking-lab.com:9999/

{"Answer":"Follow one of the possible paths","paths":[1,3,5,8]}

wget -qO- --user-agent="PathFinder" http://hackyeaster.hacking-lab.com:9999/1

{"Answer":"Go on! Follow one of the possible paths","paths":[5]}

Fiddling around a little, it seemed that there are to many possibilities and so I wrote a program to solve the chall:


The result was:

RES: --> {"Answer":"Follow one of the possible paths","paths":[1,3,5,8]}

RES: 1 --> {"Answer":"Go on! Follow one of the possible paths","paths":[5]}

RES: 15 --> {"Answer":"Go on! Follow one of the possible paths","paths":[3,7,8]}

RES: 153 --> {"Answer":"Go on! Follow one of the possible paths","paths":[2]}

[…]

RES:

15729468326935817484371652949658371252897134673164289597213546868542793131486925

7 -->

{"Answer":"Thanks PathFinder you saved my life by giving me the solution to this

sudoku!","sudoku":

[[0,0,0,2,0,4,6,0,0],[2,0,9,0,0,0,0,0,0],[0,0,0,0,0,6,5,0,0],

[0,0,6,5,0,0,7,1,0],[0,0,0,9,0,0,0,4,0],[7,3,1,0,0,0,0,0,0],

[0,7,0,0,3,0,0,0,8],[0,8,0,0,2,7,0,3,1],[0,1,4,0,6,0,0,0,0]],

"your_solution":[[1,5,7,2,9,4,6,8,3],[2,6,9,3,5,8,1,7,4],[8,4,3,7,1,6,5,2,9],

[4,9,6,5,8,3,7,1,2],[5,2,8,9,7,1,3,4,6],[7,3,1,6,4,2,8,9,5],

[9,7,2,1,3,5,4,6,8],[6,8,5,4,2,7,9,3,1],[3,1,4,8,6,9,2,5,7]],

"Secret":"https://hackyeaster.hackinglab.com/hackyeaster/images/challenge/egg16_

UYgXzJqpfc.png"}

Solution of Morpheuz

Connecting to the url gives the json-response:

{“Answer”: “I only talk to PathFinder!”}

The solution was to change the user-agent to ‘PathFinder’. The server offered different ways to go, from 1-9

and you had to append this number to the url. The path would then somewhen end – when it does, you’re on the wrong path.

I wrote a little recursive script, which would go through every possible path:


Egg 17 – Monster Party

Level: medium

Solutions: 75

Author: otaku

Challenge

The monsters do have a big party, jumping around like fools.

Each of them has its own jump-pattern. When two or more meet on a field, they are happy to see each other, but continue hopping. Passing the border on either side makes them appear again on the opposite side.

Board:


Solution of Bikey

This puzzle seems to have caused problems for many people but has at least one relatively simple solution.

Using an excel spreadsheet (27x27 grid) I set out each colour monster on a separate sheet using the value 1 to

indicate the starting point for the monsters. Also a master sheet with the totals of each grid square. This was the time consuming bit.

The grid suggested that it would produce a QR code but was 2 squares larger than a standard QR grid implying that there would be a blank row around the outside. From this it is only necessary to rearrange each colour to

put a blank row to the outside by cutting and pasting vertically and horizontally. There are a couple of places where the grids can be split in more than one place but it is easy to find the correct split. The master sheet now shows the QR pattern in 1’s and by applying colour format the code can be scanned

It is not necessary to move the monsters using their jump patterns!

Solution of Darkice

For this challenge, it is only needed to let the monsters jump around with their own jumppattern. When

starting with the second jump of the pattern, it takes less than 100 jumps of each monster until they are representing a QR code.



The QR code of this task was made with the help of these cute monsters. Unfortunately, these

monsters can not stand still for a long time so the code is not readable.

To read the code, the starting position of all monsters must be determined.


Solution of jokker

One of the hardest challenges in my opinion. Making the monsters jump was an easy task with some JS-code.

But it took my hours to get to the right solution. The 27x27 grid indicated, that the final solution will make up a QR-code, because those are 25x25. So I tried different things with RGB combination with a JS-script, but nothing worked.

I got a hint, that the monsters are not jumping like I think and that every monster will be placed alone on the grid. That hint got me on the right track.

We have 6 monsters with jump patterns of the length of 3. So there are 6^3 (216) combinations on how the monsters are starting in the jump pattern. This are too many combinations for a human, but not for a

computer. I wrote a python script which tried every starting combination. Every starting combination loops for 100 movements of the monsters and checks if all monsters are placed alone on the grid. As soon as this condition is met, we stop the process. Pasted this starting combination in my JS-code and looped for the same amount of movements. This revealed the QR-code for the challenge.


Egg 18 – Nitwit's Doormat Key

Level: medium

Solutions: 267

Author: CoderKiwi

Challenge

Being sure that no one can read the obfuscated code, bunny Nitwit has hidden the egg behind his login-page.

Find out the username and password to show that he lives up to his own name!

Solution of pyth0n33

We were presented a webpage with a login form. I quickly looked at the page source and noticed a lot of obfuscated javascript code.

I saw a few base64 strings and without looking at the code I decoded these strings. One of these strings

contained an image. I decoded the base64 string and saved the image to my computer. The image had strange

looking colours. I thought that something is hidden in the pixel values. I used python and the pillow image library to print out the pixel values. The values for the red pixels were in the asci range. So I converted the

values to asci characters and combined them. This gave me another base64 string. I decoded it and got a JS code.


The function logMeInScotty contains the username and password check. Combining all the conditions in this

function gave me the username: bunnyXm4st3r.

For the password check a different method was used. I copied this message to the google chrome

developer console and used magic(“bunnyXm4st3r”) to get the password.

So I found the password: cvoozYs4ut5n. With this username and password I got the flag.


This was a "simple" JavaScript de-obfuscation challenge. After trying for some time to reverse the obfuscation by hand I turned to Firefox and was able to see some of the obfuscated code directly in

a readable form. I then tried with Chrome and it turns out that the obfuscation can be reversed in a

handful of clicks, here is how:

1. Open the challenge page 2. Press F12 to open the debugger

3. Go to the elements tab and expand the HTML code up to the login button and select this tag

4. On the right panel go to the ' Event listeners' tab 5. Expand the ' click' listener up to the handler function called LogMeInScotty()

6. Right-click on the function and choose ' Show function definition'

Bingo, the code is de-obfuscated. The steps 3-6 are shown in the screenshot below:

The code can then be pretty-printed (also possible in Chrome), and some variable replaced for more readability. The result is as follows:


Then it is only a matter of minutes to retrieve the username ' bunnyXm4st3r' and the password can be found by calling the magic() function with the username as argument to find. When entering thes two values in the

login page, the egg is displayed.



Extract Script with chrome dev-tools (Go to event listener, click:VMxx). They even pretty print the

script :-)

Username:

Username: bunnyXm4st3r Password: cvoozYs4ut5n


Solution of vitali

To solve this challenge we need to extract login and password from the obfuscated JS code.

It was easy to receive username by analyzing JS function "logMeInScotty" that is used as a click

listener for the submit button. So the username is "bunnyXm4st3r".

The main problem was to receive the function "magic". I spent a lot of time trying to understand the

JS magic but didn't understand it. So the alternative solution was to directly scan the browser

process memory and extract the function code from it. As a result the password is: magic("bunnyXm4st3r") -> "cvoozYs4ut5n"

function magic(str) {

var l11 = "";

for(var l1I = str.length-1; l1I>=0; l1I--) {

if(l1I > 5) {

l11 += moreMagic(str[l1I]);

}

else {

l11 = moreMagic(str[l1I]) + l11;

}

}

return l11;

}

function moreMagic(c) {

return String.fromCharCode(c.charCodeAt(0)+1);

}


Egg 19 – Disco Time

Level: hard

Solutions: 139

Author: DeathsPirate

Challenge

Disco time!

Solution of muzido

I used imagemagick tool.

First I run the following command to handle all frame in gif file.

convert disco2.gif test/%d.png

Then I run the following command.

montage `ls -1a test/*| grep png | sort -t'/' -k2 -n` -tile 28x149 -geometry

28x28+4+4 final.png

Then run this;

mogrify -rotate +90 -flop final.png

I found this image:

The flag is PixelPixiesArePractical

Solution of HomeSen

The square between the 2 cats was an animated GIF image with 4172 frames. Factoring that number yields

the dimensions 28x149 for the resulting image (ignoring the fact that the GIF frames actually were 2x2 pixels


in size). Writing a simple Python script that took each frame’s color and applied it to a new pixel inside the new

image revealed the password for the Egg-O-Matic yielding egg #19

Solution of mcia

First step with gifs is always to look at the single frames. The gifs with the cats didn’t reveal anything interesting. But disco2.gif did.

$ convert *.gif frames/out.png

$ ls -u frames/ | head -10

out-4184.png

out-4187.png

out-4186.png

out-4185.png

out-4183.png

out-4182.png

out-4181.png

out-4180.png

out-4179.png

out-4178.png

If we look at the frames folder, we can see a lot of red and white images. Looks like a pattern. We have 31 pictures before the color changes, this seems important.

I tried to combine the frames to a new picture with ‘montage’. ‘montage’ takes the pictures by name and orders

them from top left corner to the top right corner, then it goes to the next line and so on. I used montage this way:

montage frames/*.png -geometry 48x48+1+1 -tile 31x200 result.png

This takes all the pictures from the frames folder and combines it into result.png. Result.png is 48×48 pixels and the boarders between the frames are 1 pixel. It takes 31 pictures per row and then goes to the next row. I

had to do some trial and error to find the right values.

After rotating the picture and flipping it vertically I got this picture:

It’s a bit hard to read, but the codeword is “PixelPixiesArePractical“.

Solution of kumaus


Oh no dancing cats!!! Let's try to avoid them and concentrate on disco2.gif. This is an animated GIF

having 4172 frames of 2x2 pixels. There is a global colour table, but some frames have local colour

tables of different sizes. Further observations:

Local palette sizes are 4, 2 and 1

image colouring is either

(p00, p01, p10, p11) = (0,2,1,3) ca 2/3

(p00, p01, p10, p11) = (0,0,0,0) ca 1/3

palette entries for (0,0,0,0) are grayscale: 0xFF, 0xFE, 0x55, 0x00

palette entries of shape (0,2,1,3) always have identical colour

To get to the bottom of this, I tried to look for a structure:

The output shows a periodic pattern of size 28, giving 149 lines. Flipping it over and zooming out a long way looks like this:

These are almost recognizable letters. So it seems that each frame has to be mapped into a pixel of an image of size 149 x 28. After some trial and error, the simple approach of picking the first palette entry of each frame worked:


gives the image

which shows the password PixelPixiesArePractical


Egg 20 – Spaghetti Hash

Level: hard

Solutions: 162

Author: PS

Challenge

Lazy Larry needs to improve the security of his password hashing implementation. He decides to use SHA-512 as a new hashing algorithm in order to be super secure. Unfortunately, the database column for the hash

can only hold 128 bit. As Bob is too lazy to extend the column and all the code related to it, he decides to

shrink the output of the SHA-512 operation, to 128 bit. For this purpose he picks certain characters from the

SHA-512 output for producing the new value. You got hold of four password hashes, calculated with Bob's new implementation. Can you find the

corresponding passwords?

hash 1: 87017a3ffc7bdd5dc5d5c9c348ca21c5

hash 2: ff17891414f7d15aa4719689c44ea039

hash 3: 5b9ea4569ad68b85c7230321ecda3780

hash 4: 6ad211c3f933df6e5569adf21d261637

Lucky you, you know that the following web service is calculating Bob's algorithm. However, the web service only accepts strings of length 4 or less - brute-forcing a password list thus is no option, since the passwords you are looking for are all longer.

https://hackyeaster.hacking-lab.com/hackyeaster/hash?string=abcd



First, I had to find out which of the characters from original the hash were used to calculate the shortened hashes:

I searched my rainbow table (rockyou.txt) for this wildcard string:

Then, I used a script to convert these to wildcard strings for SQL:

This gave me the following passwords:


Solution of TheVamp

At first, I checked out manually the custom hashes and tried to compare then. I hoped I could see some

differences, but the algorithm is to complex. If I don’t see differences, maybe a little python script could be:

Here is the output of the script:

[…]

Now we know the algorithm and we can crack all the passwords with a dictionary. I added the following lines

at the end of the script, so that we are able to crack everything with a Password list. I downloaded the password lists from https://wiki.skullsecurity.org/Passwords


Here is the output of the script. Sadly, the output isn’t so good. In example as he found the “cool” hash, there is a glitch with the running progress-counter.


Solution of kumaus

Is the guy called Lazy Larry or Bob? Probably an unsolvable mystery. To sort out which SHA512 characters go into his special hash, I used the service providedto calculate a few examples for the letters 'a' to 'f':

a) 2552d46012e2cee9c48f2238b10ec560

b) 580b7ef5583b650e55788477165ecbcf

c) da1b8782a23ed2c5d041cc218b952631

d) ad50cdc041f4001d08766c78548a54bc

e) c1f7359e805c81c0e7211d89cfffee8b

f) 5128f2bd74bc2534954f39e5e1754b4d

The code below compares these to the actual SHA-512 hashes of the letters 'a' to 'f' in order to derive a

positional key. This key is then used on all entries of a dictionary (I used rockyou, which may well be

overkill) to find the four password hashes.

The solution is:

6ad211c3f933df6e5569adf21d261637: 12345678 --> hash 4

ff17891414f7d15aa4719689c44ea039: Cleveland --> hash 2

87017a3ffc7bdd5dc5d5c9c348ca21c5: Prodigy --> hash 1

5b9ea4569ad68b85c7230321ecda3780: benchmark --> hash 3


Egg 21 – MonKey

Level: hard

Solutions: 74

Author: PS

Challenge

The monkey is laughing at you. Get the hidden egg from his binary.

Solution of jamesdju

Decompiled the binary with IDA Pro.

Relevant code pieces:

The egg image is encrypted with aes-128 ECB mode with a 16 character key.

The key is a string which can be seen in the third picture. It is scrambled during the password check, to look like: "makybkomooaenklo".

However, the actual key can be obtained by stepping back to sub_A75C call, which simply moves the letters around. The real key is: koolokambamonkey.

Decrypting it can be done with openssl.

root@kali:~/hackyeaster/2017/c21# openssl enc -d -aes-128-ecb -in encrypted

-K 6B6F6F6C6F6B616D62616D6F6E6B6579 > egg.png


Solution of mcia

This challenge was the hardest one for me.

First step was to rename the ipa file to zip and extract the content. There are a lot of interesting files but no QR

code in sight. Running ‘strings’ on the Monkey binary reveals some information. We can see that the library

CCCrypt is used, there are function named aesDecrypt and aesEncrypt, we can see an encrypted string which probably is our encrypted QR code. And then there are these two strings “thisIStheKEYyoyo” and “monkeyluv$Banana”. I was a bit disappointed at the first moment, I thought this was too easy! But I was wrong, the 2 strings didn’t work as keys no matter how I tried. It is time to use a disassembler. I used hopper to solve this task.

Most interesting function is onBtnPressed. I worked mostly with the generated pseudo code of hopper, which worked pretty well:

We can see in the else-part at the end of the function, the two strings “thisIStheKEYyoyo” and “monkeyluv$Banana” are used in a log output to display the nopeCat! Nice play PS, nice play!

Proceeding with the reverse engineering I found this method call: r4 = [[NSString stringWithFormat:@”%@omo%@”, @”makybk”,

@”oaenklo”] retain]; This method results in the string “makybkomooaenklo”. But that string does not work as key either.

So, I stepped backwards from where the key actually was used:

aesDecrypt, the key used is r5

r5 is r6 UTF8 decoded

r5 is equal r4, r4 is “makybkomooaenklo”

As r5 was assigned from r6 before, we have to follow r6

r6 was last changed in the function sub_a75c()

input to sub_a75c is the key entered in the app, output is r6

We have to look closer what exactly happens in the function sub_a75c():


If we simplify this method to something more readable and only take the needed values from the array ’27fbc’, we get this function:

We have a password with the length of 16 characters. In this method the order of the characters of our

password is chosen and a new string resulting in ‘makybkomooaenklo’ is created. ‘int original_password’ is a

pointer to the address of the first element/character of the password used in the app and to it an offset from the array ’27fbc’ is added. All values inside ’27fbc’ are smaller than 0x10. Means that the ordering of the entered password is changed inside this function. In the app someone enters a password, this function changes the

order of the characters and the result of it is the known string ‘makybkomooaenklo’. But the first typed

password is used to decrypt the egg.

End ‘result’ is ‘makybkomooaenklo’

result[0] is address_of_first_character_of_our_password + 27fbc[0] (Which is 0x07)

result[0] is the character which is at position 0x07 of our password

We don’t know the entered key, but we know what it becomes after the function ‘sub_a75c’. Now we can reverse the function and get the key

to decrypt the QR code!

To reverse the string I loop over the lenght of ‘makybkomooaenklo’ and for each position (0..15) we check at

what index in ‘sub_a75c’ this number is located. When we found the position, we know the position of the character in the ‘makybkomooaenklo’ string.

Running the function reveals the password ‘koolokambamonkey‘. With this key we can decrypt the encrypted image of the QR code.


Dolution of Morpheuz

The first thing that came to my eyes after renaming the .ipa file to .zip was this cute picture of a cat:

The app seems to log some base64-string along with two honeypot-keys, if some precondition fails. Decoding the base64-string reveals the “fail”-image:

The other branch decodes some base64-encoded data, aes-decrypts it and encodes it back to base64, to, as it looks, display it in a webview (data:image/png;base64;…).

The main algorithm takes, scrambles and compares our input against “makybkomooaenklo”. The scramble routine looks like this:

And this is the secretArray:

The following golang-code would reverse this process:

It prints the result “koolokambamonkey” which can be used to decrypt a blob, saved in another base64-string inside the app, with AES-128 CBC. The decrypted blob is a png-image of the qr-code-egg.



hey, this is an iphone binary! very nice! immediately loading in IDA and checking out the strings. we are even lucky and this was compiled in 32bit and 64bit mode – therefore we can use hexrays for pseudo code.

i also installed the app itself on my iphone, using cydia impactor from:

http://www.cydiaimpactor.com

and my developer certificate (but it works also with the free developer certificate)

the binary contained some honeypot with wrong keys and dummy images:

of course, it was not that easy. the key itself seems to be checked here:

but whatever i tried, this key "makybkomooaenklo" didnt work on the iphone.

i really did overlook something here and when i saw it – facepalm. oh no.

there is a sub before the check!!!!

this is a lookup function, which does change the order of the string based on the table referenced in this sub.

makybkomooaenklo must be reordered according to this table. i made this manually in excel:

and here we go with our egg


Egg 22 – Game, Set and Hash

Level: hard

Solutions: 226

Author: PS

Challenge

Can you beat the tennis master?


Solution of Dykcik

To beat the tennis master you have to quickly invert SHA-256 hashes. There are many online services to crack hashes, but most of them are protected by CAPTCHA. Fortunately, hashtoolkit.com is a service which inverts

hashes and does not use CAPTCHA. I prepared a script that gets a hash from hacking-lab and asks

hashtoolkit.com to invert it, then the script forwards the answer from hashtoolkit.com to hacking-lab. See the script below.


Solution of soundrh

I tried to access the URL with curl, but that did not work well. Thus, I accessed it with nc:

$ nc hackyeaster.hacking-lab.com 8888

Ready for the game?

I did some desperate tries, but the next day, without thinking I just entered y:

I thought I could look up the hash, but that’s too slow. Also, is the hash random. So, I had to build a rainbow table. I used the UNIX word list fist, but that was way too short. I downloaded one from crackstation.net.

To parallelise the calculation, I split the file with sed:

sed -n 1,9999999p realhuman_phill.txt > realhuman_phill.txt.part1

sed -n 10000000,19999999p realhuman_phill.txt > realhuman_phill.txt.part2

...

Sometime later (in my case two days with enlarging the virtual machine’s disk twice) it was ready.

I created a lookup script and made it more convenient by adding an action listener to the input field and the

output span:

onfocus='document.getElementById("text").value =

window.clipboardData.getData("text").trim();

ondblclick="document.execCommand('copy');"

They work only with Internet Explorer. I lowered the security settings for my virtual machine’s apache to let the

annoying “Are you sure?” popups disappear. I placed PuTTY on the left side and the browser on the right side.

After the preparations, I started the game. When a hash was displayed, I could mark the whole line to copy it,

click into the input field, where it will be trimmed, and press enter. Then, double click on the fetched text and paste with a right-click and press enter.

After a little while, I won the game and got presented the secret:

Nice idea and implementation!


Solution of Darkice

When connecting to the server and accepting to the game, a hash will be retrieved. This is a SHA-256 Hash and

it was easy to break. However, there will be more than one Hash to be cracked, and there is also a time limit for each Hash. Being too slow or providing the wrong word to a given Hash will result in a point for the opponent. To win the game a python script can be used. After the game is won the password for the Egg-O-Matic™ is printed.

You win! Solution is: !stan-the_marth0n$m4n

Solution of jcel

This was an online challenge-response game. Using nc for first trials, the game seemed to consist of a challenge that was a SHA-256 hash, sent by the server, and a response, that was assumed to be the un-hashed string, needed to be sent by the client.

So, the solution seemed obvious: Use an online SHA256-cracker to un-hash the challenges. The first trial (I

wrote a perl program for the client that submitted the hash to the online service) using hashtoolkit.com only led to my IP being banned by the service.

So, I downloaded a raw wordlist (https://crackstation.net/files/crackstation-human-only.txt.gz) and computed the SHA-256 values for them myself, using this as the lookup mechanism for my Perl program. I had to restrict to using only every other word due to memory restrictions.

Using this, I was able to beat the tennis master. The final result was:

<<< Correct! Point for you.

<<< ----------------------

<<< Player 3 7 0 6 6

<<< Master > 6 6 6 4 4

<<< ----------------------

<<< You win! Solution is: !stan-the_marth0n$m4n


Egg 23 – Lovely Vase

Level: hard

Solutions: 83

Author: PS

Challenge What a nice vase! Beautiful, don't you think?

trickhesitenadrfairairstp

tedtunbhscnprissnaoeoasab

hacektpsrnediiahrtartirlf

Solution of SOKala

Wow, it is really a lovely vase. By meditating in this lovely vase, I found that it has 3 parts as shown in

the picture below.

Looking like that each line has been encrypted by an encryption technique like a vase.. All are transposition cipher with different types.

1. Route Cipher

• The first one looks like a Route Cipher with the shown route. By trying to decrypt it:


2. Rail Fence Cipher

• The second one looks like a Rail Fence Cipher with 3 rows (key). By trying to decrypt it:

3. Transposition Cipher

• The second one looks like a Rail Fence Cipher with 3 rows (key). By trying to decrypt it:

And the final password is adrianericksusannabobclairefrank


The first line should be read like this (the resulting name ‘enairda’ has to be reversed to adriane and, following

the other patterns with a name of a men, combining it with the left-over characters ‘rick’):

The second line must be written in zig-zag and then read like this:

The third line should be read like this:


Combining all solutions results in ‘adrianericksusannabobclairefrank’ which is the word you had to enter on the website.

Solution of Darkice

First part:

For the first part the pattern on the vase is a hint in how to solve it. Just split the cipher text into 5 * 5 grid and apply the pattern on it.

Solution: the first part is adrianerick

Second Part:

For this part, a rail fence cipher is used. To decode it, simply split the cipher text into 3 lines and form a zigzag pattern.

Solution: the second part is susannabob

Third Part:

For the last part, split the text into a 5 * 5 grid and then read the columns from bottom to top.

Solution: the third part is clairefrank

To get the egg from the Egg-O-Matic ™ simply combine all solutions.

Final Solution: adrianericksusannabobclairefrank


Solution of jokker

These are 3 different transposition ciphers. Number 1 and 3 need to be placed in a block of 5x5, writing down

the string from top to bottom, from left to right. Number 2 needs to be placed in a specific shape, so we can draw some kind of triangles.

1. String

2. String

3. String

This gave me the final string “adrianericksusannabobclairefrank”.


Egg 24 – Your Passport, please

Level: hard

Solutions: 93

Author: PS

Challenge

After another exhausting Easter, Thumper decides to travel abroad for recreation. As a real h4x0r, he of course is using his own, homemade e-passport:

Write a client which connects to the virtual terminal, and fetch the portrait photo stored on Thumper's passport! The virtual terminal is running on:


As a starting point for your client, the following eclipse project is provided:

Solution of daubsi

Ok, ok I confess… I cheated on that one… When I build the cradle project and made everything fly it

was apparent that this would become a rather “low level” coding challenge, where you would have

to throw the bits and bytes around by talking to the cryptoprocessor of the ID card… But wouldn’t

there be a simpler way? I copy/pasted the bytes during initialization that were thrown at me… And immediately found a github project which had code to…. “download a photo from an e passport”!!

Wait, what??? Haha! Great stuff!

https://github.com/johnjohndoe/ePassLeser


I adapted the code so that it would connect to the hacking lab virtual ID card which took me a

ouple of minutes, started up the program and…. observed the bytes flying over the screen and 5

seconds later I had the image file on my disc..

Sorry for that…. ;-)


We need to authenticate ourselves to read the personal data, including the profile picture. For this, the BAC, Basic Access Control, is applied.


MRZ-Information: P01234567377070762101015

SHA1: e1c4674e9b4cd94227ead2ce476c9578323513ac

Most significant 16 bytes: e1c4674e9b4cd94227ead2ce476c9578

KENC-Unhashed = e1c4674e9b4cd94227ead2ce476c957800000001

KMAC-Unhashed = e1c4674e9b4cd94227ead2ce476c957800000002

KENC-Hashed = 035ab2ef604a7e3bd0b9f8d62379679246e8d752

KMAC-Hashed = 9a22a2d608fb58362276fc42e9f431e12b4f67a7

KENC = 035ab2ef604a7e3bd0b9f8d623796792

KMAC = 9a22a2d608fb58362276fc42e9f431e1

As it turned out, I was overcomplicating things… There is a method on the PassPortService to supply a key:

With a little binwalk-magic I got Thumpers profile picture:


Solution of sunscan

To recover the photo from the password we need to make a BAC (Basic Access Control) against the ePassport and then read the DG (Data Group) 2 where the photo is located.

First we need to change the connect() method of the class HE17Terminal in HE17Terminal.java to connect to the correct server:

Then we need to modify the class JMRTDMain in JMRTDMain.java to read the ePassport using the jMRTD library:

and show the image using the method showImage():


Finally, we can scan the found QR code:

hacky easter 2017 summary - hacking-lab€¦ · points per hacker 12.32 13.31 19.17 19.22 perfect...

Documents