Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [wisdom http://codeseekah.com/cicada/wisdom CicadaOS : https://www.dropbox.com/s/r7sgeb5dtmzj14s/3301]
- [22:20] == MasterKey [5a23c576@gateway/web/freenode/ip.90.35.197.118] has joined #cicadaos
- [22:20] <@JustVisiting> Hola
- [22:20] == mode/#cicadaos [+o MasterKey] by JustVisiting
- [22:20] <@MasterKey> hey =)
- [22:20] == blackpit73 [~blackpit7@HSI-KBW-134-3-176-117.hsi14.kabel-badenwuerttemberg.de] has joined #cicadaos
- [22:20] <blackpit73> hi all
- [22:20] == mode/#cicadaos [+o blackpit73] by JustVisiting
- [22:20] <@MasterKey> hi !
- [22:20] <@JustVisiting> Hello. MK, BP. BP, MK.
- [22:20] <@JustVisiting> blackpit73, MK here has a VERY interesting idea.
- [22:21] <@JustVisiting> It's his, so I'll let him share.
- [22:21] <@blackpit73> ok, go ahead
- [22:21] <@MasterKey> I guess you remember the deciphered text on the second page
- [22:21] <@JustVisiting> We wanted to tell someone else, since we're stuck. That is, the idea is closer to what you can do than to what I can do.
- [22:21] <@MasterKey> Wisdom : bla bla bla an instruction command your own self
- [22:21] <@blackpit73> mk, yes i remember the text
- [22:22] <@MasterKey> Well I thought of a file which was is the Cicada OS from last year named wisdom
- [22:22] <@blackpit73> yeah, wisdom and folly
- [22:22] <@MasterKey> instruction and command made me thought a binary file
- [22:22] <@blackpit73> good
- [22:22] <@MasterKey> folly = wisdom actually
- [22:22] <@blackpit73> good
- [22:22] <@blackpit73> yes
- [22:23] <@MasterKey> the string of the onion has several bytes in common with wisdom
- [22:23] <@JustVisiting> I think soulseekah would be good for this too...
- [22:23] <@MasterKey> which leads to several null bytes when xoring
- [22:23] <@JustVisiting> Shall I engage him too?
- [22:23] <@blackpit73> sounds interesting!!!
- [22:23] <@MasterKey> JustVisiting: if he hasn't solved this yet why not =)
- [22:23] <@JustVisiting> LOL.
- [22:24] <@MasterKey> but still the issue I have right now is the length of the file
- [22:24] <@JustVisiting> Soulseekah, trebla, neferty and Lurker seem good at this type of thing.
- [22:24] <@blackpit73> i'll get these files
- [22:24] <@JustVisiting> CicadaOS is already on dropbox.
- [22:24] <@MasterKey> http://codeseekah.com/cicada/wisdom for wisdom
- [22:24] <@MasterKey> cicada os https://www.dropbox.com/s/r7sgeb5dtmzj14s/3301
- [22:24] <@JustVisiting> https://www.dropbox.com/s/r7sgeb5dtmzj14s/3301
- [22:24] <@JustVisiting> ^
- [22:25] <@MasterKey> wisdom is by far longer than all the onion strings combined
- [22:25] <@blackpit73> no, you forget the 7524 long file
- [22:25] <@MasterKey> maybe it has a link with the garbage from outguess which should be appended to it
- [22:25] <@blackpit73> I was analyzing this one and got one thing interesting
- [22:25] <@blackpit73> 7524 = 29*256+100
- [22:26] <@blackpit73> and I was looking at the file closer, and it seems the last 100 bytes have a very different entropy
- [22:26] <@blackpit73> all other parts before compress with about 9-10%
- [22:26] <@blackpit73> the last 100bytes compress to 21% --- very different
- [22:26] <@MasterKey> wow
- [22:26] <@MasterKey> indeed very different
- [22:26] <@blackpit73> I have the 3301_iso files here already, thanks
- [22:27] <@blackpit73> I just found that and wanted to look closer at this. but now the wisdom/folly looks very interesting too.
- [22:27] <@MasterKey> I still wonder if the other user account on the iso has a role in this
- [22:27] <@blackpit73> i xored about any file i could find from cicada, but not those files
- [22:28] <@MasterKey> the files in the DATA folder seem interesting
- [22:29] <@blackpit73> aberr empty file?!
- [22:29] <@MasterKey> yes i didn't understand this either
- [22:30] <@MasterKey> JustVisiting said something really inspired some minutes again : command your own self might mean command your OS thus asking for the root password
- [22:32] <@blackpit73> and then? it would have to start some file
- [22:32] <@blackpit73> 3301iso/
- [22:32] <@blackpit73> oops
- [22:32] <@blackpit73> root:x:0:0:root:/root:/usr/local/bin/cicada
- [22:32] <@MasterKey> the root password might be an onion url
- [22:32] <@blackpit73> if root is logged in, it starts /usr/local/bin/cicada
- [22:33] <@blackpit73> and cicada just does that prime number output from last year
- [22:33] <@MasterKey> that's right but it seems that the passwords for these account were not disclosed
- [22:33] <@MasterKey> users root and lp still have unknown passwords
- [22:34] <@blackpit73> no, they have NO password
- [22:34] <@blackpit73> root:*:13525:0:99999:7:::
- [22:34] <@blackpit73> lp:*:13510:0:99999:7:::
- [22:34] <@blackpit73> nobody:*:13509:0:99999:7:::
- [22:34] <@blackpit73> tc::13646:0:99999:7:::
- [22:34] <@MasterKey> oh. right
- [22:34] <@blackpit73> user tc can log in
- [22:34] <@MasterKey> my bad
- [22:35] <@MasterKey> i'm really dumb sometimes
- [22:35] <@blackpit73> no, dont worry
- [22:35] <@blackpit73> we all are dumb sumetimes ;)
- [22:36] <@blackpit73> which files did you xor that had many 00s?
- [22:36] <@MasterKey> xor the onion4 string with wisdom
- [22:37] <@JustVisiting> MK
- [22:37] <@blackpit73> 00000000: 00 4e 95 b8 55 50 7c 5b a4 a5 2b 88 98 54 f5 00 .N..UP|[..+..T..
- [22:37] <@blackpit73> 00000010: cb 1b 9a f2 29 bc 4b cb 64 cc f7 e3 e6 b9 72 03 ....).K.d.....r.
- [22:37] <@blackpit73> 00000020: 2a 0b b3 64 ad 1f 95 44 07 0a 18 ec 56 b5 b5 b2 *..d...D....V...
- [22:37] <@blackpit73> 00000030: 9d a5 35 ad 36 6a 5d d2 25 45 d2 15 eb 02 d7 35 ..5.6j].%E.....5
- [22:37] <@JustVisiting> what about ALL FOUR STRINGS?
- [22:37] <@MasterKey> four ?
- [22:37] <@MasterKey> i only have three
- [22:37] <@JustVisiting> O2, O3, O4 + Outguess
- [22:37] <@JustVisiting> Apparently there is an outguess string as wel.
- [22:37] <@JustVisiting> well.
- [22:37] <@JustVisiting> Let me ask masso.
- [22:37] <@MasterKey> i don't have it then
- [22:37] <@blackpit73> I tried all these files, I just added wisdom to my mega-xor-script
- [22:38] <@JustVisiting> Well, O2, O3, O4: http://pastebin.com/raw.php?i=qePehdKM
- [22:38] <@JustVisiting> Oh, OK.
- [22:38] <@JustVisiting> You have the outguess as well?
- [22:38] <@blackpit73> the outguess is the 7524 bytes file i told above
- [22:38] <@MasterKey> i have all of them but the outguess
- [22:39] <@MasterKey> then let's add the outguess
- [22:39] <@JustVisiting> 7524 bytes? 7KB? So small?
- [22:39] <@blackpit73> yes
- [22:39] <@blackpit73> MK: I added to outguess already
- [22:39] <@blackpit73> I can zip the results and send you, ok?
- [22:39] <@MasterKey> and so the results are ?
- [22:39] <@JustVisiting> So dead end with cicadaOS?
- [22:40] <@MasterKey> sure
- [22:40] <@blackpit73> I tried combinations of:
- [22:40] <@blackpit73> F1=../1_auqgnxjtvdbll3pv.onion/1033.jpg
- [22:40] <@blackpit73> F2=../0_twitter/zN4h51m.jpg
- [22:40] <@blackpit73> F3=../2_cu343l33nqaekrnw.onion/761.0.ipg
- [22:40] <@blackpit73> F4=../2_cu343l33nqaekrnw.onion/index_first.html.cut.bin
- [22:40] <@blackpit73> F5=../3_fv7lyucmeozzd5j4.onion/index.html-20140111-103033.cut.bin
- [22:40] <@blackpit73> F6=../3_fv7lyucmeozzd5j4.onion/next/onion3.html.cut.bin.0.rest.reverse.jpg.outguess
- [22:40] <@blackpit73> F7=../4_avowyfgl5lkzfj3n.onion/Bv6Pt5Td.txt.cut.bin
- [22:40] <@blackpit73> F8=3301iso/wisdom
- [22:40] <@blackpit73> C0=../3_fv7lyucmeozzd5j4.onion/xor/xor_ff.bin
- [22:40] <@blackpit73> C1=../3_fv7lyucmeozzd5j4.onion/xor/xor_1033.bin
- [22:40] <@JustVisiting> I'm afraid I'm not much help here, because i'm staring at the OS like a cat at the calendar: I don't really understand anything.
- [22:40] <@blackpit73> the C0 is a file with just 0xFF, so it's for XORing the file
- [22:42] <@JustVisiting> So what does this mean?
- [22:43] <@JustVisiting> You are a being unto yourself.
- [22:43] <@JustVisiting> You are a law unto yourself.
- [22:43] <@JustVisiting> Each intelligence is holy.
- [22:43] <@JustVisiting> For all that lives is holy.
- [22:44] <@blackpit73> MK: well I looked at those results with file and did not find any good hit. none of them is jpg or ascii or alike
- [22:44] <@MasterKey> no binary file either ?
- [22:44] <@MasterKey> with a PE or ELF header ?
- [22:44] <@blackpit73> well the result is always binary
- [22:44] <@blackpit73> no, no PE or ELF detection
- [22:44] <@JustVisiting> What I have is 22KB.
- [22:44] <@blackpit73> 86.xor: MPEG ADTS, layer I, v2, 176 kbps, 16 kHz, Stereo
- [22:44] <@JustVisiting> from the outguess. Not 7.
- [22:45] <@JustVisiting> http://pastebin.com/raw.php?i=TvSQ3E7i
- [22:45] <@JustVisiting> masso just provided me with it.
- [22:45] <@blackpit73> this is the only "detection", but the file is no MPEG of course
- [22:45] <@MasterKey> false positive indeed
- [22:45] <@JustVisiting> 176kbs is large enough for a sound file.
- [22:45] <@JustVisiting> Single channel
- [22:46] <@blackpit73> 00000000: 40 a4 79 d5 87 73 3d 7a 5a 12 f7 47 a2 fc 5c 85 @.y..s=zZ..G..\.
- [22:46] <@blackpit73> 00000010: 2c 15 bd 33 39 02 51 8a c9 f4 d7 88 f2 b7 6a 0a ,..39.Q.......j.
- [22:46] <@blackpit73> 00000020: f4 65 6f 0c 7f ed 1a c3 6a e2 76 87 20 38 8f 5b .eo.....j.v. 8.[
- [22:46] <@blackpit73> 00000030: fe ec 87 03 52 12 b7 cd 14 e4 0c ed 23 a3 66 3b ....R.......#.f;
- [22:46] <@blackpit73> yes, your pastebin is that 7k file
- [22:46] <@JustVisiting> So why do I get it to be 22K?
- [22:46] <@blackpit73> well you send a hexdump, I wrote it as binary file
- [22:46] <@JustVisiting> I wrote it as ASCII. Is that why?
- [22:46] <@blackpit73> yip
- [22:46] <@JustVisiting> Oh, yea!
- [22:46] <@JustVisiting> obviously hahaha
- [22:46] <@JustVisiting> LOL!
- [22:47] <@JustVisiting> Sorry, I only realised as I wrote "ASCII" that that's why.
- [22:47] <@blackpit73> but that interpretation command/instruction is very very good
- [22:47] <@JustVisiting> I am dumb sometimes. And I'm rusty.
- [22:47] <@blackpit73> command your OS (own self)
- [22:47] <@MasterKey> if you're interested I had another theory based on that
- [22:48] <@JustVisiting> Shoot, it's your game!
- [22:48] <@blackpit73> yes!
- [22:48] <@MasterKey> there is an actual computer architecture named epiphany
- [22:48] <@MasterKey> it exists in both 16 and 32 bits
- [22:48] <@MasterKey> and some parts of the onion string are actual instructions
- [22:49] <@MasterKey> it works even better considering a standard intel architecture
- [22:49] <@JustVisiting> What instructions are they?
- [22:49] <@JustVisiting> I knew I should've read that ASM book 15 years ago...
- [22:49] <@blackpit73> do you have a disasm?
- [22:49] <@MasterKey> http://onlinedisassembler.com/odaweb/#view/tab-assembly/offset/00000000
- [22:50] <@JustVisiting> Can that be coincidence?
- [22:50] <@MasterKey> just a hunch though
- [22:52] <@JustVisiting> Could those instructions be by pure coincidence?
- [22:52] <@JustVisiting> Have you tried the strings in reverse?
- [22:52] <@blackpit73> hm, i tried disassembling some of the outguessed files detected as 8086 file, and for some it looked like "real code" at first glance, but looking deeper it did not make any sense.
- [22:53] <@blackpit73> but of course that was before those words command/instruction/os, which really points in that direction
- [22:53] <@MasterKey> that is the main issue
- [22:53] <@JustVisiting> GUYS! Could those instructions be pure coincidence?
- [22:53] <@MasterKey> i tried with several xored files without success as well
- [22:53] <@blackpit73> i'll enhance my XOR-script and generate a bunch of xored files and zip them for you, ok=
- [22:53] <@blackpit73> i'll enhance my XOR-script and generate a bunch of xored files and zip them for you, ok?
- [22:53] <@JustVisiting> Calling MasterKey and blackpit73!
- [22:53] <@blackpit73> what?
- [22:54] <@JustVisiting> GUYS! Could those instructions be pure coincidence?
- [22:54] <@blackpit73> which instructions?
- [22:54] <@JustVisiting> The ones in ASM.
- [22:54] <@blackpit73> as for most plattforms, nearly all bytes are mapped to an assembler instruction, of course about any binary file can be disassembled
- [22:55] <@MasterKey> ^^this
- [22:55] <@blackpit73> the big question is, if the resulting code makes any sense
- [22:55] <@blackpit73> and this is not so easy to detect
- [22:55] <@JustVisiting> But can any binary file show clear instructions, like push, mov, pop and xor?
- [22:55] <@blackpit73> make a random file, dd if=/dev/random of=my_new.exe, and then disasm that. of course it will miss the PE/ELF header
- [22:56] <@blackpit73> yes, of course
- [22:56] <@JustVisiting> I got it.
- [22:56] <@JustVisiting> Thank you.
- [22:56] <@blackpit73> MOV, POP, XOR are just mnemonics for real numbers
- [22:56] <@JustVisiting> MasterKey, how private do you want this channel to be?
- [22:56] == mode/#cicadaos [+i] by JustVisiting
- [22:56] <@MasterKey> i don't care actually
- [22:56] <@blackpit73> example (just made out of my head!!): pop eax == 0xc1, pop ebx == 0xc2, ...
- [22:56] <@MasterKey> it's not my channel
- [22:56] <@JustVisiting> It's your idea.
- [22:57] <@JustVisiting> And it's nobody's channel
- [22:57] <@MasterKey> the more brain we have the better are our chances to find the answer
- [22:57] <@JustVisiting> OK.
- [22:57] <@MasterKey> brains*
- [22:58] <@blackpit73> will be back in 5min (smoking...)
- [22:58] <@blackpit73> but the instruction/command idea is great!!!!! very good, MK!!!
- [22:59] <@MasterKey> i'm doing what I can
- [22:59] <@MasterKey> it's not like i'm soulseekah or anything
- [22:59] == mode/#cicadaos [-i] by JustVisiting
- [23:00] == mdzhb [~mdzhb@unaffiliated/mdzhb] has joined #cicadaos
- [23:00] == mode/#cicadaos [+o mdzhb] by JustVisiting
- [23:00] <@MasterKey> more people coming in
- [23:01] <@JustVisiting> I told mdzhb your idea.
- [23:01] <@JustVisiting> I don't know what more to tell him cause this is over my head.
- [23:01] <@mdzhb> soo, i wasn't around previous years
- [23:01] <@mdzhb> but there was a leftover file apparently?
- [23:01] <@JustVisiting> Yes.
- [23:02] <@JustVisiting> http://codeseekah.com/cicada/wisdom OS is here.
- [23:02] <@MasterKey> that's wisdom file
- [23:02] <@MasterKey> OS is in dropbox =)
- [23:02] <@JustVisiting> https://www.dropbox.com/s/r7sgeb5dtmzj14s/3301
- [23:02] <@JustVisiting> Was on the phne.
- [23:02] <@JustVisiting> Saw htt and copied directly.
- [23:02] <@JustVisiting> Didn't bother to look further. :)
- [23:02] == MasterKey changed the topic of #cicadaos to: wisdom http://codeseekah.com/cicada/wisdom CicadaOS : https://www.dropbox.com/s/r7sgeb5dtmzj14s/3301
- [23:03] <@MasterKey> my point is the text tells us about wisdom : this file is still unused since last year
- [23:04] <@mdzhb> hmm
- [23:04] <@MasterKey> there are references to command and instructions = binary instructions might reference a binary file
- [23:04] <@mdzhb> apart from all the other loose ends
- [23:04] <@mdzhb> ! An Instruction ! Command your own self !
- [23:04] <@JustVisiting> And Command your Own Self
- [23:04] <@mdzhb> was about to say
- [23:04] <@mdzhb> heh
- [23:04] <@JustVisiting> Comand your OS .
- [23:05] <@MasterKey> interesting thing is that another file named folly is an exact copy of wisdom
- [23:05] <@MasterKey> it may have an interest for the next step
- [23:05] <@MasterKey> blackpit73 tried several xoring involving these files and the onions string and the outguess
- [23:06] <@MasterKey> so far nothing interesting
- [23:06] <@MasterKey> another lead was that those files might be a meaningful binary file
- [23:06] <@MasterKey> so far nothing interesting either
- [23:06] <@MasterKey> nevertheless a computer architecture named epiphany actually exist
- [23:06] <@MasterKey> so maybe it will matter in the end
- [23:07] <@mdzhb> hmm
- [23:08] <@mdzhb> ill grab the OS, seems interesting anyhow
- [23:08] <@mdzhb> hope we get one of those stages this year
- [23:08] <@mdzhb> that, and the global qr shenenigans
- [23:08] <@JustVisiting> OK, but until those stages...
- [23:08] <@JustVisiting> What do we do now?
- [23:08] <@JustVisiting> We have a blank hex code.
- [23:08] <@JustVisiting> 3 more blank hex codes
- [23:08] <@JustVisiting> An unsolved matrix.
- [23:08] <@JustVisiting> And that's it.
- [23:09] <@JustVisiting> Has anyone tried xor-ing the files in reverse against wisdom, MasterKey? I mean you or blackpit73.
- [23:09] <@MasterKey> actually I didn't
- [23:10] <@JustVisiting> Rev_hex XOR wisdom Rev_hex XOR Rev_wisdom sounds sensible to me.
- [23:12] <@blackpit73> back
- [23:12] <@blackpit73> yes, I xored all that
- [23:12] <@blackpit73> but without rev yet
- [23:12] <@blackpit73> will do that
- [23:17] <@JustVisiting> So, since everyone's silent, maybe this wasn't such a WOW idea? I'm simply asking because what I can do is throw ideas here and there, not much else in this respect, so lack of on-topic conversation = complete lockdown for me. :)
- [23:18] <@MasterKey> the fact is we tried a lot of things too
- [23:19] <@MasterKey> and until now nothing was discovered
- [23:20] <@MasterKey> plus it seems that the current trend is to solve the 5x5 matrix
- [23:20] <@JustVisiting> We have hex code that MUST be good for something.
- [23:21] <@JustVisiting> We have a byte, 57, which is alone, stranded and ignored.
- [23:21] <@JustVisiting> Which could point to something.
- [23:21] <@MasterKey> 57 is likely to be an error from what I heard
- [23:21] <@MasterKey> assuming that Cicada can do errors
- [23:24] <@JustVisiting> mdzhb, are you still with us?
- [23:25] <@mdzhb> yeah
- [23:26] <@blackpit73> xoring all files with reversing any would result in 6560 files.
- [23:26] <@mdzhb> the 57 thing.. i'd ignore that too
- [23:26] <@blackpit73> and all that XORed with 0xff doubles the result
- [23:26] <@JustVisiting> 6560? What?
- [23:26] <@JustVisiting> Xoring file_a with file_b doesn't simply give file_c?
- [23:27] <@blackpit73> JV: well if I calc all combinations
- [23:27] <@blackpit73> I have these files:
- [23:27] <@blackpit73> 1033.jpg
- [23:27] <@blackpit73> 3301iso_wisdom.bin
- [23:27] <@blackpit73> 761.0.ipg
- [23:27] <@blackpit73> onion2first.bin
- [23:27] <@blackpit73> onion3first.bin
- [23:27] <@blackpit73> onion3outguess.bin
- [23:27] <@blackpit73> onion4.bin
- [23:27] <@blackpit73> zN4h51m.jpg
- [23:27] <@JustVisiting> Why would you xor the outguess too?
- [23:27] <@JustVisiting> The image.
- [23:27] <@JustVisiting> That already served its purpose.
- [23:28] <@JustVisiting> Same for 1033 and 761 jpegs...no?
- [23:28] <@blackpit73> no, the outguess I mean was not used yet
- [23:28] <@blackpit73> it's that 7524 bytes file
- [23:29] <@blackpit73> does no one have that beside me?!
- [23:29] <@JustVisiting> One more connection to the previous rounds.
- [23:29] <@JustVisiting> http://www.gailgastfield.com/mhh/mhh.html
- [23:29] <@JustVisiting> The Marriage of Heaven and Hell was also used in round 1
- [23:31] <@MasterKey> true but right now it is based on a Journey Into Jung's Red Book
- [23:31] <@MasterKey> and it seems I can't find this book online for free
- [23:31] <@JustVisiting> I have that book at the corner bookshop.
- [23:31] <@JustVisiting> But it's friggin expensive. :)
- [23:32] <@MasterKey> are you sure it isn't Jung's Red Book instead ?
- [23:32] <@JustVisiting> Yes, that.
- [23:32] <@mdzhb> those guys know so much more about literature than i do
- [23:32] <@JustVisiting> Oh, Journey Into.
- [23:32] <@JustVisiting> Those guys = ?
- [23:32] <@mdzhb> cicada
- [23:32] <@JustVisiting> Oh.
- [23:32] <@MasterKey> they're good for sure
- [23:33] <@JustVisiting> But Jung's Red Book is Liber Novus
- [23:33] <@JustVisiting> And we're dealing with Liber Primus
- [23:33] <@MasterKey> but the question I ask myself is WHO wrote on the wiki that the book referenced was A journey into ...
- [23:33] <@JustVisiting> mdzhb, what do you make of cicadaos?
- [23:34] <@JustVisiting> It's true that a search for Liber Primus returns Jung.
- [23:34] <@MasterKey> liber primus is the first chapter of liber novus
- [23:34] <@MasterKey> it's actually in german but the english translation are not bad
- [23:35] <@JustVisiting> Oh.
- [23:35] <@JustVisiting> So how do we know that's the one?
- [23:35] <@MasterKey> I do'nt know.
- [23:36] <@MasterKey> you can't know the content of a journey into ... unless you own the book
- [23:36] <@MasterKey> i only found a 15% sample of the actual book
- [23:36] <@MasterKey> jung's red book is available for free but that one isn't
- [23:37] <@MasterKey> cicada is among us
- [23:38] <@JustVisiting> ?
- [23:40] <@JustVisiting> MasterKey, didn't you say at some point earlier that the bytes in the hex match the bytes in the wisdom file?
- [23:40] <@MasterKey> some of them do
- [23:41] <@MasterKey> thus creating a significant amount of null bytes when xoring
- [23:42] <@JustVisiting> If file1_byte_a is equal to file2_byte_a, result is a null in file3?
- [23:43] <@MasterKey> 0x00 byte
- [23:43] <@JustVisiting> Yes.
- [23:43] <@MasterKey> what's your point ?
- [23:45] <@JustVisiting> None.
- [23:49] * JustVisiting is annoyed.
- [23:49] <@JustVisiting> I don't know whether I should simply go to sleep or just sit and wait.
- [23:49] <@JustVisiting> Obviously nothing much I can do at this point.
- [23:50] <@JustVisiting> No cipher, no obscure reference, no arts = idle for me.
- [23:50] <@mdzhb> hmm OS is interesting
- [23:50] <@mdzhb> aberr is empty, weirdos
- [23:50] <@mdzhb> and they've used neither folly nor wisdom?
- [23:51] <@MasterKey> nope
- [23:57] <@JustVisiting> Where was cicadaos found?
- [23:57] <@MasterKey> on a dropbox
- [23:58] <@JustVisiting> Mhm.
- [00:00] <@JustVisiting> Ok, smoking my last cigarette.
- [00:00] <@JustVisiting> I doubt we'll come with anything WOW but... maybe tobacco hepls.
- [00:00] <@JustVisiting> helps.
- [00:03] <@JustVisiting> What about the two <head> and </head> ?
- [00:03] <@MasterKey> those are just html tags
- [00:03] <@JustVisiting> I know.
- [00:03] <@MasterKey> same for <hr>
- [00:03] <@JustVisiting> Could the three stitched together give a .htm file?
- [00:04] <@MasterKey> i don't understand what you want to do
- [00:04] <@JustVisiting> Those are bytes. Bytes make up files. Could our bytes make htm or html?
- [00:04] <@MasterKey> html are plaintext files
- [00:04] <@MasterKey> it doesn't matter what you put inside
- [00:05] <@MasterKey> there are no specific headers
- [00:05] <@JustVisiting> But viewed as hex they are not text files, are they?
- [00:05] <@JustVisiting> I mean plaintext files.
- [00:06] <@MasterKey> viewed in hex then you will see the codes for each character in the plaintext file
- [00:06] <@MasterKey> nothing more
- [00:09] <@JustVisiting> Mhm
- [00:15] <@blackpit73> ok, will upload a large mega_xor.zip now,
- [00:15] <@blackpit73> containing 2186 files generated by all current binaries xoring them together in all permutations
- [00:16] <@blackpit73> with each file either: ignored, xored or the reverse xored
- [00:16] <@MasterKey> that's nice
- [00:16] <@blackpit73> and one of the files included is ff.bin, that is a file containing only 0xFF, i.e. XORing the complete result
- [00:16] <@JustVisiting> Uh...
- [00:17] <@blackpit73> the ZIP is 63MB... so have a lot of fun analyzing the hell out of it -- but when that is done, we can surely say that file-xoring does not deliver results
- [00:17] <@blackpit73> or maybe we find the jackpot ;-)
- [00:18] <@MasterKey> at least a theory will be definitely proved wrong
- [00:18] <@MasterKey> or right
- [00:18] <@blackpit73> btw I started cicadaOs, analyzed the filesystem, watched the network while booting up. it only sends DHCP requests, nothing else
- [00:19] <@MasterKey> it's unlikely that cicada will install backdoors in such systems
- [00:19] <@MasterKey> unless it's a honeypot
- [00:22] <@JustVisiting> Someone say something wise.
- [00:22] <@MasterKey> command your own self
- [00:22] <@MasterKey> it's some wisdom
- [00:22] <@JustVisiting> Command prompt. OS.
- [00:24] <@blackpit73> mk: well anyone starting that 3301.iso would be wise enough to do that in separated environment (VirtualBox or alike), hopefully?? :-)
- [00:25] <@JustVisiting> I did it in a VM.
- [00:25] <@blackpit73> https://www.dropbox.com/s/o4kaxnyoumd46p6/mega_xor.zip
- [00:25] <@blackpit73> i'll post that to #cicadasolvers as well, ok?
- [00:25] <@JustVisiting> Aight.
- [00:25] <@blackpit73> or would you like to try here first?
- [00:25] <@MasterKey> sure go ahead
- [00:25] <@JustVisiting> XORing doesn't seem to be the key for anything until now.
- [00:26] <@JustVisiting> Brute-force was just the RSA. The rest was logic.
- [00:29] <@JustVisiting> I wonder what the others are up to
- [00:29] <@JustVisiting> Not the ones in solvers.
- [00:29] <@JustVisiting> The ones QUIET in solvers.
- [00:30] <@blackpit73> gotta go now
- [00:30] <@JustVisiting> Good night.
- [00:30] <@JustVisiting> i should too.
- [00:30] <@blackpit73> tomorrow I will be quite busy in job, unfortunately :-( but reach me at blackpit73@gmail if you have questions
- [00:30] <@blackpit73> c u
- [00:31] <@JustVisiting> Cu!
- [00:31] == blackpit73 has changed nick to blackpit73_away
- [00:34] <@MasterKey> see ya !
- [00:38] == blackpit73_away [~blackpit7@HSI-KBW-134-3-176-117.hsi14.kabel-badenwuerttemberg.de] has quit [Quit: HydraIRC -> http://www.hydrairc.com <- Nine out of ten l33t h4x0rz prefer it]
- @JustVisiting@MasterKey@mdzhb
Add Comment
Please, Sign In to add comment