Entering lipglosspartycocktail gives the egg with the QR code. .... Investigating the reverse-engineered Android app's c
Hacky Easter 2017 2
Summary PS, www.hacking-lab.com
Table of Contents Intro .............................................................................................................................. 6 Outro .................................................................................................................................................................... 6 Credits.................................................................................................................................................................. 6 Volunteers ........................................................................................................................................................... 6
Awards.......................................................................................................................... 7 Perfect Solvers ................................................................................................................................................... 7 Hacking-Lab Awards ......................................................................................................................................... 8
Statistics ...................................................................................................................... 9 General ................................................................................................................................................................ 9 Event Activity ...................................................................................................................................................... 9 Solutions per Egg ............................................................................................................................................ 10 Score Distribution ........................................................................................................................................... 10
Fun ..............................................................................................................................11 Images ............................................................................................................................................................... 11 1337 Submit...................................................................................................................................................... 12
Solutions ....................................................................................................................13 Teaser Challenge ............................................................................................................................................. 13 Challenge...................................................................................................................................................................................................................... 13 Solution of Seppel ...................................................................................................................................................................................................... 14 Solution of M................................................................................................................................................................................................................ 15
Egg 01 – Puzzle this! ........................................................................................................................................ 17 Challenge...................................................................................................................................................................................................................... 17 Solution of QuQuk...................................................................................................................................................................................................... 17 Solution of darkstar ................................................................................................................................................................................................... 17 Solution of ad0larb0ta0shi....................................................................................................................................................................................... 18 Solution of sunscan ................................................................................................................................................................................................... 19
Egg 02 – Lots of Dots ....................................................................................................................................... 20 Challenge...................................................................................................................................................................................................................... 20 Solution of brp64 ........................................................................................................................................................................................................ 20 Solution of trolli101 ................................................................................................................................................................................................... 20 Solution of muzido..................................................................................................................................................................................................... 21 Solution of sunscan ................................................................................................................................................................................................... 21
Egg 03 – Favourite Letters.............................................................................................................................. 22 Challenge...................................................................................................................................................................................................................... 22 Solution of ad0larb0ta0shi....................................................................................................................................................................................... 22 Solution of 1432 .......................................................................................................................................................................................................... 23 Solution of sym ........................................................................................................................................................................................................... 23 Solution of LlinksRechts ........................................................................................................................................................................................... 23 Solution of horst3000 ................................................................................................................................................................................................ 24
Egg 04 – Cool Car ............................................................................................................................................. 25 Challenge...................................................................................................................................................................................................................... 25 Solution of patrice...................................................................................................................................................................................................... 25 Solution of 1432 .......................................................................................................................................................................................................... 26
Hack Easter 2017 Summary
Page 2
Solution of Seppel ...................................................................................................................................................................................................... 26 Solution of remmer .................................................................................................................................................................................................... 27
Egg 05 – Key Strokes ....................................................................................................................................... 28 Challenge...................................................................................................................................................................................................................... 28 Solution of brp64 ........................................................................................................................................................................................................ 28 Solution of inik ............................................................................................................................................................................................................ 28 Solution of Dykcik ...................................................................................................................................................................................................... 28 Solution of TheVamp ................................................................................................................................................................................................. 28
Egg 06 – Message to Ken ................................................................................................................................ 29 Challenge...................................................................................................................................................................................................................... 29 Solution of Buge ......................................................................................................................................................................................................... 29 Solution of soundrh ................................................................................................................................................................................................... 30 Solution of jcel ............................................................................................................................................................................................................ 31 Solution of inik ............................................................................................................................................................................................................ 31
Egg 07 – Crypto for Rookies ........................................................................................................................... 32 Challenge...................................................................................................................................................................................................................... 32 Solution of evandrix ................................................................................................................................................................................................... 32 Solution of markie ...................................................................................................................................................................................................... 33 Solution of 1432 .......................................................................................................................................................................................................... 33 Solution of horst3000 ................................................................................................................................................................................................ 34
Egg 08 – Snd Mny ............................................................................................................................................. 35 Challenge...................................................................................................................................................................................................................... 35 Solution of sym ........................................................................................................................................................................................................... 35 Solution of trolli101 ................................................................................................................................................................................................... 36 Solution of Kiwi.Wolf ................................................................................................................................................................................................. 37 Solution of SOKala ..................................................................................................................................................................................................... 37 Solution of mcia.......................................................................................................................................................................................................... 38
Egg 09 – Microscope ....................................................................................................................................... 39 Challenge...................................................................................................................................................................................................................... 39 Solution of markie ...................................................................................................................................................................................................... 39 Solution of HomeSen ................................................................................................................................................................................................ 39 Solution of eash .......................................................................................................................................................................................................... 40 Solution of Seppel ...................................................................................................................................................................................................... 40
Egg 10 – An egg or not… ................................................................................................................................ 41 Challenge...................................................................................................................................................................................................................... 41 Solution of darkstar ................................................................................................................................................................................................... 41 Solution of patrice...................................................................................................................................................................................................... 42 Solution of LlinksRechts ........................................................................................................................................................................................... 42 Solution of remmer .................................................................................................................................................................................................... 42
Egg 11 – Tweaked Tweet................................................................................................................................ 43 Challenge...................................................................................................................................................................................................................... 43 Solution of sym ........................................................................................................................................................................................................... 43 Solution of jokker ....................................................................................................................................................................................................... 44 Solution of daubsi ...................................................................................................................................................................................................... 44 Solution of HaRdLoCk ............................................................................................................................................................................................... 45
Egg 12 – Once Upon a File ............................................................................................................................. 46 Challenge...................................................................................................................................................................................................................... 46 Solution of HomeSen ................................................................................................................................................................................................ 46 Solution of HaRdLoCk ............................................................................................................................................................................................... 47 Solution of mcia.......................................................................................................................................................................................................... 48 Solution of Dykcik ...................................................................................................................................................................................................... 48
Egg 13 – Lost the Thread ................................................................................................................................ 49 Challenge...................................................................................................................................................................................................................... 49 Solution of jamesdju ................................................................................................................................................................................................. 49 Solution of soundrh ................................................................................................................................................................................................... 50 Solution of SOKala ..................................................................................................................................................................................................... 51 Solution of Mitsch....................................................................................................................................................................................................... 51
Egg 14 – Shards ................................................................................................................................................ 53 Challenge...................................................................................................................................................................................................................... 53
Hack Easter 2017 Summary
Page 3
Solution of eash .......................................................................................................................................................................................................... 53 Solution of soundrh ................................................................................................................................................................................................... 53 Solution of sunscan ................................................................................................................................................................................................... 55 Solution of Buge ......................................................................................................................................................................................................... 55
Egg 15 –P Cap ................................................................................................................................................... 56 Challenge...................................................................................................................................................................................................................... 56 Solution of evandrix ................................................................................................................................................................................................... 56 Solution of eash .......................................................................................................................................................................................................... 56 Solution of remmer .................................................................................................................................................................................................... 57 Solution of kumaus.................................................................................................................................................................................................... 58
Egg 16 – Pathfinder ......................................................................................................................................... 59 Challenge...................................................................................................................................................................................................................... 59 Solution of darkstar ................................................................................................................................................................................................... 59 Solution of inik ............................................................................................................................................................................................................ 60 Solution of Morpheuz ................................................................................................................................................................................................ 61
Egg 17 – Monster Party ................................................................................................................................... 62 Challenge...................................................................................................................................................................................................................... 62 Solution of Bikey......................................................................................................................................................................................................... 63 Solution of Darkice..................................................................................................................................................................................................... 63 Solution of darkstar ................................................................................................................................................................................................... 64 Solution of jokker ....................................................................................................................................................................................................... 65
Egg 18 – Nitwit's Doormat Key ...................................................................................................................... 66 Challenge...................................................................................................................................................................................................................... 66 Solution of pyth0n33 ................................................................................................................................................................................................. 66 Solution of trolli101 ................................................................................................................................................................................................... 67 Solution of horst3000 ................................................................................................................................................................................................ 69 Solution of vitali .......................................................................................................................................................................................................... 70
Egg 19 – Disco Time ........................................................................................................................................ 71 Challenge...................................................................................................................................................................................................................... 71 Solution of muzido..................................................................................................................................................................................................... 71 Solution of HomeSen ................................................................................................................................................................................................ 71 Solution of mcia.......................................................................................................................................................................................................... 72 Solution of kumaus.................................................................................................................................................................................................... 72
Egg 20 – Spaghetti Hash ................................................................................................................................ 75 Challenge...................................................................................................................................................................................................................... 75 Solution of LlinksRechts ........................................................................................................................................................................................... 76 Solution of TheVamp ................................................................................................................................................................................................. 77 Solution of kumaus.................................................................................................................................................................................................... 79
Egg 21 – MonKey .............................................................................................................................................. 80 Challenge...................................................................................................................................................................................................................... 80 Solution of jamesdju ................................................................................................................................................................................................. 80 Solution of mcia.......................................................................................................................................................................................................... 81 Dolution of Morpheuz ............................................................................................................................................................................................... 83 Solution of HaRdLoCk ............................................................................................................................................................................................... 84
Egg 22 – Game, Set and Hash ....................................................................................................................... 85 Challenge...................................................................................................................................................................................................................... 85 Solution of Dykcik ...................................................................................................................................................................................................... 85 Solution of soundrh ................................................................................................................................................................................................... 86 Solution of Darkice..................................................................................................................................................................................................... 87 Solution of jcel ............................................................................................................................................................................................................ 87
Egg 23 – Lovely Vase ....................................................................................................................................... 88 Challenge...................................................................................................................................................................................................................... 88 Solution of SOKala ..................................................................................................................................................................................................... 88 Solution of Morpheuz ................................................................................................................................................................................................ 89 Solution of Darkice..................................................................................................................................................................................................... 90 Solution of jokker ....................................................................................................................................................................................................... 91
Egg 24 – Your Passport, please ..................................................................................................................... 92 Challenge...................................................................................................................................................................................................................... 92 Solution of daubsi ...................................................................................................................................................................................................... 92
Hack Easter 2017 Summary
Page 4
Solution of Morpheuz ................................................................................................................................................................................................ 93 Solution of sunscan ................................................................................................................................................................................................... 95
Hack Easter 2017 Summary
Page 5
Intro Outro Hacky Easter 2017 is over! It was a great and exciting competition. Again, 1'700 participants tried to solve the 24 challenges. Nine challenges were sent in by volunteers, a big thank you to them! For 2018, I already received a couple of challenges by volunteers again, and I have a lot of ideas myself. In case you want to implement one of the challenges, or if you have a good idea, let me know! Thank you and stay tuned for next year! PS
[email protected]
Credits Credits for the solutions go to (in alphabetical order): •
1432
•
Morpheuz
•
eash
•
muzido
•
Bikey
•
QuQuk
•
evandrix
•
patrice
•
Buge
•
S0Kala
•
horst3000
•
pyth0n33
•
Dykcik
•
Seppel
•
inik
•
remmer
•
HaRdLoCk
•
TheVamp
•
jamesdju
•
soundrh
•
HomeSen
•
ad0larb0ta0shi
•
jcel
•
sunscan
•
Kiwi.wolf
•
brp64
•
jokker
•
sym
•
LlinksRechts
•
arkice
•
kumaus
•
trolli101
•
M.
•
darkstar
•
markie
•
vitali
•
Mitsch
•
daubsi
•
mcia
Volunteers A big thank you to the volunteers who provided challenges (in alphabetical order): •
CoderKiwi
•
Goo9ping
•
inik
•
DeathsPirate
•
MaMe82
•
otaku
Hack Easter 2017 Summary
Page 6
Awards Perfect Solvers Congrats to the following 53 hackers who solved all Easter eggs (alphabetical order)! Well done!
Buge
TheVamp
CH1ll
Wheat1ey
kumaus
Darkice
__vulture__
m-e
DrSchottky
angelbot
manuelz120
Floxy
apox
marwin
FruFru
darkstar
mcia
HaRdLoCk
daubsi
opasieben
HomeSen
eash
otaku
LogicalOverflow
etvr
pjslf
Mitsch
evandrix
Morpheuz
explo1t
OBI QuQuk Retr0id ScaryFish1
power2100 remmer
faust
sunscan
h44z
thesiki24
horst3000
thsv
ikarus31415
tkabrt
Seppel
inik
Stefan244
jamesdju
Stjubit
jokker
Hack Easter 2017
k00g
trolli101 xdjibi
Page 7
Hacking-Lab Awards As usual, we've created awards in Hacking-Lab for this competition. You got one of them, in case you reached the following total scores (Easter eggs, write-up, and teaser challenge).
130 points
GOLD
110 points
SILVER
90 points
BRONZE
Your awards are shown on the profile page:
Statistics General Hackers Points total Points per hacker Perfect solvers Eggs solved Nations
2017 1'735 21'374 12.32 53 7'458 78
2016 2'154 28'672 13.31 54 10'050 104
2015 1’313 25’170 19.17 55 7’698 86
2014 728 13’992 19.22 4’140 -
Event Activity Number of hackers and solutions, growing with time.
Hack Easter 2017 Summary
Page 9
Solutions per Egg Number of solutions, per egg. Not much of a difference, between medium and hard eggs.
Score Distribution Number of users, for each possible score.
Hack Easter 2017 Summary
Page 10
Fun Images Found online and in solution documents provided.
In case you wondered what a bontebok and capybara are:
Hack Easter 2017 Summary
Page 11
1337 Submit TheVamp again demonstrated the "1337 way" of how to submit Easter eggs (check out the time of the egg submissions):
Hack Easter 2017 Summary
Page 12
Solutions Teaser Challenge Level: medium Solutions: 283 Author: PS
Challenge
Hack Easter 2017 Summary
Page 13
Solution of Seppel
Hack Easter 2017 Summary
Page 14
Solution of M.
Hack Easter 2017 Summary
Page 15
Hack Easter 2017 Summary
Page 16
Egg 01 – Puzzle this! Level: easy Solutions: 882 Author: PS
Challenge An easy one to start with.
(made with jqPuzzle)
Solution of QuQuk I used Snipping Tool and Photoshop to get the QR Code. Sorry, I hate puzzles.
Solution of darkstar For this challenge i used a Genetic Algorithm-Based Jigsaw-Puzzle Solver based on a paper from Dror Sholomon / Omid David / Nathan S. Netanyahu.
Hack Easter 2017 Summary
Page 17
Solution of ad0larb0ta0shi 1. Look into the Source code of challenge01.html. Find the "https://hackyeaster.hackinglab.com/hackyeaster/images/challenge/egg01_shuffled.png" Image which is randomly shuffled and save it locally. 2. Load Image in "Gimp" and place 7 horizontal + 7 vertical Guided Lines. Then apply "Filter > Web > Slice" to divide the Image in 64 Pieces an let Gimp automatically generate an HTML Page with Tiles. 3. Add some Magic Lines of Code from "http://www.webtoolbox.net/webtoolbox/dhtml/dragdrop/dhtml-dragdrop.htm" to the Gimp generated HTML "slice" Page 4. .
5. Now you can move the Tiles in a Way you want and solve the Puzzle to get the Egg No.1.
Hack Easter 2017 Summary
Page 18
Solution of sunscan To solve the challenge, shuffled image:
Then
we can recover
Hack Easter 2017 Summary
we create
a
the QR code solving
HTML
page using
the sliding
jqPuzzle and the
puzzle:
Page 19
Egg 02 – Lots of Dots Level: easy Solutions: 647 Author: PS
Challenge The dots in the following image contain a secret message. Can you find it?
(Click to enlarge)
Solution of brp64 Since it is a PNG that is driven by palettes, try to look at the palette in GIMP. Indeed, there are two levels with the same colour, changing one of them gives this picture:
Solution of trolli101 The dots picture looks a lot like those colorblind tests. When loading it into Stegsolve, see [1], we use the random color map function to color it an immediately notice the numbers:
When entering the numbers into the egg-o-matic one can get the egg.
Hack Easter 2017 Summary
Page 20
Solution of muzido -
I opened gimp. I noticed small dots that when using image zoom
-
Then I deleted the following colors by using (Tools → Selection Tools → By Color Select)
-
I found this image.
Solution of sunscan In the image dots.png there is a series of pixels of a different color:
•
Extract the red channel (our pixels will have a RGB value of (143,143,143));
•
Filter out everything that is not our pixels;
•
Detect the image edges;
•
Convert the image into negative to improve readability.
convert dots.png -channel R -separate -fuzz 70% +opaque "#000000" -edge 12 -negate result.png
And we obtain a numeric sequence:
Joining all the numbers we obtain the flag “705749361322842” that we can use to recover the egg.
Hack Easter 2017 Summary
Page 21
Egg 03 – Favourite Letters Level: easy Solutions: 802 Author: Goo9ping
Challenge Francesca's favourite letter is s Riley's favourite letter is o Ellie's favourite letter is a Vince's favourite letter is p Quintain's favourite letter is r Otto's favourite letter is i David's favourite letter is p Tom's favourite letter is l Paul's favourite letter is e Ulrich's favourite letter is y Henry's favourite letter is w Norman's favourite letter is h Louis' favourite letter is i Zane's favourite letter is s York's favourite letter is c Bob's favourite letter is h Meave's favourite letter is s Ian's favourite letter is o Sidney's favourite letter is g George's favourite letter is s Kitty's favourite letter is d Wilbert's favourite letter is h Adam's favourite letter is t Xander's favourite letter is i Callum's favourite letter is e Jack's favourite letter is r
Solution of ad0larb0ta0shi Notepad++: Edit > Line Operations > Sort Lines Lexicographically Ascending thepasswordishieroglyphics
Hack Easter 2017 Summary
Page 22
Solution of 1432 There are 26 names. Every name begins with another letter of the alphabet. So I just sorted the names alphabetically using Excel:
The message says "the password is hieroglyphics"
Solution of sym Sorted the names alphabetically and then printed the letter after the comma. Here is the PowerShell script I used:
thepasswordishieroglyphics
Solution of LlinksRechts Executing the command cat ch3|sort|awk '{print $5}'|tr -d '\n'
(sort by name, then take the favorite letter of each), resulted in the password thepasswordishieroglyphics .
Hack Easter 2017 Summary
Page 23
Solution of horst3000 Extract first and last letters, use first letter for alphabetical sorting soapripleywhischsogsdhtie thepasswordishieroglyphics –> hieroglyphics
Hack Easter 2017 Summary
Page 24
Egg 04 – Cool Car Level: easy Solutions: 481 Author: PS
Challenge Borat wants to impress the girls. Can you help him find a cool car for this purpose? The right car will make the Cool-o-Meter reach its full level.
Solution of patrice Opened the App on my Phone (Intex Aqua Fish) but I didn’t get what was needed... So I decompiled the App to see what was needed: some in='icolapxstvybjeruknfhqg;dzw>FAUTCYOLVJDZINQKSEHG send to "sndActivity" Afterwards I got my egg.
Solution of SOKala By reversing the android .apk package and checking the SndActivity class code, I found that it depends on android.intent.action.SEND intent. Also, I found that it must get a word with “c95259de1fd719814daef8f1dc4bd64f9d885ff0” SHA1 hash which is the word "money". So I have to share the word "money" with SndMnyAction to get the egg (After open the SndMnyAction activity).
Bingo!! The egg is here.
Hack Easter 2017 Summary
Page 37
Solution of mcia Not much information here. I again worked with the decompiled APK and went through the code. In one java class I found what was needed to solve this challenge. ps/hacking/hackyeaster/android/SndActivity.java
We need to send an android action.SEND intent as PLAIN_TEXT_TYPE containing a text which matches the sha1 hash “c95259de1fd719814daef8f1dc4bd64f9d885ff0”. Cracking the sha1 hash was easy as no salt was used. The needed text is “money”. We can send Android intents from the command line with ADB:
I solved this challenge with the following two commands:
Hack Easter 2017 Summary
Page 38
Egg 09 – Microscope Level: easy Solutions: 414 Author: PS
Challenge In order to see this easter egg, you have to look closely!
Solution of markie Opening the challenge shows a tiny egg with a qrcode on but it is too small to read. By luck, the browser lost internet connection when I tried to open this and gave me the URL: https://hackyeaster.hacking-lab.com/hackyeaster/challenge09_su5z47IoTT7.html Examining the source code reveals: src="images/challenge/egg09_fs0sYle2SN.png" which gives the egg: rcwuXWsHjUcU7BbOLC18
Solution of HomeSen Investigating the reverse-engineered Android app’s code gave away that the microscopically tiny image actually was retrieved via a URL, rather being stored that small inside the app itself:
Navigating to the correct URL and downloading the referenced image yielded egg #9 Hack Easter 2017 Summary
Page 39
Solution of eash I really don’t know if this was the right answer, but I will describe how I solved the challenge. Using my mobile I have clicked on the “Show Microscope” button, after I did the small egg print screen and send me the PS by email. The egg URL was enbibed in the image. Below is the HTML code.
Solution of Seppel
Hack Easter 2017 Summary
Page 40
Egg 10 – An egg or not… Level: medium Solutions: 233 Author: inik
Challenge ... an egg, that's the question!
Solution of darkstar This egg is an SVG file, but accidentally some coordinates were drawn twice with different colors. So the first used color per coordinate will be give the real egg.
Hack Easter 2017 Summary
Page 41
Solution of patrice Double entries for the same coordinates with different colors in the svg file? I sorted and extracted the first entries with the following command: ~$ cat aneggornot.svg | grep "
