Author Topic: What is that?  (Read 5809 times)

GoneFishing

  • Member
  • ****
  • Posts: 950
  • Gone fishing
Re: What is that?
« Reply #15 on: March 12, 2014, 09:08:40 PM »
Did you see this ? :
« Last Edit: September 18, 2015, 05:45:47 AM by GoneFishing »

Roundtrip

  • Guest
Re: What is that?
« Reply #16 on: March 12, 2014, 09:36:37 PM »
ok guys,
we finally got the solution. due to the running competition we can't tell you how we solved this but we want to thank Mark Russinovich. ;) 

jj2007

  • Member
  • *****
  • Posts: 7461
  • Assembler is fun ;-)
    • MasmBasic
Re: What is that?
« Reply #17 on: March 12, 2014, 09:39:10 PM »
Did you see this ?

Yes. The ustar is the tar format magic. SecLab is a frequently used acronym, unfortunately.

Congrats to RoundTrip and your team :t
We are of course curious now ;-)

GoneFishing

  • Member
  • ****
  • Posts: 950
  • Gone fishing
Re: What is that?
« Reply #18 on: March 12, 2014, 09:47:54 PM »
ok guys,
we finally got the solution. due to the running competition we can't tell you how we solved this but we want to thank Mark Russinovich. ;)

Congratulations! Maybe later you'll tell us how you got it ?
Did  Mark Russinovich help you personally or you used some of his utilities?

Roundtrip

  • Guest
Re: What is that?
« Reply #19 on: March 12, 2014, 09:55:41 PM »
i am going to release the solution after the end of the competition ;)
so stay calm and wait ;)

anunitu

  • Member
  • ****
  • Posts: 887
Re: What is that?
« Reply #20 on: March 13, 2014, 11:20:48 AM »
What would the ID look like,perhaps like this.

00018CEB: xAccount: 499550439979-125084150537

Just did an ascii peek program and this stood out about in the middle of the file.

GoneFishing

  • Member
  • ****
  • Posts: 950
  • Gone fishing
Re: What is that?
« Reply #21 on: March 13, 2014, 07:48:42 PM »
As Roundtrip said they found the ID with Mark Russinovich' help
Now I understand that they used his 'STRINGS' utility :
Quote
>strings -a  -n 12 account

Strings v2.1
Copyright (C) 1999-2003 Mark Russinovich
Systems Internals - www.sysinternals.com

xAccount: 499550439979-125084150537

We went wrong way  from the very beginning .
Nice find, Anunitu  :t


anunitu

  • Member
  • ****
  • Posts: 887
Re: What is that?
« Reply #22 on: March 13, 2014, 09:42:20 PM »
I think that if this was a challenge,that they played the "hidden in plain sight gambit". I tend to always go from very simple to the complex. It may be that the complexity was a red herring. Seeing the file one would assume it must be complex,and therefore in need of a complex solution. Reminds me of a "College stupid" example.
When I was working(worked in a production mail facility) The problem was this,we had a mailing that was multiple pages depending on the addressee(this was a billing statement. Problem was determining the postage for each one. Now a manager tried to work the problem using Calculus because he was "collage stupid" and believed that was a valid way to attack the problem. The woman that worked the postage station just started stacking pages on the scale and noting when the postage changed,the simple common sense solution. So here the expectation was a complex solution when in fact it was simple. 


If one is interested,the Peek program can be found here.

http://www.loramel.net/blender_minutes/peek/

xanatose

  • Member
  • ***
  • Posts: 370
Re: What is that?
« Reply #23 on: November 15, 2015, 02:05:23 PM »
@anunitu
Thanks. Now I have a name for a condition I have being guilty of too many times.

"College Stupid"

When one finds the simpler solution after trying many over-complicated ones, one ends up feeling like "Homer Simpson" for a while.