Author Topic: What is that? (Read 15813 times)

GoneFishing · « **Reply #15 on:** March 12, 2014, 09:08:40 PM »

Did you see this ? :

Roundtrip · « **Reply #16 on:** March 12, 2014, 09:36:37 PM »

ok guys,
we finally got the solution. due to the running competition we can't tell you how we solved this but we want to thank Mark Russinovich. ;)

jj2007 · « **Reply #17 on:** March 12, 2014, 09:39:10 PM »

Quote from: vertograd on March 12, 2014, 09:08:40 PM

Did you see this ?

Yes. The ustar is the tar format magic. SecLab is a frequently used acronym, unfortunately.

Congrats to RoundTrip and your team :t
We are of course curious now ;-)

GoneFishing · « **Reply #18 on:** March 12, 2014, 09:47:54 PM »

Quote from: Roundtrip on March 12, 2014, 09:36:37 PM

ok guys,
we finally got the solution. due to the running competition we can't tell you how we solved this but we want to thank Mark Russinovich. ;)

Congratulations! Maybe later you'll tell us how you got it ?
Did Mark Russinovich help you personally or you used some of his utilities?

Roundtrip · « **Reply #19 on:** March 12, 2014, 09:55:41 PM »

i am going to release the solution after the end of the competition ;)
so stay calm and wait ;)

anunitu · « **Reply #20 on:** March 13, 2014, 11:20:48 AM »

What would the ID look like,perhaps like this.

00018CEB: xAccount: 499550439979-125084150537

Just did an ascii peek program and this stood out about in the middle of the file.

GoneFishing · « **Reply #21 on:** March 13, 2014, 07:48:42 PM »

As Roundtrip said they found the ID with Mark Russinovich' help
Now I understand that they used his 'STRINGS' utility :

Quote

>strings -a -n 12 account

Strings v2.1
Copyright (C) 1999-2003 Mark Russinovich
Systems Internals - www.sysinternals.com

xAccount: 499550439979-125084150537

We went wrong way from the very beginning .
Nice find, Anunitu :t

anunitu · « **Reply #22 on:** March 13, 2014, 09:42:20 PM »

I think that if this was a challenge,that they played the "hidden in plain sight gambit". I tend to always go from very simple to the complex. It may be that the complexity was a red herring. Seeing the file one would assume it must be complex,and therefore in need of a complex solution. Reminds me of a "College stupid" example.
When I was working(worked in a production mail facility) The problem was this,we had a mailing that was multiple pages depending on the addressee(this was a billing statement. Problem was determining the postage for each one. Now a manager tried to work the problem using Calculus because he was "collage stupid" and believed that was a valid way to attack the problem. The woman that worked the postage station just started stacking pages on the scale and noting when the postage changed,the simple common sense solution. So here the expectation was a complex solution when in fact it was simple.

If one is interested,the Peek program can be found here.

http://www.loramel.net/blender_minutes/peek/

xanatose · « **Reply #23 on:** November 15, 2015, 02:05:23 PM »

@anunitu
Thanks. Now I have a name for a condition I have being guilty of too many times.

"College Stupid"

When one finds the simpler solution after trying many over-complicated ones, one ends up feeling like "Homer Simpson" for a while.

The MASM Forum

News:

Author Topic: What is that? (Read 15813 times)

GoneFishing

Re: What is that?

Roundtrip

Re: What is that?

jj2007

Re: What is that?

GoneFishing

Re: What is that?

Roundtrip

Re: What is that?

anunitu

Re: What is that?

GoneFishing

Re: What is that?

anunitu

Re: What is that?

xanatose

Re: What is that?