Here is a challenge by AIVD (General Intelligence and Security Service of the Netherlands):
https://www.aivd.nl/organisatie/eenheden/nationaal-bureau/nieuws/aivd-cyber-challenge/

I won't say anything else because I think it's not fair, but I encourage you to give it a try! It's a nice challenge btw, and I would like to see much more like this one! And yes, it's possible to decrypt the ENCrypted file

Have phun!

OK, this is really tough. Getting the 4 zip files was easy.

The password for the crypt.exe zip has been given away in other threads. I suppose that guessing that password is "easy" in that it was a character name in the movie depicted in the jpg file. However for me that isn't easy at all because I'd never seen the movie or recognized the scene. It was at this point I unfortunately lost interest because instead of being a pure reverse engineering challenge, that step seemed to require "cultural" knowledge, or, barring that knowledge or the desire to waste time on that approach, a brute force password cracker was necessary.

I may have lost interest in spending hours on solving this, but it's still interesting. Not that I was specifically looking, but I found code for a password cracker for the crypt.exe / n.zip.enc file on pastebin. Crypt.exe can both encrypt and decrypt a test file. Making use of the '-e' switch, it comes up with a password which gives a 'decryption suceeded' message on the n.zip.enc file.

However, the password it comes up with is not the real valid one. I also see that several other passwords are possible, but I don't believe any of them are correct either. At this point I *think* that the decrypted .enc file must be a valid PK file. One easy clue to that (other than the name) is the fact that there was no compression size change from when it was in its original zip form. Easy enough to modify the code to check that a valid PK header is being generated, but I haven't done that yet.

There's also chatter (some of it in Dutch) that there may also be further steganographic info in some of the other jpg files.

At this point I'll keep working on the n.zip.enc file and see if it exposes something more interesting than movie trivia. More likely I'll just wait for the final results.

>https://www.aivd.nl/organisatie/eenheden/nationaal-bureau/nieuws/aivd-cyber-challenge/

really speed =)

"Fout op server"

Kayaker: You didn't see "War games"? I think you should, it's a nice movie from the '80s

I really think that the *simple* password has been used for those who are not movie-addicted because a dictionary brute force approach will give you the right password in few seconds.

Your idea on a possible attack is right, byte-guessing is the way I did follow and the zip format will help you a lot. You only have to figure out the *right* algorithm behind the encryption/decryption system


FoxB: I have seen they have the needed solutions, I think they don't need that page anymore