From the Canyon Edge -- :-Dustin

Tuesday, January 20, 2009

Daemon Challenge 3: How efficient are you? -- UPDATED!

As described in previously in my blog, this is the final of three Daemon Challenges.

The first person to complete this challenge will be named the "winner" of this challenge, and will receive a hardback copy of Daemon by Daniel Suarez. Anyone else who completes the challenge successfully, but is not named the "winner" will earn mention here in my blog.

Daemon Challenge 3: How efficient are you?

  1. Run the Ubuntu Intrepid Ibex (8.10) Linux distribution somewhere.
  2. Download the materials:
    • challenge_3.txt - eCryptfs underlying data
      • encrypted using eCryptfs, a passphrase key, the AES cipher, and 16 key bytes
    • wrapped-passphrase - an eCryptfs wrapped passphrase file
      • the mount passphrase inside is 128-bits of random data, symmetrically encrypted using a wrapping passphrase and the standard eCryptfs salt
    • shadow - an md5sum passphrase hash
      UPDATED: The original shadow file I gave was INCORRECT. I inadvertently generated this by passing the passphrase PLUS the carriage return to md5sum. Tisk tisk tisk. I'm SO sorry. I have uploaded an updated shadow file to that link. My apologies for the confusion.
      This UPDATED, CORRECT hash was generated by stripping the trailing carriage return, using:
      echo -n "$PASSPHRASE" | md5sum -
    • HINT: Given this password hash, you may crack the wrapping password, using john-the-ripper, or a similar tool. Or, if you want to brute-force attack the wrapped-passphrase, it may be helpful to know that it is exactly 4 alphanumeric characters. You may want to refer to the solution of Challenge 2.
    • HINT: You will need to set up GPG email encryption in order to submit your answer. See:
  3. Your goal is to solve the riddle and precisely follow the instructions in the decoded challenge_3.txt file to submit your answer.

Good luck,