Return to Unfiction unforum
 a.r.g.b.b 
FAQ FAQ   Search Search 
 
Welcome!
New users, PLEASE read these forum guidelines. New posters, SEARCH before posting and read these rules before posting your killer new campaign. New players may also wish to peruse the ARG Player Tutorial.

All users must abide by the Terms of Service.
Website Restoration Project
This archiving project is a collaboration between Unfiction and Sean Stacey (SpaceBass), Brian Enigma (BrianEnigma), and Laura E. Hall (lehall) with
the Center for Immersive Arts.
Announcements
This is a static snapshot of the
Unfiction forums, as of
July 23, 2017.
This site is intended as an archive to chronicle the history of Alternate Reality Games.
  

The time now is Tue Nov 12, 2024 8:00 pm
All times are UTC - 4 (DST in action)		 View posts in this forum since last visit
View unanswered posts in this forum
Calendar
 Forum index » Diversions » Perplex City Puzzle Cards » PXC: Silver Puzzle Cards
[PUZZLE] #251 - Silver - The Thirteenth Labour - READ POST#1
Moderators: AnthraX101, bagsbee, BrianEnigma, cassandra, Giskard, lhall, Mikeyj, myf, poozle, RobMagus, xnbomb
View previous topicView next topic
Page 4 of 73 [1087 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6, ..., 71, 72, 73  Next
Author Message
t.w@
Greenhorn


Joined: 27 Feb 2006
Posts: 9
Location: Merseyside
hexDa3m0n wrote:

I may need some people to help me trawl through the results to see if anything decent comes back......


Shout out when/if you need any help - I always thought it might take about a day to run through, but a coupla weeks to check all the outputs. I'm sure everyone reading will help out as well...

PostPosted: Thu Mar 16, 2006 4:04 pm
 View user's profile
 Back to top 
hexDa3m0n
Boot

Joined: 15 Dec 2005
Posts: 60
Location: Lancaster, England

 		OK.

Have now got 28000+ files containing everything for block uppercase.
Will redo script for lowercase (it was easier to run seperate due to output!!!)

am trying to decide the best way to post these for download...I may be able to convince a friend to host them for me (zipped into batches of xxx outputs)

suggestions?

Hex

PostPosted: Fri Mar 17, 2006 12:09 pm
 View user's profile AIM Address MSN Messenger
 ICQ Number 
 Back to top 
t.w@
Greenhorn


Joined: 27 Feb 2006
Posts: 9
Location: Merseyside
Quote:
Have now got 28000+ files containing everything for block uppercase.


1. You've done all UCASE, now on LCASE. Are you also doing capitalisation?

2. I take it these files have been pre-sorted by Steve's script into likely files? If not, maybe we should, just to check all the likely files first. I'm betting it'll be ASCII anyway.

At this point, we're making some assumptions:
    Key is alphabetic only
    Key is a real word
    output will be text (ASCII)

If we're starting from this point, that should reduce the amount to check down to manageable proportions.

Or are we just going to check all of them anyway? Very Happy
If so, hosting and downloading in groups of XXX (with a simple list of who's downloaded what to check, plus confirmation) would be best.

Need any help with HTML? I'm not the best but I might be able to knock something up...

PostPosted: Sat Mar 18, 2006 8:58 am
 View user's profile
 Back to top 
hexDa3m0n
Boot

Joined: 15 Dec 2005
Posts: 60
Location: Lancaster, England

 		Just to check, are we assuming that the output will be text? I.E. some type of question? All of the decrypted txt files I have are around 1kb. Is there anything else it could be? (sound file? etc etc?)

Steve, what did your script actually test the output files for?

Hex

PostPosted: Sun Mar 19, 2006 5:42 pm
 View user's profile AIM Address MSN Messenger
 ICQ Number 
 Back to top 
chimera245
Decorated

Joined: 09 Mar 2006
Posts: 209

 		Organising . . .
I'm thinking about trying to organise this a bit more formally - but I don't want to tread on anyone's toes. If anyone else is already doing this - looks at t.w. who mentionned it earlier - let me know.

Assuming that we have the basic mechanism down pat - but are just trying to get the 8 byte key - could we not start organising a brute force effort?

If we allocate keys to willing clients - using a standard agreed solving utility - we can coordinate the results. I have been wondering if it is the organisation of *that* which is in actual fact the Herculean effort with this card.

If you lot don't have any objections - I'd like to start it.

I'm working on the ground rules but they would be essentially:

A) We use a standard cracking client, probably based on one already posted that can submit an easily readable output (e.g. tab delimited key tried/enumerated success/failure type)
B) Clients will pick up sets of keys allocated from a central DB and process them using the client from A) - location TBA [I *may* be able to host it]
C) Results posted to a central point, to be loaded into application managing them
D) Successful results get further farmed out for analysis

I'm still thinking on definition of success, the allocation algorithm and the character set.

FYI - I am aware of the magnitude of the numbers involved. Essentially, assuming a 36 character set there are potentially 2821109907456 potential combinations to try, for a 62 character set (mixed case) this rises to 218340105584896.

However, broken down into work units prioritised by appropriate rules (e.g. adjacent letter frequency for one), this should be a do-able task - albeit monumental.

I'll post more details if this forum thinks it is a *good* idea.

PostPosted: Mon Mar 20, 2006 1:25 am
 View user's profile Visit poster's website
 Back to top 
Jakeo
Decorated

Joined: 30 Aug 2005
Posts: 159
Location: Edinburgh

 		Re: Organising . . .
chimera245 wrote:

Assuming that we have the basic mechanism down pat - but are just trying to get the 8 byte key - could we not start organising a brute force effort?

If we allocate keys to willing clients - using a standard agreed solving utility - we can coordinate the results. I have been wondering if it is the organisation of *that* which is in actual fact the Herculean effort with this card.


This is exactly what needs to be done. I've been in contact with the distributed.net team to see if we could use their software to do this.

chimera245 wrote:

If you lot don't have any objections - I'd like to start it.

I'm working on the ground rules but they would be essentially:

A) We use a standard cracking client, probably based on one already posted that can submit an easily readable output (e.g. tab delimited key tried/enumerated success/failure type)
B) Clients will pick up sets of keys allocated from a central DB and process them using the client from A) - location TBA [I *may* be able to host it]
C) Results posted to a central point, to be loaded into application managing them
D) Successful results get further farmed out for analysis

I'm still thinking on definition of success, the allocation algorithm and the character set.


I've already thought most of that through, and here are the problems that occured to me when I thought about it.

A)
What exactly is our measure of success?
B)
What happens if the server is unavailable
How big are the work units.
What happens if a unit is downloaded but never processed
What sort of load would you expect
C)
Will the user know that his client has solved it
Do we want a way to track 'who' has a work unit related to their PXC account, so if anyone does enter a solve using the tool, we know which work unit they had

If you still want to work on this, I'm more than happy to help.

R

PostPosted: Mon Mar 20, 2006 4:44 am
 View user's profile
 Back to top 
chimera245
Decorated

Joined: 09 Mar 2006
Posts: 209

 		Re: Organising . . .
I'm still only starting on this, having gotten sort of keyed up to it earlier today on IRC.

I have heaps of database experience (I design em for a living - big ones), and some limited grid project experience - but not in this field - so if you have the relevant background it may be better for you to organise. I'm quite willing to help with what I can do in return.

I do know a whole bunch of peeps who do know a bit about the field (mainly in designing identity management systems) - I may be able to get them to help out if I throw em enough mars bars.

My answers to your questions would be:

Jakeo wrote:

A)
What exactly is our measure of success?
B)
What happens if the server is unavailable
How big are the work units.
What happens if a unit is downloaded but never processed
What sort of load would you expect
C)
Will the user know that his client has solved it
Do we want a way to track 'who' has a work unit related to their PXC account, so if anyone does enter a solve using the tool, we know which work unit they had

If you still want to work on this, I'm more than happy to help.

R


A) I am assuming that we are heading for some ASCII text string here - that is what most of the current clients seem to be aiming for. I would expect a LOT of false responses to a brute attack, so I am assuming the whole process will be in two phases:

(i) Identify target keys with first analysis
(ii) Evaluate target key responses

Obviously we are only starting (i) now

B) These questions are all pretty much linked. The size of the work units AFAIK is generally dictated by three factors which work against each other:

(i) likely Number of Clients available
(ii) acceptable duration of work on Client
(iii) availability of work unit assignment server

Assuming under our circumstances that (i) is going to be relatively low (ii) fairly high then (iii) becomes much less of an issue.

The downside of the above is the 'timeout' period for a work unit needs to be high. At the moment I don't have my scruffy mits on a working client so I can't identify the load - nor the likely throughput - though I am hoping it will be quite low.

C) I don't think (see my answer to A) that the Client will have solved anything in the first pass - it would simply have produced an ASCII text file rather than garbage out of source. Practically speaking, if the Client was producing only enough output that the Client user can evaluate it's success by hand - then our clients are too slow. We have after all got to get through a LOT of work

There is obviously plenty more to work out - but if we are going to do it this way (and I have a nagging suspicion that this is what we are supposed to do) then we need to get started.

PostPosted: Mon Mar 20, 2006 6:24 am
 View user's profile Visit poster's website
 Back to top 
Jakeo
Decorated

Joined: 30 Aug 2005
Posts: 159
Location: Edinburgh

 		I probably have some of the skills required, in that I am kind of a DB engineer, a software engineer, and also and IdM consultant (its a small firm Wink )

Unfortunately, I work almost exclusively in managed languages, so doubt that I could produce a slick optimised client. I know there are C and C++ programmers on these boards who might be tempted to help. Failing that we could nest the rccrypt executable in a perl wrapper. That I could probably handle.

On the other hand, like I said earlier I have been in touch with the d.net guys. I'd like to give them a chance to see if they come up with anything. They've got all the infrastructure in place that would make our lives a lot easier.

PostPosted: Mon Mar 20, 2006 6:46 am
 View user's profile
 Back to top 
Guin
Unfettered


Joined: 11 Jan 2006
Posts: 400
Location: Antartica

 		anything I can do let me know. I am happy to do anything if I can. If someone can set a clent up great. I have access to a number of PCs and am happy to plug away (I run Dnet client for RC72 and am happy to put that on hold while I do this card.)
_________________
So long and thanks for all the fish! Trout

PostPosted: Mon Mar 20, 2006 8:03 am
 View user's profile Visit poster's website AIM Address Yahoo Messenger MSN Messenger
 Back to top 
chimera245
Decorated

Joined: 09 Mar 2006
Posts: 209

 		If we can at all use their infrastructure - it would be a huge bonus - and that has to be our most favoured option.

As for our own client - it doesn't have to be that slick Smile. I would favour the .NET framework (probably C#) these days - as it would be easy to tie in to some Web Services running off a SQL Server back end. That way a lot of the infrastructure is simply hidden from you.

Essentially I *think* I have a working model for this - but it still only gets us part of the way. I spoke heavily about this on IRC earlier, and I am still willing to take the design further (I may knock up a working prototype as an intellectual exercise anyway) - but like you if we can leverage someone who already has the experience and the wherewithal - I'm all for that.

PostPosted: Mon Mar 20, 2006 9:53 am
 View user's profile Visit poster's website
 Back to top 
t.w@
Greenhorn


Joined: 27 Feb 2006
Posts: 9
Location: Merseyside
Quote:
I'm thinking about trying to organise this a bit more formally - but I don't want to tread on anyone's toes. If anyone else is already doing this - looks at t.w. who mentionned it earlier - let me know.

To be honest, everyone was talking about a brute attempt, but nothing was in the offing. I posted the list of 8-letter to words to kick it off, basically!

Add 1 PC to the cause - I'm in work all day and asleep all night, so I can leave mine processing anything you want for 12-16 hours a day!

My thinking on this was:
It isn't a guessable key - MC have made a point of saying that some kinds of card will require group effort, and this is one of them.
If it is a guessable key, it should be an 8-character word, so lets try *all* of them.

I'd certainly like to try all the 8-letter words first, simply to stop the continual guessing of likely keys - between us, I guess we've all tried 'Hercules' at least once - that's probably a coupla hundred attempts with no hope of success!

No toes stepped on, Chimera - please plough on - I'm right behind you.

Last thought - I'm also betting that the decrypted message will be a relatively simple question in ASCII. As such, first thing tomorrow, I'm going to try a few guesses to solve the card (e.g. Purple, 5, cows, that sort of thing). You never know..

PostPosted: Mon Mar 20, 2006 4:57 pm
 View user's profile
 Back to top 
chimera245
Decorated

Joined: 09 Mar 2006
Posts: 209

 		Requirements
OK, here is the back of an envelope specification for phase I of the crack attempt.

The assumptions are:

A) We are using Alphanumeric Keyphrases of 8 characters.
B) The Alphabet for the keyphrases is A-Z, a-z, 0-9, or 62 characters, there are thus 62^8 combinations to be tested
C) Success is deemed the production at the end of the decryption process of a valid ASCII text file

The basic design is thus:

(i) The total job is broken down into 14 million work units, each representing one of the combinations of the first 4 characters of the keyphrase.
These workunits will be stored in a SQL Server or similar database.
(ii) The work units will be pre-allocated a priority, based upon common english rules, e.g. AAAA would be lower priority than HELL
(iii) A Web service will be constructed that interfaces with the work unit database. This will have five calls:
RegisterClient,
DeRegisterClient,
GetWorkUnit,
CancelWorkUnit
CompleteWorkUnit.
(iv) A Client will be constructed, wrapping the decryption algorithm into a simple background service. This client will have the following functionality:
a) Register itself with the Work Units server
b) It will request a Workunit from the Work Units web service
b) It will process each of the 14 million combinations for the right hand 4 characters of the keyphrase
c) It will log any successes in those combinations
d) It should be able to perform all 14 million combinations in approx 10 CPUdays
e) On completion it will inform the Web Units web service of only those combinations that succeeded
f) It will have a cancel work unit option
(v) Periodically the Work Unit database will be trawled to extract the successfull combinations and pass them on to phase 2

Requirements are therefore:

(i) A suitable host for the Work Units Web Service and Database
(ii) Production of the suitably modified decryption client
(iii) Some discussion and agreement on the prioritisation of work-units
(iv) A suitable host for the Client Download

I am prepared to produce the Work Units Web Service and Database - assuming it is SQL Server/IIS/Wintel based. I *may* even host it - I am working on that but cannot guarantee at the moment.
Given an appropriate block of decryption code (either a DLL or code I can port), I can produce the client - though others would probably do a better job (I am a server side man at heart).

Phase II, the examination of the results will need to be considered.

Anyone have any strong reasons why this will *not* work?

PostPosted: Mon Mar 20, 2006 10:51 pm
 View user's profile Visit poster's website
 Back to top 
pheebs
Guest


 		if someone tells me exactly where to go and exactly what im supposed to type/do, i will most definitely leave my computer running 24/7 to help out if necessary!

PostPosted: Tue Mar 21, 2006 12:05 am
 Back to top 
chimera245
Decorated

Joined: 09 Mar 2006
Posts: 209

 		Also, has anyone been concatenating a list of what keys have already been tried.

There are various references in the original thread to people starting runs off and leaving them going . . .

PostPosted: Tue Mar 21, 2006 1:51 am
 View user's profile Visit poster's website
 Back to top 
hexDa3m0n
Boot

Joined: 15 Dec 2005
Posts: 60
Location: Lancaster, England
chimera245 wrote:
Also, has anyone been concatenating a list of what keys have already been tried.

There are various references in the original thread to people starting runs off and leaving them going . . .


i can provide output files for just under 60,000 proper words (29000 lowercase 29000 uppercase) zip file is 7 or 8 meg for each.....been testing them myself and have nearly finished.....

PostPosted: Tue Mar 21, 2006 3:31 am
 View user's profile AIM Address MSN Messenger
 ICQ Number 
 Back to top 
Display posts from previous:   Sort by:   
Page 4 of 73 [1087 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6, ..., 71, 72, 73  Next
View previous topicView next topic
 Forum index » Diversions » Perplex City Puzzle Cards » PXC: Silver Puzzle Cards
Jump to:  


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
You cannot post calendar events in this forum



Powered by phpBB © 2001, 2005 phpBB Group