The Return Of Venona

[+atc]

The password is OEDSUAL, LAUSDEO spelled backward. Here are the contents of the file:

 

Hash: MD5

Hash Order: Salt.Password.Input

Test Salt: C8DB95C2

Test Password: PASSWORD

Test Input: TESTING

Test Hash: D3C18B757DDBE874910144BE63075740

Meeting Date: 60th anniversary of message listing atomic scientists + 1 day.

Date Format: "DD-MM-YYYY"

Time Format: "HH:MM PST"

Time Password: Meeting Date

Time Salt: 3C5167CE

Time Hash: B454BB41B2894B00D72BDAD437E280A6

Latitude Format: "N DD MM.MMM"

Latitude Password: Hungarian

Latitude Salt: 32E6C777

Latitude Hash: D54EFA60909C3A998C668ABA7F2B9098

Longitude Format: "W DDD MM.MMM"

Longitude Password: Lab Namesake's Invention

Longitude Salt: 85E09772

Longitude Hash: 45DFD55579CA547011D415488C6A82A4

Equipment: Night equipment.

[+Nazgul]

"Lab Namesake's Invention" may be the cyclotron, invented by E.O. Lawrence, who has two labs (Livermore and Berkeley) named after him.

[+WAAS-up]

Meeting Date: 60th anniversary of message listing atomic scientists + 1 day.

This is Verbatim from the decrypted file. So you figured out the password right away?

[Venona]

LAMNETH EVIL GENIUS. WE WATCHING HIM EVERY TIME.

[+atc]

Meeting Date: 60th anniversary of message listing atomic scientists + 1 day.

This is Verbatim from the decrypted file. So you figured out the password right away?

Maybe Lamneth is now a "Double Agent"!

[+WAAS-up]

OK, I'll ask some dumb questions for the next stage:

 

Based on my 20 minute knowledge of MD5 hashes I'm guessing we will have to guess to the Input (time, lat, long) too see if it calcuates the correct Hash value since they are one way. That is, there is no way to go from the hash value back to the input.

 

Also does any one know of a Windows (GUI or command line) executable that will work with the data inputs we where provided? I saw dozens to hundreds of code samples and binaries but did not see one that jumped out as directly suitable in terms of: enter salt here, input plaintext, enter password, then calculate hash value.

 

The inputs are fairly constrained in terms of valid values (i.e. HH:MM approx 1.4k possiblities -- less because of night equipment requirement) and coordinate ranges are safe to assume in bay area CA.

[+atc]

The clue "Hungarian" could be Leo Szilard, one of the scientists that worked on the atom bomb.

 

For this stage, it looks like we need to guess two parameters: the password and the required numbers (coordinates, etc). Then generate the hash and compare against the listed hash. Even if we get the password correctly, still need to guess the numbers. Writing a software to brute-force the numbers with a given password is one approach. If anyone is familiar with Windows programming, there is Wincrypt API which might have the needed functions.

[+fizzymagic]

Hmm... suspiciously quiet.

 

This information may be useful.

[+TeamJiffy]

I actually have some time free!

 

I've modified an implementation of MD5 to get the test example shown to produce the hash shown.

 

Now I am going to try to get the other values.

 

-Jif

[+TeamJiffy]

MD5 ("CYCLOTRONW 121 43.573") = 45dfd55579ca547011d415488c6a82a4

[+TeamJiffy]

The memo for the scientists was Dec 2, 1944. So that would mean December 3rd, adding a date.

Edited November 19, 2004 by TeamJiffy

[+TeamJiffy]

MD5 ("03-12-200420:00 PST") = b454bb41b2894b00d72bdad437e280a6

[+TeamJiffy]

MD5 ("TELLERN 37 41.068") = d54efa60909c3a998c668aba7f2b9098

[+Nazgul]

Big Trees Park in Livermore... Or perhaps it should be known as "Big Mutant Trees park" since I found this while looking up the park online:

 

"In Livermore's Big Trees Park, less than a mile from the Lab, plutonium was found in the top two inches of dirt... A Big Trees soil sample contained up to 1,000 times the plutonium that would normally be expected, according to CARE's last study. The Lab admits that it is the source of contamination." (That's still below EPA health concern levels.)

 

Wear your lead undies just in case.

[+atc]

Excellent crack, Jif! The coordinate doesn't seem to have any geocache within 1/2 mile, although there could be some puzzle caches nearby. May be we can install a webcam cache here to monitor any suspicious activities between now and the "meeting date"

[+TeamJiffy]

Here's how getting past the MD5 worked...

 

1) Take the SALT that was specified... but as a BINARY NUMBER of 4-bytes, not an eight-character hex string. (i.e., translate it to binary representation)

 

2) Append, (with nothing in between them) the "password", and then the text string, using the formatting conventions specified in the note.

 

3) Input this as the "string" or "byte sequence" to be handled by the MD5 program.

 

Because you have to input the binary string, it would not be possible to do this from a command line, or entering the stuff by hand on a web page. You need to be able to specify the "salt" in a binary, not ASCII, representation.

 

After that, it was a simple brute force to get longitude (try all in 121 and 122 longitude), given the cyclotron answer, and latitude (try all in 37) given the TELLER answer... I actually tried every scientist in the memo, and had my program loop through all of them. The date I got from the clue, and the time of day was brute force again.

 

I don't know an easy way to do this (an existing program to put the "salt" in exactly the right place), other than by modifying existing MD5 code from somewhere.

 

-Jif

[+Green Achers]

Big Trees Park in Livermore... Or perhaps it should be known as "Big Mutant Trees park" since I found this while looking up the park online:

 

"In Livermore's Big Trees Park, less than a mile from the Lab, plutonium was found in the top two inches of dirt... A Big Trees soil sample contained up to 1,000 times the plutonium that would normally be expected, according to CARE's last study. The Lab admits that it is the source of contamination." (That's still below EPA health concern levels.)

 

Wear your lead undies just in case.

Do you think we'll be safe there? A ''1,000 times the plutonium that would normally be expected?'' What if your expectations are high?? A thousand times that is a lot! I'm not sure about this.

[+Wacka]

It's safe! I looked for a Fizzy cache there last December (It was missing and later archived).

[+Nazgul]

A ''1,000 times the plutonium that would normally be expected?'' What if your expectations are high?? A thousand times that is a lot!  I'm not sure about this.  

 

And a big thanks to TeamJiffy for solving that last bit. If it had been left to me we would have been lucky to have been there for the centennial anniversary of all this.

It could be an alarmist trick. After all I expect the plutonium levels in any given park to be zero, and a thousand times that is still nothing.

 

It's safe! I looked for a Fizzy cache there last December (It was missing and later archived).

 

Yeah, missing because it sprouted 17 green legs and crawled off by itself! And look at the source - a squirrel with a rocket launcher!

 

But seriously.... I'm looking forward to the 3rd.

[+WAAS-up]

Here's how getting past the MD5 worked...

Wow, nice work TeamJiffy! Thanks for taking the time to explain the process to us.

[+Green Achers]

A ''1,000 times the plutonium that would normally be expected?'' What if your expectations are high?? A thousand times that is a lot!  I'm not sure about this.  

 

And a big thanks to TeamJiffy for solving that last bit. If it had been left to me we would have been lucky to have been there for the centennial anniversary of all this.

It could be an alarmist trick. After all I expect the plutonium levels in any given park to be zero, and a thousand times that is still nothing.

 

It's safe! I looked for a Fizzy cache there last December (It was missing and later archived).

 

Yeah, missing because it sprouted 17 green legs and crawled off by itself! And look at the source - a squirrel with a rocket launcher!

 

But seriously.... I'm looking forward to the 3rd.

Oh, ya. I'm looking forward to the meeting as well as I had to miss the last time Vinona was caught! Guess I'll take my chances at the deadly plutonium park this time. But if I start glowing... I'm never going to forgive you.

[+Lamneth]

Great job guys! We're on the verge of rescuing the FTF! Bug from the grubby clutches of Venona.

 

I'm not submitting an Event Cache listing. This gathering doesn't fall within the guidelines for an Event (and it's a clandestine operation anyway ). But don't worry; this Topic will remain open, so anyone who doesn't make it to the rendezvous will be filled in with all the details (eventually... and with lots of blacked-out text).

 

Thanks to everyone who contributed to this forum.

[+The Rat]

I doubt the Counterintelligence Squad can make it. If Slobinovich shows up, arrest him. This operation is obviously in good hands with the current manpower. I'll expect a written report .

[+Marky]

It's safe! I looked for a Fizzy cache there last December (It was missing and later archived).

Hmm, it seems to me that since you went to this cache site, you have lost a lot of weight. I would go see a doctor immediately. Radiation sickness is serious! I don't see any of us losing weight.

 

--Marky

[+Wacka]

[+Green Achers]

Funny that I've never hunted any Geocache in that park but I have been Geocaching there. Now I'm wondering which FizzyPuzzle I didn't solve before it's demise.

 

(Wacka @ Nov 19 2004, 05:56 PM)

 

It's safe! I looked for a Fizzy cache there last December (It was missing and later archived).

[+TeamTek]

Now that it's over dose any one mind to explain what this all means. I didn't want to ask while u guys were trying to figure out cause you were all so into it I thought I might get my head shot off.

[+The Rat]

Now that it's over dose any one mind to explain what this all means. I didn't want to ask while u guys were trying to figure out cause you were all so into it I thought I might get my head shot off.

Over dose? Now there's a Freudian typo. Yeah, Venona, the Soviet spy reincarnated set forth a number of secret communication tasks in a sort of online multi-puzzle/event cache. The meeting place is Big Trees Park in Livermore at 8:00 pm on December 3rd (03-12-200420:00 PST) to "hash" over the fun and games/ work in breaking all the codes and passwords. Pun intended. Fun also. Probably won't make it.

[+Marky]

Probably won't make it.

Can we enlist you for "phone-a-friend" services?

 

--Marky

[Venona]

WE VERY NOT HAPPY FOR THE RAT NOT COMING TO MEETING. WE HAVE SPECIAL GIFT OF CYANIDE CANDY FOR COUNTERINTELLIGENCE GROUP. WE ARE PLEASING ASK FOR COMING.

[+The Rat]

WE VERY NOT HAPPY FOR THE RAT NOT COMING TO MEETING.  WE HAVE SPECIAL GIFT OF CYANIDE CANDY FOR COUNTERINTELLIGENCE GROUP.  WE ARE PLEASING ASK FOR COMING.

We are touched. (... in the head as our grandmother used to say.) That's a very busy work day, cavil, cavil, whine, whine, etc. etc. but I will see what I can do. There's a chance I can make it. No promises.

[Inconnu]

Looks like zero hour is approaching (well zero hour plus three for the right coast). Please be sure to keep the east posted on developments. Much thanks.

[+Marky]

Looks like zero hour is approaching (well zero hour plus three for the right coast). Please be sure to keep the east posted on developments. Much thanks.

Actually, it's tomorrow at 8:00pm, so don't start holding your breath too early.

 

--Marky

[+Nazgul]

Hey Marky, are you going to be there? Maybe you could make it fun for the folks who can't attend by posting frequent updates here via your Sidekick. They might enjoy the ongoing commentary. ("We're waiting in the dark for the contact to arrive. It's bitterly cold. Wait, a dark figure approaches. He's has something in his hand but I can't tell what it is yet...")

[+GeoBrowns]

I have been following and enjoying this from the beginning (although most is WAY over my head!) and would love update commentary!

[+budd-rdc]

Is SF2062's recent activity in any way related to the return of Venona?

[+Marky]

Is SF2062's recent activity in any way related to the return of Venona?

Quite possibly, although I don't think they are on the same side.

 

I am posting this from my phone, so I should be able to post entries here tomorrow evening.

 

--Marky

[+Marky]

2:22pm - I guess the forum forgot to fall back. It seems like the posting times are off (unless, for some reason they are showing a different time zone.) Posting to this forum on my phone is more of a pain than posting a log entry on a cache page. I wonder if there will be a cache page that I could post to, instead of this thread. My posts seem to work, but the request times out sometimes and I can't tell if it actually succeeded.

 

--Marky

[+Marky]

2:22pm - I guess the forum forgot to fall back.

Oh, I see now that you have to manually set your daylight savings mode in the board prefs. How lame.

 

--Marky

[+Green Achers]

Is SF2062's recent activity in any way related to the return of Venona?

Sorry but SF2062 doesn't appear to have left any tracks. No forum posts, no pictures, no finds, no caches,... three travel bugs. I've seen more activity in an empty mortuary. Care to share??

 

BTW Marky, I found a trick to minimize the mobile web time... I change the URL to start looking at the forum at a given posting. As you know, each posted message is numbered and you can jump past older messages without waiting for the page (groups of 50 postings) to turn. This is the 189th post of this thread so the URL would be http://forums.Groundspeak.com/GC/index.php...ic=83776&st=189

 

Now, about SF2062's activity... You mean this activity?

Edited December 3, 2004 by Green Achers

[+Nazgul]

Just noticed the new appropriately-named Venona cache: Dead Drop 238.

[+Marky]

BTW Marky, I found a trick to minimize the mobile web time...  I change the URL to ...

That's not the problem, the problem is that when I post to the forum, 90% of the time I get a timeout error, even though the post makes it through.

 

Just noticed the new appropriately-named Venona cache: Dead Drop 238.

I'm going to post updates to this cache, instead of the forum. Please place this cache on your watch list if you want to get updates.

 

--Marky

[+Nazgul]

Be careful if you've gotten the coords for that new venona cache, the coords have changed since I posted the note about it (lat/long ended in .877', .122' but now are .867', .129').

[+fizzymagic]

A message I received from Venona:

 

IS FOR NOW USELESS COORDINATES. CACHE DISABLED. MUST BE ARRIVING TOMORROW NIGHT FOR ACTIVITIES.

 

LATER COORDINATES MEANING SOMETHING. NOT WILL CHANGE.

 

In other words, I wouldn't go racing out to those coordinates in hopes of being FTF a cache.

Edited December 3, 2004 by fizzymagic

[+Nazgul]

I wouldn't either, although some might. Mostly I wanted to warn people that had already downloaded the coords into their GPSr, like I had, that they should update them if needed.

[+Woof!]

I left 2 hours and 15 minutes to get from SF to the drop point. My plans were foiled by a self-destruct attempt on the Bay Bridge. It took an hour and 15 minutes to go three miles, and I hadn't even gotten out of the city yet. I decided to retreat. Perhaps Venona was tipped about my attempts to join the counterintelligence group?

 

I'm totally disappointed, having wasted 2:15 of my time in traffic, and for missing the great Venona adventure for a second time.

 

I hope everyone is having fun without me.

Edited December 4, 2004 by Woof!

[+Lamneth]

Venona's activities have been completed. Detailed report reproduced below:

 

Edited July 6, 2021 by Lamneth