+Nazgul Posted November 14, 2004 Share Posted November 14, 2004 Most of this crypto stuff is gibberish to me, but I did manually try a dozen or two passwords last night and when none worked I kicked off a brute force attack on it via a cracker that I downloaded from the web. It's been running all night and is still going. Assuming that I'm not screwing somehing up (which is uncomfortably probable as I'm a total noob at this) the only thing I've really learned so far is that the password seems to be at least 8 characters in length. I'll cheerfully report back if it happens to come up with the password, but don't count on it. Quote Link to comment
+WAAS-up Posted November 14, 2004 Share Posted November 14, 2004 (edited) My computer is too slow to attempt a brute force on a 8 digit alphanumeric case sensitive password (or can we assume uppercase alpha). Here is another idea. Let's look at the contents of the encrypted file. We know it's a very small text file > 256 bytes. Not much he can say in that amount of text that will instruct us on stage 3. So I'm guessing it gives us a link to an autoresponder email account or to a hidden html page or file on his website http://home.comcast.net/~Venona/ that explains the "activities" for the next stage. I wonder if we guess that this domain name is in the encrypted text we can deterime the contents without the password? P.S. I've tried the passwords everyone else said plus activities, refractory, Gold Garbage, GoldGarbage, and fizzymagic. But if it's in mixed case who knows. Edited November 14, 2004 by WAAS-up Quote Link to comment
+Green Achers Posted November 14, 2004 Share Posted November 14, 2004 I regret to concede from the thought of listing all my failed attempts as I've already tried several hundred. I've cast many likely words in using both all caps and proper first letter cap. If it's some other combiNaTiOn, it will likely not be found by any of us. So far I've tried every acronym, code name, suspect name (First - Last - First and Last), key location as I progress through the book. I even has $ATM$ jet typing them while I was speed reading to her. It was a wild Brute Force effort. I also did some research to see if any events stood out in the months of November, December. Nothing yet appears to be the pinnacle of Uenona's madness. Quote Link to comment
+Green Achers Posted November 14, 2004 Share Posted November 14, 2004 Maybe just a computer error but while entering key 'SOVIET CODES' the file started to unzip and then reported an error. The file now opens but contains nothing. In trying to repeat the event, it only reports 'passwords do not match.' Just for kicks, I tried every possible combination with 'RAMBING'. RAMBING AMBINGR MBINGRA BINGRAM INGRAMB NGRAMBI GRAMBIN rambing Rambing rAmbing raMbing ramBing rambIng rambiNg rambinG RAmbing RaMbing RamBing RambIng RambiNg RambinG RAMbing RAmBing RAmbIng RAmbiNg RAmbinG RaMBing RaMbIng RaMbiNg RaMbinG RamBIng RamBiNg RamBinG RambINg RambInG RambiNG RAMBing RAMbIng RAMbiNg RAMbinG RAmBIng RAmBiNg RAmBinG RAmbINg RAmbInG RAmbiNG RAMBIng RAMBiNg RAMBinG RAMbINg RAMbInG RAMbiNG RAmBIng RAmBiNg RAmBinG RAmbINg RAmbInG RAmbiNG RaMBIng RaMBiNg RaMBinG RaMbINg RaMbInG RaMbiNG RamBINg RamBInG RamBiNG RambING rAMBIng etc. It's not the word. Maybe it's part of a compound word or number(s) could be added or it's a synonym. Or it could be it was really a mistake. Quote Link to comment
+Green Achers Posted November 14, 2004 Share Posted November 14, 2004 Question: When you down load the Zipped File, it always produces an Empty Folder in addition to the Secured Folder. The Empty Folder always has a 6 digit Alphanumeric number and it appears to be random. But is it random text or is it a clue? 0fRecr gQM4CO W8QUHc (<-- almost an Amateur Call Sign. LOL) CzIGnW GRB8bV XLCKjX KBtGhc Where's Lamneth when we need him? He could possibly open this through a backdoor. Quote Link to comment
+Green Achers Posted November 15, 2004 Share Posted November 15, 2004 Page 172 of 503. Nothing to report. Quote Link to comment
+WAAS-up Posted November 15, 2004 Share Posted November 15, 2004 Page 172 of 503. Nothing to report. http://www.cia.gov/csi/books/venona/35a.gif Quote Link to comment
+fizzymagic Posted November 15, 2004 Share Posted November 15, 2004 Anniversaries are most often celebrated in even-numbers-of 5 or 10 years. Thus, this would be the 58th anniversary of an event from 1946, but the 60th anniversary of an event from 1944. Hmm. Quote Link to comment
+The Rat Posted November 15, 2004 Share Posted November 15, 2004 It's not the word. Maybe it's part of a compound word or number(s) could be added or it's a synonym. Or it could be it was really a mistake. Or maybe the No-L isn't for Noel but is a sign to drop the L from another word. Quote Link to comment
+Nazgul Posted November 15, 2004 Share Posted November 15, 2004 (edited) I think that the Web sources you have found will work fine. From my recent discussions with Venona, I believe he aims to celebrate the anniversary of one particularly notorious missive. Anniversaries are most often celebrated in even-numbers-of 5 or 10 years. Thus, this would be the 58th anniversary of an event from 1946, but the 60th anniversary of an event from 1944.Hmm. (light bulb sputters over head) ... November 27, 1944 looks to be the first message involving the Rosenbergs, which certainly fits the bill for "one particularly notorious missive". I tried several password variations of dates and names and hit upon one that seemed promising: '27November44'. The thing is that while it doesn't give me a wrong password error (hooray!) neither does it seem to extract the Stage2.txt file properly (doh!). I tried it with 2 different programs and saw similar results. I'll keep tinkering with it. (edit to correct the password to the correct date and fix and fix an ironic typo) Edited November 15, 2004 by Team Nazgul Quote Link to comment
+The Rat Posted November 15, 2004 Share Posted November 15, 2004 Anniversaries are most often celebrated in even-numbers-of 5 or 10 years. Thus, this would be the 58th anniversary of an event from 1946, but the 60th anniversary of an event from 1944. OVERLORD DDAY OVERLORD1944 DDAY1944 D-DAY D-DAY1944 I couldn't find any major Soviet victories or events in November or December 1944, Mainly tbhey were relieved from pressure by the Allied invasion of the European mainland. I also looked for something in 1954. The CIA website for Venona only had one short letter from late 1944, which didn't have any good names or words. Quote Link to comment
+The Rat Posted November 15, 2004 Share Posted November 15, 2004 I think that the Web sources you have found will work fine. From my recent discussions with Venona, I believe he aims to celebrate the anniversary of one particularly notorious missive. Anniversaries are most often celebrated in even-numbers-of 5 or 10 years. Thus, this would be the 58th anniversary of an event from 1946, but the 60th anniversary of an event from 1944.Hmm. (light bulb sputters over head) ... November 27, 1944 looks to be the first message involving the Rosenbergs, which certainly fits the bill for "one particularly notorious missive". I tried several password variations of dates and names and hit upon one that seemed promising: '27November44'. The thing is that while it doesn't give me a wrong password error (hooray!) neither does it seem to extract the Stage2.txt file properly (doh!). I tried it with 2 different programs and saw similar results. I'll keep tinkering with it. (edit to correct the password to the correct date and fix and fix an ironic typo) The Ted Hall cable is another notorious missive, and 11/12/44 is loser to the date this whole Venona thing began. I tried most of the logical variations: 12NOVEMBER1944, 1944NOVEMBER12, NOVEMBER121944, etc. I also couldn't get the same semi-positive results for 27NOVEMBER44 or any of its variants. Just the usual error message. Quote Link to comment
+Nazgul Posted November 15, 2004 Share Posted November 15, 2004 The Ted Hall cable is another notorious missive, and 11/12/44 is loser to the date this whole Venona thing began. I tried most of the logical variations: 12NOVEMBER1944, 1944NOVEMBER12, NOVEMBER121944, etc. I also couldn't get the same semi-positive results for 27NOVEMBER44 or any of its variants. Just the usual error message. Interesting. I don't get the password error on the two programs I tried with that date - which is really strange if it's not correct - but I instead get a compression error. I wonder if it has to do with what Venona said about the file being PKZIP 2 but the password using the old zip encryption? I didn't quite follow that. I'd not heard of the Ted Hall cable before, but you may be right. The creation date for the file is on 11/12/04. With upper/lower/mixed case and American/European date variations, and possibly dropping the '19' from 1944, that's a lot of combinations for any given date.... Quote Link to comment
+The Rat Posted November 15, 2004 Share Posted November 15, 2004 (edited) Interesting. I don't get the password error on the two programs I tried with that date - which is really strange if it's not correct - but I instead get a compression error. I wonder if it has to do with what Venona said about the file being PKZIP 2 but the password using the old zip encryption? I didn't quite follow that. I'd not heard of the Ted Hall cable before, but you may be right. The creation date for the file is on 11/12/04. With upper/lower/mixed case and American/European date variations, and possibly dropping the '19' from 1944, that's a lot of combinations for any given date.... Even more interesting: I just downloaded pkunzip the original DOS shareware and tried your password, 27November44 and it created a file named stage2.txt, but it's a 0-byte file. All other passwords resulted in a program crash. So we seem to be onto the right password, but either the file is corrupted or there is something more we're supposed to do. The only info I could get out of it is the edit date and time: Friday, November 12, 2004, 7:02:58 PM Edited November 15, 2004 by The Rat Quote Link to comment
+Nazgul Posted November 15, 2004 Share Posted November 15, 2004 I saw the same file creation date by viewing the contents of the zip file (Stage2.txt) with pkzip (Windows) and by doing a "get info" on the zip file on my Mac. If that's the correct password, I'm not sure of exactly what the technical issue is that causing the extraction error. Maybe in the morning some of the other folks will check in with some ideas. I'm going to bed now before my head explodes. Quote Link to comment
Venona Posted November 15, 2004 Share Posted November 15, 2004 IS FINE FILE. NONE CORRUPTION. Quote Link to comment
+Green Achers Posted November 15, 2004 Share Posted November 15, 2004 Even more interesting: I just downloaded pkunzip the original DOS shareware and tried your password, 27November44 and it created a file named stage2.txt, but it's a 0-byte file. All other passwords resulted in a program crash. So we seem to be onto the right password, but either the file is corrupted or there is something more we're supposed to do. The only info I could get out of it is the edit date and time: Friday, November 12, 2004, 7:02:58 PM Does that some else include the extra folder I've referenced before? The one that comes when the download happens and it's file name is the random 6 digit alphanumeric. Sorry to bail last night on this project as the news of the date appeared. $ATM$ needed help.d Quote Link to comment
+WAAS-up Posted November 15, 2004 Share Posted November 15, 2004 (edited) I'm getting the same result. It's curious that we can only get the name and date on the STAGE2.TXT file after extraction. I also noticed under properties that the 32bit CRC value was 8C66DC2E. All this information can be gathered without a password. The only thing we learned was the date 27November44 which was the password and that STAGE2.TXT is a zero length file. The file should uncompress to 178 bytes according to command pkunzip -vt -s27November44 STAGE2.zip I've tried pkzipfix on the file to correct the crc error. I have also tried to use the shareware program advanced zip repair to fix but no luck. Here is all that I know about this file: Testing ... Current Location part 1 offset 234 Archive: STAGE2_fixed.ZIP 256 bytes 2004-11-15 10:18:38 End central directory record PK0506 (4+18) ========================================== current location of end-of-central-dir record: 234 (0x000000ea) bytes expected location of end-of-central-dir record: 234 (0x000000ea) bytes based on the size of the central directory of 56 and its relative offset of 178 bytes part number of this part (0000): 1 part number of start of central dir (0000): 1 number of entries in central dir in this part: 1 total number of entries in central dir: 1 size of central dir: 56 (0x00000038) bytes relative offset of central dir: 178 (0x000000b2) bytes zipfile comment length: 0 Current Location part 1 offset 178 Central directory entry PK0102 (4+42): #1 ====================================== part number in which file begins (0000): 1 relative offset of local header: 0 (0x00000000) bytes version made by operating system (00): MS-DOS, OS/2, NT FAT version made by zip software (20): 2.0 operat. system version needed to extract (00): MS-DOS, OS/2, NT FAT unzip software version needed to extract (20): 2.0 general purpose bit flag (0x0001) (bit 15..0): 0000.0000 0000.0001 file security status (bit 0): encrypted extended local header (bit 3): no compression method (08): deflated compression sub-type (deflation): normal file last modified on (0x0000316c 0x0000985d): 2004-11-12 19:02:58 32-bit CRC value: 0x8c66dc2e compressed size: 138 bytes uncompressed size: 178 bytes length of filename: 10 characters length of extra field: 0 bytes length of file comment: 0 characters internal file attributes: 0x0001 apparent file type: text external file attributes: 0x00000000 non-MSDOS external file attributes: 0x000000 MS-DOS file attributes (0x00): none Current Location part 1 offset 224 filename:Stage2.txt Current Location part 1 offset 0 Local directory entry PK0304 (4+26): #1 ------------------------------------ operat. system version needed to extract (00): MS-DOS, OS/2, NT FAT unzip software version needed to extract (20): 2.0 general purpose bit flag (0x0001) (bit 15..0): 0000.0000 0000.0001 file security status (bit 0): encrypted extended local header (bit 3): no compression method (08): deflated compression sub-type (deflation): normal file last modified on (0x0000316c 0x0000985d): 2004-11-12 19:02:58 32-bit CRC value: 0x8c66dc2e compressed size: 138 bytes uncompressed size: 178 bytes length of filename: 10 characters length of extra field: 0 bytes Current Location part 1 offset 30 filename:Stage2.txt Current Location part 1 offset 40 testing: Stage2.txt Error: invalid compressed data to inflate At least one error was detected in STAGE2_fixed.ZIP. Edited November 15, 2004 by WAAS-up Quote Link to comment
+amytincan Posted November 15, 2004 Share Posted November 15, 2004 Hey Venona! Why don't you do the honorable thing and give up that bug. I know where you can get your own. IN fact, I saw a pin of your insignia just yesterday at Dom's surplus...you can make your own and wouldn't have to bother these poor guys. Sheesh, I tell ya some people have no morals. Quote Link to comment
+The Foote Posted November 15, 2004 Share Posted November 15, 2004 Hey Venona! Why don't you do the honorable thing and give up that bug. I know where you can get your own. IN fact, I saw a pin of your insignia just yesterday at Dom's surplus...you can make your own and wouldn't have to bother these poor guys. Sheesh, I tell ya some people have no morals. HAHAHA MAy you are cracking me up here!!! Quote Link to comment
+Nazgul Posted November 15, 2004 Share Posted November 15, 2004 I'm getting the same result on a 3rd machine, no password error with "27November44" but then I get a "no files found" message and a blank/0k Stage2.txt file. When I test the file with pkzip I get an error that "Stage2.txt has a bad compression block type". If in fact the password is correct, then maybe the key to getting it to work may be tied to Venona's broken-English instructions? NOTICE FILE INSIDE ZIP ENCRYPTED USING PKZIP 2.0 ENCRYPTION ALOGRITHM. THEN YOU CRACK PASSWORD FOR GET INSTRUCTIONS OF NEXT STAGE. IS LUCKY FOR YOU PASSWORD PROTECTION IN OLD ZIP FORMAT USE WEAK ENCRYPTION. Now if I could just decrypt what the heck this commie rat (uh, no offense Rat) is trying to say it might help. Quote Link to comment
+Nazgul Posted November 15, 2004 Share Posted November 15, 2004 I should add that while I don't get the password error when I try to extract the file, if I select the "open" file option in pkzip for it I do get a password error. Sigh. Quote Link to comment
+amytincan Posted November 15, 2004 Share Posted November 15, 2004 Hey Venona! Why don't you do the honorable thing and give up that bug. I know where you can get your own. IN fact, I saw a pin of your insignia just yesterday at Dom's surplus...you can make your own and wouldn't have to bother these poor guys. Sheesh, I tell ya some people have no morals. HAHAHA MAy you are cracking me up here!!! well, I had to add to the thread since I have no idea how to solve something like that. I thought maybe I'd save you smart ones some brain cells...... Quote Link to comment
+The Rat Posted November 16, 2004 Share Posted November 16, 2004 This sort of reminds me of a couple of puzzle caches where the coordinates were hidden in graphic or audio files. I suspect there is some application out there that modifies zip files (or regular files made to look like zip files) to hide a short message. Has anyone looked at this file with a byte editor or other application? Quote Link to comment
+forman Posted November 16, 2004 Share Posted November 16, 2004 Has anyone looked at this file with a byte editor or other application? Oh...............I was just thinking about that!!! Don Quote Link to comment
+Green Achers Posted November 16, 2004 Share Posted November 16, 2004 NOTICE FILE INSIDE ZIP ENCRYPTED USING PKZIP 2.0 ENCRYPTION ALOGRITHM. ALGORITHM? Tell me this didn't translate correctly. In searching the problem, I believe we are using programs that are too new. I'm in the process of following the instructions given by Venone. Quote Link to comment
+The Rat Posted November 16, 2004 Share Posted November 16, 2004 (edited) ALOGRITHM. ALGORITHM? Tell me this didn't translate correctly. I think that was just a typo by me. The old pre-Windows decryption program I used did not have cut and paste capability, so I had to write it out by hand then type it into the Forum post. I would have noticed that sort of misspelling, I think, but this is why I asked for someone to check my work. It is very hard to see your own mistakes. Mistkaes. It reminds though, that ALGORITHM is an anagram of LOGARITHM. If you put an S at the end to make ten letter words, they make good keys for cryptarithms or puzzle caches that use letters for numbers. But I digress. SOLTUION NOT SO HARD FOR FINDING PERHAPS. is another typo. It's actually SOLUTION... Sorry about that. But RAMBING I checked. Edited November 16, 2004 by The Rat Quote Link to comment
+WAAS-up Posted November 16, 2004 Share Posted November 16, 2004 (edited) Has anyone looked at this file with a byte editor or other application? Yep, one of the first things I tried. As you can see below there is not much there. If you read my post above you can see the file data starts at byte 56 and continues to 194 (138 compressed bytes which uncompress to 178 bytes) 05 F8 A7 F1 AA 75 A8 70 08 4B 9D 70 A5 F2 DA A3 A7 FA 93 22 49 F0 EA 61 22 05 91 E9 6E 8D 69 68 14 1F 55 5A AD 0E 70 59 B1 A2 45 F0 9F B5 5C DA 17 EE C9 DA 64 56 8D 1A D7 0C CE 80 89 0E 8F 50 F6 20 F0 48 0C 4C C6 3C 3C 6E 6A 75 15 6F 5D 03 EC CC 5B 8F 69 43 09 71 4E 10 E4 E0 F4 B2 23 4E 44 57 1C 59 9B BF 34 3D 9C 1E 22 16 B4 CC 95 5D 15 F3 DF 46 EE 18 3B 80 16 C2 50 4B 01 02 14 00 14 00 01 00 08 00 5D 98 6C 31 And here is the compressed ASCII (font mangled by cut and paste). °º±¬u¿pK¥pÑ≥┌úº·ô"I≡Ωa"æΘnìihUZ¡pY▒óE≡ƒ╡\┌ε╔┌dVì╫╬ÇëÅP÷ ≡HL╞<<njuo]∞╠[ÅiC qNΣα⌠▓#NDWY¢┐4=£"┤╠ò]≤▀Fε;Ç┬PK Edited November 16, 2004 by WAAS-up Quote Link to comment
+Green Achers Posted November 16, 2004 Share Posted November 16, 2004 (edited) So I'm unsure... does anyone actually have PKZIP 2.0 with ENCRYPTION ALGORITHM? I found two problems in searching for it. It's not a Macintosh program (I broke my new PC) and it takes 6 weeks to get the password to unlock it. The Macintosh equivelent is called Zipit. The problems there include it's free version does not allow decryption and it takes several weeks to get the passward for unlocking the decryption feature. I hate road blocks! Edited November 16, 2004 by Green Achers Quote Link to comment
+bytemobile Posted November 16, 2004 Share Posted November 16, 2004 I found a copy of PKZIP204g, and here are the results of running it: >pkunzip stage2 -s27November44 PKUNZIP ® FAST! Extract Utility Version Copr. 1989-1993 PKWARE Inc. All Rights Reserved. Shareware Version PKUNZIP Reg. U.S. Pat. and Tm. Off. ¦ 80486 CPU detected. ¦ XMS version 2.00 detected. ¦ DPMI version 0.90 detected. Searching ZIP: STAGE2.ZIP Inflating: Stage2.txt PKUNZIP: (W23) Warning! file has bad table PKUNZIP: (W15) Warning! file fails CRC check PKUNZIP: (W26) Warning! STAGE2.ZIP has errors! >dir 11/15/2004 08:14p 256 STAGE2.ZIP 02/01/1993 02:04a 29,378 PKUNZIP.EXE 11/12/2004 07:02p 0 STAGE2.TXT Here is the explanation of the first warning: PKUNZIP: (W23) Warning! File has bad table. The Deflated file being tested or extracted has an error in its encoding (bad block type). The file is probably corrupt or not a .ZIP file. Files that have been damaged in this way cannot be recovered. Quote Link to comment
Venona Posted November 16, 2004 Share Posted November 16, 2004 (edited) IS NOT CORRUPT FILE! IS WITH WINZIP 9.0 COMPRESS. IS BIG HUGE GIANT HINT CLUE INSTRUCTIONS. Edited November 16, 2004 by Venona Quote Link to comment
+Nazgul Posted November 16, 2004 Share Posted November 16, 2004 The latest eval version of winzip 9 gives me the same type of error ("invalid compressed data to inflate") when I try to extract the file. If there's a decrypt option of some sort in winzip 9 it's not in the eval version I downloaded. Anyone have the full version? There is a lengthy section in the Help files about ZIP 2 and related encryption that may be useful. Ugh. Quote Link to comment
+Marky Posted November 16, 2004 Share Posted November 16, 2004 It's probably a waste of time, but I'm doing a brute force attack using 7 min and 7 max (only because RAMBING is of length 7). I'm too dumb to see the hint in the instructions. --Marky Quote Link to comment
+fizzymagic Posted November 16, 2004 Share Posted November 16, 2004 From the UNZIP manpage: ... unzip continues to use the same password as long as it appears to be valid, by testing a 12-byte header on each file. The correct password will always check out against the header, but there is a 1-in-256 chance that an incorrect password will as well. (This is a security feature of the PKWARE zipfile format; it helps prevent brute-force attacks that might otherwise gain a large speed advantage by testing only the header.) In the case that an incor- [missing text] extracted data or else unzip will fail during the extraction because the ``decrypted'' bytes do not constitute a valid compressed data stream. This took me 5 minutes of searching on the Web. Quote Link to comment
+Marky Posted November 16, 2004 Share Posted November 16, 2004 I forgot to mention that I'm using uppercase alpha only. --Marky Quote Link to comment
+Nazgul Posted November 16, 2004 Share Posted November 16, 2004 From the UNZIP manpage..... Interesting. Sounds like 27November44 is a 1-in-256. Just my luck. Hand me that parachute, will you? Quote Link to comment
+Marky Posted November 16, 2004 Share Posted November 16, 2004 If the password is uppercase and is 7 characters long, I should have the answer in 19 hours. --Marky Quote Link to comment
+atc Posted November 16, 2004 Share Posted November 16, 2004 (edited) Hi, I thought the lowecase "i" in iNSTRUCTIONS was a clue but now I realize its a typo -- I also tried to brute force it using ZIP EXPRESS (ZEXPL2.ZIP) software, but it couldn't even crack my test file (a short text file zipped using pkzip 2.04g with password "ABC"), so I need to try another one. atc Edited November 16, 2004 by atc Quote Link to comment
+WAAS-up Posted November 16, 2004 Share Posted November 16, 2004 (edited) I tried redoing the translation and I still don't see the BIG HINT inside the message. WELCOME.__AS_FIRST_THING,_IS_CONGRATULATIONS_FOR_SOLVING_CIPHER_ FOR_GET_TO_NEXT_STAGE_OF_ACTIVITIES.__YOU_HAVE_SOLVED_STAGE_ BY_FINDING_SIMPLE_ADDITIVE_CIPHER.__PAT_ALL_SELVES_ON_BACKS._ ONLY_NEXT_STAGE_IS_MORE_DIFFICULT_FOR_YOU.__IF_WANT_FOR_ SOLVING,_YOU_WILL_GO_TO_VENONA_WEB_SITE_AND_GET_ZIP_FILE_ STAGE2.ZIP_WITH_INSTRUCTIONS_FOR_NEXT_STAGE.__NOTICE_FILE_ INSIDE_ZIP_ENCRYPTED_USING_PKZIP_2.0_ENCRYPTION_ALGORITHM.__ THEN_YOU_CRACK_PASSWORD_FOR_GET_INSTRUCTIONS_OF_NEXT_STAGE.__ IS_LUCKY_FOR_YOU_PASSWORD_PROTECTION_IS_OLD_ZIP_FORMAT_USE_ WEAK_ENCRYPTION.__DISCUSS_STILL_MANY_QUESTIONS_FOR_ASKING_IN_ SOLVING_CIPHER.__IS_ALPHA_ONLY_OR_ALPHANUMERIC?__SHOULD_ DICTIONARY_ATTACK,_OR_MAYBE_SHOULD_BRUTE_FORCE?__PERHAPS_STUDY_ OF_MESSAGE_THIS_MAY_GIVE_HINT_FOR_MAKING_SOLUTION_MORE_EASIER.__ ALTHOUGH_MAYBE_NOT.__SUPPOSE_ONLY_VENONA_RAMBING_TO_ADD_ PLAINTEXT_FOR_LONG_ENOUGH_MESSAGE_TO_MAKE_SOLUTION_OF_ADDITIVE_ CIPHER_POSSIBLE.__SOLUTION_NOT_SO_HARD_FOR_FINDING_PERHAPS.__ WE_HOLD_FTF_TRAVEL_BUG_IN_COLD_PLACE_UNTIL_YOU_FIND.__ONLY_ WAY_POSSIBLE_FOR_FIND_IS_SOLVING_OF_ALL_STAGES_OF_ACTIVITIES.__ REMEMBER_ALL_THINGS_FROM_VENONA_WE_HAVE_TOLD_YOU.__DO_NOT_FOR_ GIVING_UP. EDIT: Fix translation bug from Microsoft ... The only thing I resolved was that iNSTRUCTIONS, ALOGRITHM AND SOLTUION were Groundspeak Forum typos... they are correct in the coded message but RAMBING is misspelled! Possible anagram? MIG BARN Edited November 16, 2004 by WAAS-up Quote Link to comment
+Green Achers Posted November 17, 2004 Share Posted November 17, 2004 I think I'm on to something... stand by for my report at 7pm. I may need computer (smart) support. Quote Link to comment
+GravityKills Posted November 17, 2004 Share Posted November 17, 2004 this rocks! I just got turned on to this thread and still haven't exactly caught up with what's going on here but the big hint in the message is: WAYPOINT ID IS PASSWORD. Quote Link to comment
+WAAS-up Posted November 17, 2004 Share Posted November 17, 2004 (edited) Holy crap you're right. The first letter in each sentence (WAYPOINT ID IS PASSWORD). I feel really stupid right now. I tried the obvious GCBBA9, GCD39C, GCJVZ9, AND TB51B1 and every cache that has siberia in its name. The good news is a brute force 6 character alphanumeric with GC as first 2 characters should be a snap (but that would be too easy I'm afraid). He said something about returning the FTF bug to the rightful owner which would be Lamneth I guess. Maybe his cache ID's... Edited November 17, 2004 by WAAS-up Quote Link to comment
+Green Achers Posted November 17, 2004 Share Posted November 17, 2004 GCKZGB appears to be working well but it's grinding and grinding away. I'm wondering if it's uploading my entire harddrive into the web world. Standby... Quote Link to comment
+GravityKills Posted November 17, 2004 Share Posted November 17, 2004 I tried all of Lamneth's cache id's and a bunch that had 'cold' in the title. although it appears that we know the first 2 characters, it's still way too much for me to manually trial-and-error. my current plan was to wait for marky to come back and reprogram his magic password thingy thing. Quote Link to comment
+boulter Posted November 17, 2004 Share Posted November 17, 2004 (edited) Holy crap, I just cracked it. Password is GCGZ17. --- IS NOW NEXT STEP FOR ACTIVITIES. MUST CONTACT PERSON INCONNU IN LANGLEY VIRGINIA. GET PASSWORD AND FILE NAME FROM THEM. THEY WILL FIND INFORMATION FOR PASSWORD IN CACHE OF 24523. -- http://www.geocaching.com/seek/cache_details.aspx?wp=GCGZ17 I used fcrackzip like this: fcrackzip -c A1 -p GCAAAA STAGE2.ZIP -u http://www.goof.com/pcg/marc/fcrackzip.html Edited November 17, 2004 by boulter Quote Link to comment
+jeeplife Posted November 17, 2004 Share Posted November 17, 2004 INCONNU means "the unkown" in French. Other than that I'm not much help, yet. Quote Link to comment
+Green Achers Posted November 17, 2004 Share Posted November 17, 2004 OK. That was no fun. My computer was in fact grinding away. Virus attack had everything locked up. Found 9 infected files which had to be exterminated. So that waypoint I used had nothing to do with the key. Great job GravityKills on finding that message that has been infront of us. Let that be a lesson to all of us that we're not dealing with your average low life spy. Vinona has more tricks up his sleeve too. Now let me get back to what I was going to do before 7 PM. Quote Link to comment
+boulter Posted November 17, 2004 Share Posted November 17, 2004 INCONNU means "the unkown" in French. Other than that I'm not much help, yet. There's a user account set up for INCONNU. http://www.geocaching.com/profile/?guid=9e...8c-27bacf53fe68 I just emailed the account with this message: -- Hi there, Apparently you have a file name password for us? It's supposedly in this cache. http://www.geocaching.com/seek/cache_details.aspx?wp=GCGZ17 Thanks for your help in capturing the evil Venona. See this if you don't know what I'm talking about http://forums.Groundspeak.com/GC/index.php...opic=83776&st=0 -- Quote Link to comment
+fizzymagic Posted November 17, 2004 Share Posted November 17, 2004 (edited) Congratulations! Wow, progress went very quickly once you got the hint. Just so you all know, I am not INCONNU. He gets to make up the next stage himself; I can play along this time! I hope people are having fun! Edited November 17, 2004 by fizzymagic Quote Link to comment
+The Rat Posted November 17, 2004 Share Posted November 17, 2004 ... although it appears that we know the first 2 characters ... You can't be sure it starts with GC. The ID can be the numerical identifier, as in http://www.geocaching.com/seek/cache_details.aspx?id=87142 What are we up to now, 100001 was GeoROCKS's Ultimate, approved in October so it could be any number up to something a bit higher than that. That should be easy to generate via brute force. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.