Crack The Code - Thats A Direct Challenge

I Challenge You To Crack The Code
-------------------------------------
I had quite an interesting experience recently. I was hired by a company to perform a vulnerability assessment and penetration test on their network. During the initial meeting, one of the key technical staff presented me with a challenge; He handed over the NTLM hash of the domain Administrator account and challenged me to decipher it. He explained that the complexity and length of the password would prevent me from deciphering it during the time allotted for the project. He was actually quite confident in my impending failure.

In most cases, this individual would have been right on the mark. On the other hand, I'm not sure he expected to challenge someone who has close associates with discretionary time on some of the most powerful computers in the world.

6 Hours, 2 Servers, 64GB of Memory, and 32 Processors Later and.....
------------------------------------
It took just under six hours to decipher the password. Of course, my 'associates' were using a program of my choice on servers with 32 processors and 64GB of RAM a piece. It's nice to have friends with access like this. Especially in my line of work. Needless to say, my client was shocked when I called him the next day and gave him the password.

Let's Have Some Fun: A Challenge For You
----------------------------------------------
(In order for you to do this, you need to go to: http://www.defendingthenet.com/NewsLetters/ CrackTheCode-ThatsADirectChallenge.htm)

Shortly after this experience, I started thinking about writing an article about it. Then I thought to myself, why write just an article? Why not come up with a challenge for our readers?

Hidden in this article is information that will ultimately provide you with a phrase that has been encrypted. You will need to know a few pieces of general information such as, where to find the hash in this article, how to extract the hash from the article, what the password is that will reveal the hash, and what type of hash is being used! Still with me on this? You will need to do all this before you can start cracking the encrypted phrase.

First, you need to find the hashed phrase located in this article. I'll give you a hint; I recently wrote an article about hiding messages in files. This article can be found on the Defending The Net Newsletter Archive. It is also in the www.CastleCops.com archive. Oh, and once you find where the hash is you will need a password to extract it. This one I am going to give away. The password to extract the hash is 'letmein' (without the ' ' of course).

Then, you will need a tool that can easily handle deciphering of the hash once you extract it from this article. There are quite a few out there that will do the job, however, I highly recommend using pnva naq noyr i2.69, a publicly available security tool that no self respecting security engineer should be without. You will also need to know the type of hashing algorithm that was used. I decided to use zrffntr qvtrfg svir because it is relatively well-known. (Try saying that 13 times real fast!)

Conclusion
----------------
The first person to successfully unravel this riddle and e-mail me at riddle@paralogic.net with the deciphered phrase, along with a detailed description of how they accomplished the task, will receive a 512MB, USB2.0 Jump Drive. As soon as we receive this information we will post it on the main page of www.defendingthenet.com.

About The Author
----------------
Darren Miller is an Information Security Consultant with over sixteen years experience. He has written many technology & security articles, some of which have been published in nationally circulated magazines & periodicals. If you would like to contact Darren you can e-mail him at Darren.Miller@ParaLogic.Net

In The News:

pen paper and inkwell


cat break through


SCAMS ? Be Aware ? And Report When Necessary

The Internet is a vast International Network of people and... Read More

Dialing Up a Scam: Avoiding the Auto-Dialer Virus

For many, the daily walk to the mailbox evokes mixed... Read More

Viruses and Worms, Protection from Disaster

Virus damage estimated at $55 billion in 2003. "SINGAPORE -... Read More

How to Know Whether an Email is a Fake or Not

A few nights ago I received an email from "2CO"... Read More

Firewalls: What They Are And Why You MUST Have One!

A firewall is a system or gateway that prevents unauthorized... Read More

How to Thwart the Barbarian Spyware!

Today,on most internet user's computers, we have the ability to... Read More

Secrets On Security: A Gentle Introduction To Cryptography

Let us take the example of scrambling an egg. First,... Read More

What Can Be Done About Spyware And Adware

Having a good Spyware eliminator on your computer is vital... Read More

Network Security 101

As more people are logging onto the Internet everyday, Network... Read More

Spyware Removal

Spyware SolutionProbably Today's Biggest Computer Problem. You Suffer Without Knowing... Read More

Its War I Tell You!

There are ways to insure security though. You can get... Read More

Cybercriminals Trick: Targeted Trojan-Containing Emails

Threats we ordinary Web users face online leave us no... Read More

Firewall Protection - Does Your Firewall Do This?

The first thing people think about when defending their computers... Read More

Spyware Symptoms

Spyware symptoms happen when your computer gets bogged down with... Read More

Backup and Save your business!

There you are busily typing away on your PC or... Read More

SPYWARE - Whos Watching Who?

I am in the midst of Oscar Wilde's The Picture... Read More

Free Antivirus Security Software: Download Now to Eliminate Spyware, Pop Up Ads, etc.

Adware. Spyware. Pesky pop up ads. Internet congestion. Computer malfunctions... Read More

Identity Theft ? Beware of Phishing Attacks!

"Dear Bank of the West customer", the message begins. I've... Read More

Protection for Your PC - Painless and Free!

Viruses, Bugs, Worms, Dataminers, Spybots, and Trojan horses. The Internet... Read More

With the Rise of Internet Crimes, Users are Turning to High-Tech ?PI?s? for Solutions

High-tech private investigators are becoming the answer for many Internet... Read More

Identity Theft Article ? A Phisher Is Trying To Steal Your Identity!

Sooner or later everyone with an email account will receive... Read More

Information Security for E-businessmen: Just a Couple of Ideas

If you constantly deal with bank or electronic accounts, it... Read More

Phishing

Recently I have received email from my bank/credit Card Company,... Read More

Virus and Adware - Fix them Both!

We all get the odd virus now and then, but... Read More

Be Alert! Others Can Catch Your Money Easily!

So called phishers try to catch the information about the... Read More

Be Aware of Phishing Scams!

If you use emails actively in your communication, you must... Read More

The Risk Of Electronic Fraud & Identity Theft

Electronic Fraud and Identity Theft Human beings are pretty... Read More

What Every Internet Marketer Should Know About Spyware

If you run any type of Internet business, Adware and... Read More

Reporting Internet Scams

When it comes to reporting Internet scams most of us... Read More

Can I Guess Your Password?

We all know that it's dangerous to use the same... Read More

Phishing-Based Scams: A Couple of New Ones

Phishing in its "classic" variant is relatively well-known. Actually, 43.4... Read More

Pharming - Another New Scam

Pharming is one of the latest online scams and rapidly... Read More

If You Steal It, They May Come!

Business on the internet is getting down right shameless. This... Read More