GCHQ Can You Find It 2013 (Part 1)

 

Our new challenge is to find and solve 5 codes, we have hidden
around the web. For anyone able to rise to the challenge and
find all the codes, you'll join an elite community of people with
some of the specific skills we are looking for at GCHQ.

 

https://canyoufindit.co.uk

 

 

The first puzzle contains a series of characters:

 

AWVLI QIQVT QOSQO ELGVC IIQWD LCUQE EOENN
WWOAO LTDNU QTGAW TSMDO QTLAO QSDCH PQQIQ
DQQTQ OOTUD BNIQH BHHTD UTEET FDUEA UMORE
SQEQE MLTME TIREC LICAI QATUN QRALT ENEIN RKG

 

There are 143 characters, which happens to be the product of two prime numbers 11 & 13, if we rearrange the information above into a grid 11 by 13 might give us a cue!

 

 

If you read from top to bottom of each column starting from the left, you will see the following message....

 

Q = Space

 

a computer would deserve to be called intelligent if it could deceive a human into believing that it was human

wwwdotmetrodotcodotukslashturing

 

Now rewrite the message as instructed.

www(dot)metro(dot)co(dot)uk/turing

www.metro.co.uk/turing

 

Answer Part 1: turing

 

 

GCHQ - Explore Another World - Challenge Four

 

 

 

Challenge 4 a picture of Colossus, the first computer used to crack the Enigma Code in the second World War.

 

Download the image, and as before open it in your hex editor.

The original Hex Editor I used 2 years ago, apparently isn't trustworthy anymore so please use the online Hex Editor.

 

Click on image to enlarge.

 

At first is appears to be a standard jpeg file (highlighted in blue above) but look closely there is another image below.

 

Delete the first image hex data (highlighted in blue) then save, now open the new image, you will see the final website address:

www.eveningstandard.co.uk/colossus

 

 

Answer Part 4: colossus

 

____________________________________

 

 

GCHQ - Explore Another World - Challenge Five

 

When you visit: www.eveningstandard.co.uk/colossus you will be presented with the final answer:

 

 

Answer Part 5: secured

 

____________________________________

 

 

Enter your correct answers and maybe you could win, either a

Google Nexus 7 Tablet or Raspberry Pi

 

 

 

 

GCHQ Can You Find It 2013 (Part 3)

 

GCHQ - Explore Another World - Challenge Three

 

 

On arrival at the next website, you are confronted with a new stream of characters.

 

2910404C21CF8BF4CC93B7D4A518BABF34B42A8AB004762799

8D633E653AF63A873C\

8FABBE8D095ED125D4539706932425E78C261E2AB9273D1775

78F20E38AFEF124E06\
8D230BA64AEB8FF80256EA015AA3BFF102FE652A4CBD33B40

36F519E5899316A6250\
840D141B8535AB560BDCBDE8A67A09B7C97CB2FA308DFFBAD

9F9
 

Looking very much like a modern cipher stream, we have to assume there is a key for decrypting, and of course... we were given it on challenge two.

 

In cryptography, PKCS #1 is the first of a family of standards called Public-Key Cryptography Standards (PKCS), published by RSA Laboratories. It provides the basic definitions of and recommendations for implementing the RSA algorithm for public-key cryptography. It defines the mathematical properties of public and private keys, primitive operations for encryption and signatures, secure cryptographic schemes, and related ASN.1 syntax representations.

 

Files that begin and end with these words have a very definite format. It is known as PKCS#1 and comprises of the following elements....

 

ASN 1 Header

Algorithm Version

Modulus (Absolute Value)

Public Exponent

Private Exponent

prime1

prime2

exponent 1

exponent 2

coefficient

 

Using OpenSSL, https://www.openssl.org/ which will give you all of the components of the Private Key by analysing the key file with the simple command:

 

openssl.exe RSA -in comp1.key -text

 

This command outputs the following....

 

Click on image to enlarge.

 

Public Modules (Hexadecimal)

37c004af3e8e80cb75b1530c9fb2dcf4d3ce4a828b52f6a848e0c5

d8358b266c8494de29472449857228178e06d077170c2a5d56ba

88d10725e2c57b0144eae94438871ab55a75d5983489b31f9ea4e

2bdb77ab7cff3dcaceaac592c83dc508a270c69cb664ea1649bcae8

e4e0dcd8d4d0ccc8c4c0bcb8b4b0ac9413823951f1

 

Public Exponent: 10001

 

Private Exponent (Hexadecimal)

135b5d8507606d41b79c992c61eab5a360435945986076fa194b

ca05f719587f074db51179fd1475fc1c0589afbe040b8192d813bb

f2b3391b2370d3f3addd2e4c26d31ba856f183cad9139538e7803

077a4f0d977f925b9c1d78f2ae5b031d8c30e3ab15c39ecf990b57

760a9cf957ec7edb39ce60bd1bb0429e8b4b1697b2d

 

You will need to use a RSA Decrypt Tool http://nmichaels.org/rsa.py

 

Click on image to enlarge.

 

Text Hex String Generated

0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x77 0x77 0x2e 0x77 0x68 0x74 0x72 0x65 0x67 0x65 0x73 0x69 0x65 0x74 0x2e 0x72 0x6f 0x63 0x75 0x2e 0x2f 0x6b 0x6e 0x65 0x67 0x69 0x61 0x6d 0x30 0x32 0x33 0x31 0x20 0x20 0x20 0x20 0x20 0x20 0x20 0x20

 

Hex String

20 20 20 20 20 20 20 20 77 77 2e 77 68 74 72 65 67 65 73 69 65 74 2e 72 6f 63 75 2e 2f 6b 6e 65 67 69 61 6d 30 32 33 31 20 20 20 20 20 20 20 20

 

Now convert the Hex to ASCII

http://www.rapidtables.com/convert/number/hex-to-ascii.htm

 

Click on image to enlarge.

 

Just place the Hex into a hex editor, and the next website will materialise. ww.whtregesiet.rocu./knegiam0231

 

Rearrange the characters  to revel you next website.

www.theregister.co.uk/enigma2013

 

 

Answer Part 3: enigma2013

 

 

GCHQ Can You Find It 2013 (Part 2)

 

GCHQ - Explore Another World - Challenge Two

 

 

When you arrive at the new website, download the file. As you can see it has the extension key. I can only assume it is some form of encryption key.

 

When you open the file, you will see the following....

 

-----BEGIN RSA PRIVATE KEY-----
MIIC2gIBAAKBgDfABK8+joDLdbFTDJ+y3PTTzkqCi1L2qEjgxdg1iy

ZshJTeKUckSYVyKBeOBtB3FwwqXVa6iNEHJeLFewFE6ulEOIcat

Vp11Zg0ibMfnqTivbd6t8/z3KzqrFksg9xQiicMactmTqFkm8ro5ODc2

NTQzMjEwLy4tLCslBOCOVHxAgMBAAECgYATW12FB2BtQbecm

Sxh6rWjYENZRZhgdvoZS8oF9xlYfwdNtRF5/RR1/BwFia++BAuBkt

gTu/KzORsjcNPzrd0uTCbTG6hW8YPK2ROVOOeAMHek8Nl3+SW

5wdePKuWwMdjDDjqxXDns+ZC1d2Cpz5V+x+2znOYL0bsEKei0s

Wl7LQKBgDfABK8+joDLdbFTDJ+y3PTTzkqCi1L2qEjgxdg1iyZshJT

eKUckSYVyKBeOBtB3FwwqXVa6iNEHJeLFewFE6uhVSior5HGPA

rFhsOQ0v9ob1NCV7P8M99qN4XplmX/xs05HgQCVh9aMWtiopKC

cmJSQjIiEgHx4dHBsU9JB+TvkAkB3dy53aHRzaXNpbGd1b2VjdHN

yZWhzcmkuZW9jdS4va2xidGVoY2VsIHkgICAgICAgICAgICAgICA

gICAgIAuPAkATpSSd/C5SIEAbUPk+ZYAdt7OYVzay7ViAiaukhkt

+/sJG+m8GmHnAKyLf9ohx3/aIcd/2iHHf9ohx3/ayirJPAkAIefJYEpd

AoRjJQCHPGUpOVjLiyQMyPcnsutG+ctAGGU8lZTDUyUim9V7iwq

TE4sKkxOLCpMTiwqTE4sKkxOFNAoGAFInzTsAOkauW3crd1XfxM

hxitUkapdQqlwvFhZuouNIybfEOfW6WkjtghBDyqf50cEFWXMJ7Vk8

mr6cwTosPvYKUVXKUCblretLTeU95TlbkprizPky++5b7pQuSi3mpL

Mi+6VgvcjTthfXPYNg2JjJpgmteC4felYL/2FTAmT8=
-----END RSA PRIVATE KEY-----

 

The code above is Base64, using a Base64 decoder copy and past the code in blue into the Base54 decoder, select ISO-8859-1 from the dropdown input charset hen click the DECODE button. www.base64decode.org.

 

 

Results from using the Base64 Decoder

 

Click on image to enlarge.

 

You should see something which resembles another website address: ww.whtsisilguoectsrehsri.eocu./klbtehcel y

 

Just swap alternate characters to revel another website address:

www.thisisgloucestershire.co.uk/bletchley

 

Answer Part 2: bletchley