Well it seems pretty obivious to me that the dll is doing the encryption, only since burningmace has said so.

To fix program and allow it to run see my post above regarding regsrv32.

You can try if you like, but killing a mace that'll disintegrate anything that comes within 10 feet of it can be hard.
Anyway, the algorithm isn't really much different in this version. Unless you got past my algorithm's confusion techniques, it won't affect you (i.e the core cipher was altered, not the outer shells of ciphers and confusion).

Also, this version should regsvr32 the DLL for you

I'll just have to use my Disintegrated-Style martial arts. Yes, you will have to die then.

Oh, and on a side note, the DLL may do the encryption, but you'd be better off using the application that uses it than trying to implement your own app. Trust me.

Yeah, I just figured that out... So what, I have to initialize the dll with some password before it will spit out nice encrypted text?

Now I have to build all my testing material by hand using the app... which I had mostly done before with the original app but then decided to make my own vb app to generate it all. I JUST got it working when i checked the forums and learned the bad news. Dang!

gerrrr... *assumes disintegrator stance*


So is challenge 8 to write a program that uses the DLL, bypassing or some how figuring out the super secret init pass?

If you like... in fact, yes. That's going on my site

UPDATE: Added as challenge 8. I must stress that what the challenge readme says, goes.

I think you should facillitate learning here by including a free or open source compiler/ide with the challenge. That way everyone who doesn't normally program will be better able to participate.

You should write a solution to this challenge with some free or open source compiler/ide before including it, just to make sure its do-able. (Just don't give us the solution.)

Also, would you be interested in puzzles that aren't encryption puzzles? For example, here are two puzzles I've started creating and will give to you if you want them:

Challenge: We have obtained a copy of a small module used by Orion Systems. The module acts as a security authenticator for a internal program used by their executives. Examine the module and determine at least three passwords that will be accepted by it.

Challenge: Orion Systems engineers utilize some in-house software that automates data entry of some common chemical names. We've obtained a copy of this module. Modify one byte and one byte only of the module so that the wrong chemical names are submitted by the module. You may only modify one byte so that we can replace their existing module without being detected by the system monitors. This hack should throw the Orion Systems engineers off for several weeks.

As long as open-source compilers take standard VB/C++ code, then there's no problem. Things like Visual Fred (which aren't actually compilers for VB, but variants of the VB language) won't work.
If you think about it, it is an obviously possible challenge, as I've already done it by having my program... feel free to rip apart Challenge7.exe in a disassembler (I recommend Heaventools PE Explorer, which I believe you can download a free trial of) to see if you can find a solution.

Also, could you explain those challenges further? By 'module' do you mean a DLL, or a VB module, or something completely different? If I understand the challenges, then probably. I'd probably split them into a different section though, away from the crypto challenges.

Each "module" is a simple .com file that I've compiled from assembler source.

The first challenge would perform some sort of weak hash (one byte) on the password supplied and see if it matches a pre-determined value.

The second challenge would build output from several strings stored in the com file. The challenge is to figure out which byte (an instruction or parameter) can be changed that would give different output.

I understand the second one, but not the first.
From what it looks like, you mean reverse engineering challenges.
Just to make sure, would the following class as a challenge...?
I make this EXE in C++ (don't worry if the ASM is a bit off, it's just an example) The challenge would be for you to find that code (inside the __asm block).
Of course, with a little research, most people could do this with a hex editor (or a decompiler, I have both and could use either to do it).

That sorta thing?

On a side note, Challenge 9 now available.

Oh yes.

http://www.onlink-mod.net/forums/viewforum.php?f=28

Further posts regarding challenges are to go into there.

Also, ConstableBrew, are you done fixing my site yet?

About your site: I've gotten a bit distratced trying to make my little challanges... Once I get my first one done I'll do your site for ya. It would make it alot FASTER (i.e. I would do it right away) for me if you could zip all your site files and email them to me.

You have it. And I expect they would use a hex editor/debuger/disassembler. I don't know how you could do it otherwise.

In which case, sure!
What I'll probably do is start writing these types of challenges in C++, as it's much easier to disassemble/hex-edit than VB.
Anyway, this convo should really go into the new forum now!

Apart from the discussion of getting my site fixed, that is ^.^
I'll zip and send tonight.

K, got it to work, thank you
But now, when I ran it and tried what outputs it gives me, I was like OH CRAP!