The 9GAG “cracking” challenge

Yesterday, one of my students sent me this “cracking” challenge published on 9GAG:
9gag_challengeLet’s have a look at the different elements in this picture.

#1. Something like an URL:

5 has been added to what is already known.
A=F/Z=E
ri5mfxmnsl.sjy/hwduyt

#2. A strange code:

The above compliments the bottom.
HJTX3gAAAAOJmdoUawcJQzHWvjCxBYvrzBWDOBdkIykvyYDMTNNMBwv6GpuLi7L2tRy+eFdIIJG3nj9MXE2piWlZhbUgMHqG2dA7onq3A6xixXoxPV7QaWGZPc4dIQKH9vpFaYjcMe6Zjhf4fFJYkd7csHIimcVnAiODvhAbGvbdtV3x8Hi37gxPo+gZomf1moiwZ6+1/wOZ2cuurekuk/yHxXqSrUKYdUBJb3ClHZUGDP5kT4JGAwNE1b4z78xeZ5Eg93yvyZujSOvJLGZFhXFvAaEZRHurGDeh4EEdsf3iN+0SyJ/2ad6POsSL6B9c1QrXhe7yn5IDt3+snQv/QzYHwo+Ulyu2bHk=

What is inside #1?

There are several elements in #1:

  1. ri5mfxmnsl.sjy/hwduyt
  2. 5 has been added to what is already known
  3. A=F/Z=E

1 is similar to an URL. We can imagine that the author some kind of substitution cipher to encrypt the URL. From 2, we may think that 5 is a character to be removed from the URL. 3 seems to be partial substitution rules where each letter has been shifted by 5 (A=F, B=G…).

Let’s try a Caesar cipher with a shift equal to 21. Why 21 ? Because 21=26-5! For a given Caesar cipher with a shift equal to N, the inverse encryption is a Caesar cipher of 26-N. Therefore, 1 is decoded as: md5hashing.net/crypto.

Yep, #2 in the first list seems to be an MD5 hash! But what can we use for salt/password? In the 9GAG picture, there is a line in the bottom part: “I enjoy STEAK on my SALT”. Strange idea… Anyway, what happens if we try STEAK as the password to decode the MD5 hash ? Another URL \o/

https://www.dropbox.com/s/56lpr39lm4ecmxw/HELP.txt?dl=0

It contains some hints for further challenges but also another link: https://www.dropbox.com/s/18k3aui0bzlnraz/STEP%40.txt?dl=0

This new link contains an MD5 hash again:

HJTX3gAAAANNA/40EU8kVpgJTUxFSLmZBW3huxeAxqh504l4G+D386LGqrQII2kxdwVcXWJbTjBeOmQrFgqKq2bd2um1hXoqK471hmxfipYGccNtzs/P1gC3oBIJsbyng4AvXWcgArdhDkcWHJEhnpqKP+aAoD1FEyVT0ye0ZWYSfPQrt1wZG/UZQ7BMTh211tHF1eNII9SrE8ytV9a796a6VA2Yp3BdBLFX9pwMXb4o5zmUbNiRJSvG40RDlBWM0zr/ZJT01iGrXgj2Xe85b9ksBrd9m0ACS8p6ER3P+gX4XE+Z6i+qzrbdfy18YJFjqtw1D0XaM0CFqukw7DznPxmUnpmAN7qVM9+EYCipjzH9Qoy/N2q40hIfSj53x5eaKPwwTmT/NTNsRXVxUurzto5N1v1h90crDxNqBCafoPZCNtToc1MhnD9zPWwyOi5UHbm9beL3QRWzKj+58G2pesTFJG+csiEQV+yoLdw1c4J3/h4xmlFoSm6FtJxUpSBpE5y+mPQbmtqOfsgiztXC00nvlqeakFv1clEbqwFlfkBZeOdiP6X3Q6WopFGycebe0HF1MjpEwmZprDE1XgMeMvL5f0vzIsBogMPBoYN0hwxaaeijJzRb64awc+9+phILtGVoggGnAjv6Xip+qxVGxOheNJxOGP1fSn5F+mNaTlmqZvaAh6R/x8zmRrX53CmVXfR8OKvmOzVYC6foHOt+KcKggbQLrltz3YO9dQbwYLRfdPFPmxA9im98LK1q5aoCNET9lZ4Mw9sXzA48wJ4hNtAHEkY5vBo6b1g+9kBt1jB4VhhARmrqfvo+ywHSZld4rpY23yI8SBstnp5rx0Ca6TckIazeUv9KvQaFVRDX6F8YhdueqWsbUDDK9KnXRdeGDKyJYWnZJyIDTR+CHQbV8+ZqLFL01CZDxXpyscWFXRzzAbsPSxmqJOREzQoxf60Tk8nyL93vK9xOudpYw61h7FrIRx9Hh0irsIgubaL63t2fB8pM+j7rarHdBHyzEo8yPSLyBXp1BD2UXKiAWcJRGHvDg4+11ngb/WO7xNiKuGLksOmL9ToTxQCP2he1MF5+BwjSiruoMH/l2Gid6ABmZzLtUQLM6fMOoIJYSjaqNodgjPvbkLh5oIQzAuvKbQ7BcHKp1CwxXg2vVO2lpuLQsT9akIgDMU2krZGeUohCfiNNTRvxbpneLOJYGy1Qlg8TNikpnfYBvGq9QXB37OQV8NO8Z4ftGJQd4YbH2CEUGNGaLR4yfa12VEfPnmJueQq2Ybd0z5VHeD07QZse1ZNbcBipdOCg6UjIvtLKgIK8yT5xAoFmyr1eMKjjgS5U/jjj/8/DCgvDaNrnK/XbKc50cmQPJN8Vzvmed35zNTygjlSndF815n5hFduFGYV3/QPEO17R9Bdu3nLYnHCUJg10erSkUB6fGtZ/Pe+PelCZ5/ZuytD+uaJcyj8NOeBbjh+MTZSta7c2paXk+rt1zKTknAN15RiFyiBlFK3MpqKtAQypxAaUA74WqcW7egNOHcci9LGgV5hBzHHCIgOQ3nLjQOsA+7TsfUGBI+9FFV9OL2wWtBt+TtZ4gzNEQuSu9VvDiR6vQzWqkmkZRFk2iBirmCQ4bcZA/7wD2bqhP6fL6xzUCf0UZJ0HWplL2YhOXIDrbK9SUpCe9Tw3T1pU0sHhTQd9ZfMsYSyUWQQXPQ/Nt8gk+2Quiub53qOWAXbxk3oM96nP+KBI363YAqwone9khru6vk76DuJz4nPl25Ej9Byq9dXm7bTeKx0eEjmLyIrV67fSQJMfCVe51Ti1uq1pkvMnV0y6/Ee8r83oPvOJtnTA+16+TZdHv5KK5nP/MRh8Y7egaEroJ6x6Et1d2aHVJFlqw3JKPrRUjbg9UYxqgD1yFU4HL5P+OmQ8WpQ4Bcy5P3bxkG/d3kPYa/DBgVteDFzoHD/EVQA43MfHSjRGUDAVlqyFWfddHiGWfDF0viEofD9Mall5ffnuhpaZvkVUDlfxFFUH9IwF3Mih5n7yZizlzLSuD1VT8zgWstDh6Pr9I5n/i1nym3k52UM4k2NOPBCA7j9cGyU9HKTJcNfoDnYvRCGDbH4v013N81/RoPG+DsIbMRO9+PXL3UKxuHnb3DiV+bMqjbbjZoB/PVizJOg9PJOzhRD3hJys3njSruVElVaUdY9FQVk8BxkxY1Blcvh7JGwlfUbrxYn/74rzJWjzH3p6Nk+OA1DaTmxKm0rvTlO3RxBWmHtCPg6t9qx9GGBuAFq0OL6PnMTFH/6XJOtYlgjs0OVfwSS6CEr5ufKeCIf0P1hsJu1CJBNotIw0SRrt0sNfdQhSp+Gqv29xepxp2Zwbmk/6tJsNkp2Kj2oi+/uG/MOjQ46X5MMAWWIILpwMwIOxVfKnR+91F2ZLdSV39HSsl0kQkCile9RzNltuaudsrOxPcEAausYls42CAtSLabC3n2yI5AQRAwdu7fSo2Ovi1QMw3yeGk+u/4KjLXo/Iluldae1z8gMAGmduXeAwb4Wmhrc0yTl2iAjkT0D3To7aC/ofrWYU9YYZepRYyWACPqNUODFOQhJFlEimJ+XAUkkbM/eZbl6sLsStkduDtiUeI/RQEuVXq5aPNBGZnN25TdLn5KgLkoWdzn/XZDVc/pBsI1F2HxJDhEFx0/3GW7BzhALYg3kz7JwLseYbaSHvIoGdbryq6T5GXaTf/+Eaxw8YzgNfF/UETSsYMQww6v/jjuedsR4SVnK5JerwzzhPQdAOlKaQnoGSqcm8IK0+E7Mp+k7Gdwt2R3oCjJigc+zgid+JFowWiY1XXPDTmFSgKSvXkOl1dq3wRvHeX5w1AYaUXRb2D4kb+rNYiGZFglX55kA3hDa5B7gplSSBPLV5WtqGmVszseNWj71eGPNebxBJqNjvjF1Sime+XHBAVxJ8/Kubg6Vkdv17F6/DoF2BZ44bNB7kLIaqJqbPFZpQYhokXdyoru/Pqi0sm3xRKDUoII9QDnFspPzApHSAkGMl3WwxM3i+jofSmZerfAXo7CI3l5kyEqMnA0xPLoyLz/xFspK6oOgnzmRcSrfLMuXVUhvqZBLRbPWJ9CF3YXRmxzIPW4C2dhMcsUMskCGrcYadK8gBjrf1q9wqr4k81CJHp64Mg9+et2bixj0ZmGGqEaPTyMdBXw8UAeXagDlfYBwGcbqqfkIXv3ilV8n91qZAD3rPDzz9IE75sjNSqY6IgNtyyupRAHcexM7ME1Y9KijN5PsTz0WeY4nLCQWuNWbaOAhWogHo8+hSLXxogyY6AAjj134lut6krzOe790B8R31QWkwsCm9zuQrhKOjIURxf7TyRgv5Um/1b8GGKGeAegHy/nKACsGTeG/+8189XIVaDnMJvY/TR005+OFasGPo+aBFZa4r5upA2BGK5S8psdWJ2ZU0jL4oIGE1AfTApJN+EAWMqR/XiqgfwLZZe8m+4bk2vbs1nT+0a1q3HHcDZ89HRLDTkgz9pMPoW466vIhLPOqqDl9l0Y25o0brZRspQihBR4F6qys5DpNH1iyt09cg8GQ/KXolU5LCLdwf+r5bunjivlSFUFkg4cjF8Bp3SCx/qMq4nJMEsOJi/BLXajTsEmb/oaYxhC5i09xZ7VvnsQLOk3CxZ4am9VIHJcLk+hTB3Eay3p8LiTlEzito/TR/7ucJnE32MdRGlhzFuGe7wkpYr7AWQ6wJ1H8zium5j4d4mVZb7SBrg5gCqEGXjH3OQ+Kw4gcI5Gw9liMskkFg/c3dANNzZoaBBu7XSSvO96O7lwDxxqzTEfSpQGPILzAWpafqoveSalfcxu2oPg/hCC+G6Y9xM9PU+vF7mw7eWCBk7Bt70TCAZaFms03mwT8wQavlbpfjLmFtbMOqG/Oa/G2FonbaT+csIWQbSrCvCwBmv/3+AqGF1bzNEIdoqjd8VF/8ZnvdnWDpn9oi85a1sqzgDUkPVynd7wOx9wj/vYgg6GTi4vj3CDJfKKf1k9R19+nBpdeXrYTh45NFcplnNJEw6WJXKjwz6G9jeJTt4LWQl375UCVUlIJNOHjt2sN8ytICcfKLvWAsMhVj5Jj9dEn5i9C9uQNfUMM93nAeDx2IVZ4z+TtaVT9qG3XEazGo7gEGk3Y4TCTWQWijCMqH0FGgGqOSteWf7pMSj1UeePDm0Z7RZBekTXZo5479/Y7iYUM1/8x57OUxWQc9Rj3l3No63W6FdQ4hq9l75ekm88qmSJD+xOR6Aun46QGf2ze+2EwOuiz7HQiA3aT4tw/nPdKfIBqW+lUW7pfTlQ+dDAmMXi/41TpeECeXD6dY4acDARS+A4hftKlEVvYReb4MZG3M38rEVwSslHCqSoBwnmRjH1kqfsXBL0rcacfsf4hu8FVOpVWgD9zKNcbNexcCh1wxlKclQF+x1WQIR/+9moRIShJbu6W2SM7+3X76R1P1qYVxNH0mt7yuaIp636VxKGablOi8fSJol4vxaH55djadHq2ofUhv32OpR+K9zw4CVRwrm+U3j+ufRNeXFMuXUTXAg7zSzpE0Gl4SUvLQQqiuV3Z1hXWn47agnavWZgO2RrZsrfnYoFcsKrOg/f3G6FPCIXSLVwjDAZuwG0lNerPihyAvzUfE0JNt/fFo7wFtINY2S1AHoPKY0fE0wNwEA6LbLRReHZLEiXyIvdEwyvvdGSAuLpoUl4QPFJJpcgWvUCqtaFVK5q/h7qMqre1hFp/18MMHh2POYBrYCXcvEtnXpyOS8WCtwBBmdnqKgQptXjYTtk5HIiUlwXx/KkpBN0W8t4nE6MsrAqYzIH6Hjr3Af0zbqOzxsAO5ZH8qWMppJ/pnIndh4DvVaTqebCqcP8wScwdittppJ0W8AGz4ydr0oqFFtSpigIvxXUZCF5y8+8OhEKjmxl+EX+6mkNNF1sGNZ5DmR4xZ9lXN2z1VkiOcz3mgdUkA215iavBDQ2N0F4K6/+4kjEp3XjADFV0JGgbt3d3lXGNal/oUyYsqFO1MOvKXAqz7RiNI+1vS4+xb03w2wpXeCcbkpiV/UL6lofWZAOoSnECGG987iN67z9bNI70cJrnFvUX6Q42kB7vB14Cv4T+g18jsDULQSsXds4PLjvUeObsqkec1yZKBTMWglBLflQn7EG69+tLxcEdrQRCs3YU9kP0MSZAGjQTs912zOdWfaFjRgG+q6tiOUnU/GDOofLhX1L4oj1rCirzHvmFxc90kFEfmgzOH2UZ6xGzUiWagi5FQ/WAKzxEQhPn88q1C/Ln9C0SZmyp1hymX2Da1gGBWLSJcFKE+t7wrYMRWv7FoG5pEgskKS8u7eDbYwESJnsiYZrGAAerdojcQNzl8Gi0+wKEGUGk2Fz2FYcjuG+23lSWleZBDo0nGsr6U3KV8x2PQyI/wT4gFl03bzHqldhZWqei3xA4Ut4UHCaSm1STvahj9oDLpHx+9E9JuulM19TQpGOwG9MpXdGNRFtQ+mp0AXnGwkKn2PwZSUswaBXXTG2dfsogkx7MtPmu5U5fnQF7FxZ7nCPvkSIDyySpKxARWHmebujZT6ZFjD+cZW/pOm/WKcxEQYdCCRcXgV+V4QBKboU6dPV9Qw8prfJauWjBnUMbYW2kKkyv8kx5NZE0UGcYi0cwGcY4BwQ/VHq08sN6IXAb6MGnJm9niyzha5mvM6ReauYY/qYfLtCybG6tjn13EUHoe+Ha1/rnTR5nDCPYZsCGBVrZKyT6bOkH/OokBINFbl775jvimTMd2wJytmn0gsOs/HAw/9JXUshkHOYYM4VIIsxHatMK9QSt0sgVJs9OYNlVC+cFWtUiNoUD/eRy9SF/sp9Qgph/7T6JA216wUq2NmiqERF3ijsSt8A4WFsjrvF5qce2cjYLVFjnkw9GIp5i7PeKN5plh2IynM41d9B9tMJ8t1ivFdvZzXG3xqmkG+Drfcm+MZW8Qe5nf5d8NGg8wTGWVr0yQz3rbeylk9rQ7sSVB60toPpy/qcdl7+evZPGCgbKnqZzkXQ8ElWBZhdxSVg47WXEt55L0Qi9NeorXjajFrLn+6/MB4GgqiVdNwW2zMnnrqtB+FrUJzHrT+o7OzrJu7x2+C0fzAAYZ+1sKbdiaX1u2COx91R5cgYWjms2p7fSFvEs4t11Fvdsb0AYPJB8jLEQkugS/aiV/P1QgluURSciFhST3D4TD+Nc2y3qNi5uTuTIWIWM9Tzq3ke5qEvjzWj4bo1miJiIpC/DujZGEyYmCZ0TadTCZqvmFIb2CAEYl1TMGo1sXYlGx2PT6xFIPZyptTvczSjQtNcyMfIc6xdj9MUmvxzQDH9RxC+wSBevxmsaCT7Fz86UWPHxj3FpvxCzennMZ6ww4G6LyhKwNr56k7SUTR/o7M0tgzT16/1X3yvkAOWqzDlRuJ0Ru9mR1o6SkGqq+7+guYy64v/GDkXg9qi4fMB5ZL0oiPjzYw7hXnRB01iiDMP+v0sgIU221maw1nCON/DWUiSexZl9AsO6HO6vaacKxT4iQtaEBJAlC1fp+Yc9t9J2axtoUv5J2BjZU0sUwtjz4WYFiECzo2S5FtF/64f0CaVllEjkT29+8binlLp+xfBmM1dtLGrRNlvnmVB3ozB5oqtXxaXmDTiC5Y3EYSrqO/nOb5pokS6iQf1OMTbbdwqqKbKJnTJs2KGEjdNUGdW4XKX5dnagcQkZVOGb/bXZZ5b/UnWd+NyO4Ne+8eeJ4KL0U4IW4HumRCDTOFPR9+PHkZq1MvKXkzJO5AI5FRfDOi6THlQrr4xvF7V6eWRIEPu/OtE89Uo22lfzhk+KBKzxX3LT7SiLnVimZoSCchr3dbUHrnuPNeCvu9+Z9+52HMBOziWjfWc1hTZXhNu0LXP9jCFsDRpZbgbDklSw12zkcGsO/YKStOmCxRBiAhH7AE5hSCjrh6CroE8yj65mLA2LnlqL+f87Sdtemu6M2Pz2FojRapKmItRy9Cmjg1R6IorAcktLqEXTLz6/HkLAvfobrJHDIxC5V4x7SoH50HmgStE9vVxF6DgWzGuenMMvqCiNQBlc39RPNLAPMMBokXTKv7MrOeRaDBXSJKBpfW8iOjTMbEM7ZZ609Xu0ZDhfK67OaZsR3lEgZxAiAC7wOLpmgpw16vP/aIgNtEJVx4UUKFXqlOatCM0Diz4YwUVQHXs1hOPo7Hkn830DYQuWI6L4RbqTCEqbdNPUOK7uIMXiCK6xU2iTmJc+whLEnw2ZsnSlfUajeP8dcc/9IY/yIS0+UHhp0xB8jmIxmPyYJJ/Xubez6NFa7JUHybabwLHWbMcOYGqTvjqf6QFDeamMx6JaX85uETv0zucZqmZ0Xa65sROhSOXOO7kc4f289u8uTYIp7L+Wy1crWmlguzKyyUehgFAmm8FUSKGJTTKUQRblIVWMnbTA11ID4EeZaZ5jYx1RnmCpOoOs57r2u4jsklKXm7W3tVfP+idAaID2Byb9x6eXq/xBDOT4x8z7gEbn8+alps7qQzp0XGMyc7ByL8iyFZRhEwtiKrzS3CHNYz9U567qb+J9C4nNf2dD7mNq4wbad2eLrL/2Njd0WbZcTxC1NyyDdy4tU/P7xDXC/WbpIWx0HKHdJwJMoNJnazw3efcmXRyMJMHHQGpz/LQmazMfiFajZ/404Txl1SQvigmmeSgyvdMTA1/IGJMh/rnaIAK92rWm3vtM/89bt8Tm6zHtlZiVs0S6yDahTvuWzkvOtEgatlN4UrYPMBUFA/VX6cRZ5TZnwMfla5zuMZgBm9XNEn++6UPi0iTeVLpRhyNIxzwKeLaElidxP3+XmkMqx1IJbT6hIUPOFXVtwmGupv6XUooZyNwIYy8g6AdXLZKWE1xevLYNtAwr+9ZwLlr6eH+kGBHapBJyKNh+ZIs6xVc7g1bzZTgXs5qGAso3LN2VddAvXbvTJRJFdEruXZucrmwfUmJjcBX3PevYKucj8QtwOE3NrT5GynfZiPHHbrTqTBzEt4/OHAgDmGBwgreL9weX5Ki73qT/yq5HniyKo/cb2C/RlEZDMVzKIypCNsfiosNGE8RLnRCIwlSUbdq9YfRjlxEHJoKeHIjtE9uruzrkO09oOckAtsZbmOEfbQRIIE1UB2F312Eat90u/hU3pEVE7aNL2PQPRilIsHwNXjts6g6Rf8RtGx3AV4zroaJMi5msM25xoKYxtPU90PnH24BmRm2ZbFx5UqWxwh22PcLJJD1PNWntiZUOmOPRgjWq0fk8b5d9rlHcifWF9vxkZA0zmFj5Rd1wA/AON807qnsD8YoW6XvwVXGVugYGU9DuTHCyci3oUeTP6ZaNekOKSLSl8zfeWasszcuHNgNSzteR1oGvVi6Ql0W6pzKsymtdI9GOoN2TVc30/hAHP67gyYc5xiB61QUUgmjAAgToFUOYQ8c/mkQzZVetCDDxLW58dPBkM0k7oywH+Rs6jVxPb3CjQR9nInDF3U8MfZX3bg5YQHIIZJhd8JKoRi2wVf9Ygr9GfJC5UPNaThyb3YJNGbOXmvw8LxVeV2mjcn5MUCIOr2FLK+0lIFf5RsFlMxbdhIBhjqZowMjEwdTGXISS0qDKqWLzaCz/bw3ueNVn2alnH6T4ULjZbnZWtN5R9mOzZnOlmZjuDg8FoF4gxXOPvKtttmfWGRhYg7GKm6S0wP1mKfBHnYxuJ/JhnxVcaq8bADBNMgu6gHbf4JH2Z/hYtwANoeFqQV2jGL1+kElK/D3/FGWYKB4Gft6fo6iiqGheRoU9z7V4jaK4z+51tuK1Cq8jVAZuiKj7bprTpJZqVcMxXeI4iJCVIPRsXpwxvBdbGiaNwwdYEGdoIOIkRrXdP6ATTR7L0IrquRgsY9fqefOXDeCMS+j+zRxMPRq5BSEdwN4iTBt2viH63y4DkiwOA4OCbLnKXhJCePSuxCMGreN2bgJVD/DcQihGe7hEyCUTIdEGMgKZLPpJLREYmsVMz8wpPiE/Kb7HU3emIejSskbgWQChbbJKDujNsCbxZ6mNTu6nNhVNPe7FM9fQA77bIdACIRSP136QG4j879/F5DrpoKzHm0O3BA6iePrwU2IY47oHPBvvVvHflPhx9e8uBktPNJjKTSTNyDJ9R0e4+8Y3elL5WzHzDeeGGfa5w8xvW+z8mFBihu85yKbha+mgSHPygfvYcOhpuglUbilZKFM7hNtlgL10K+dgSvku23WaHtB1sC+e7zV9d4D+o33t/NnLsh2iyuPcxp5tKYQDPQDVk0m66ut5lWn0P7uRWFKd+ngIgU/J3rALkyh8WpjrqtAM80FBeLRLQWTumsTmz8yaNG8JbeeX1XL+u2HjNJLXQGNPkgRkzP2I6mYvHyTdQyleQ1gasUFgYEw==

“By the way, have you tried STEAK on your SALT?”. If we try again STEAK as the password:

00110100 00110111 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110011 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110011 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110011 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110001 00100000 00110100 00110111 00100000 00110100 00110001 00100000 00110100 00110111 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110001 00100000 00110100 00110011 00100000 00110100 00110001 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110001 00100000 00110100 00110011 00100000 00110100 00110001 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110111 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110100 00110111 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110100 00110111 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110001 00100000 00110100 00110011 00100000 00110100 00110001 00100000 00110101 00110100 00100000 00110100 00110111 00100000 00110100 00110111 00100000 00110100 00110011 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110011 00100000 00110100 00110011 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110101 00110100 00100000 00110100 00110111 00100000 00110100 00110011 00100000 00110100 00110011 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110001 00100000 00110100 00110011 00100000 00110100 00110001 00100000 00110101 00110100 00100000 00110100 00110111 00100000 00110100 00110111 00100000 00110100 00110011 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110001 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110001 00100000 00110100 00110011 00100000 00110100 00110001 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110011 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110001 00100000 00110100 00110011 00100000 00110100 00110001 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110111 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110001 00100000 00110100 00110111 00100000 00110100 00110111 00100000 00110100 00110011 00100000 00110100 00110111 00100000 00110100 00110001 00100000 00110100 00110111 00100000 00110100 00110001 00100000 00110100 00110111 00100000 00110100 00110111 00100000 00110100 00110011 00100000 00110100 00110001 00100000 00110100 00110111 00100000 00110100 00110011 00100000 00110100 00110001 00100000 00110100 00110011 00100000 00110100 00110111 00100000 00110100 00110001 00100000 00110100 00110011 00100000 00110100 00110011 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110011 00100000 00110100 00110001 00100000 00110100 00110111 00100000 00110100 00110011 00100000 00110100 00110111 00100000 00110100 00110011 00100000 00110100 00110011 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110011 00100000 00110100 00110001 00100000 00110101 00110100 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110001 00100000 00110100 00110011 00100000 00110100 00110001 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110011 00100000 00110100 00110011 00100000 00110101 00110100 00100000 00110100 00110011 00100000 00110100 00110111 00100000 00110100 00110001 00100000 00110100 00110011 00100000 00110101 00110100 00100000 00110100 00110011 00100000 00110100 00110001 00100000 00110101 00110100 00100000 00110100 00110011 00100000 00110100 00110011 00100000 00110100 00110001 00100000 00110100 00110111 00100000 00110100 00110001 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110011 00100000 00110100 00110011 00100000 00110100 00110001 00100000 00110100 00110001 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110100 00110011 00100000 00110101 00110100 00100000 00110100 00110111 00100000 00110100 00110011 00100000 00110101 00110100 00100000 00110100 00110011 00100000 00110100 00110011 00100000 00110101 00110100 00100000 00110100 00110011 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110001 00100000 00110100 00110011 00100000 00110100 00110001 00100000 00110101 00110100 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110100 00110011 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110011 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110001 00100000 00110100 00110111 00100000 00110100 00110001 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110111 00100000 00110100 00110011 00100000 00110101 00110100 00100000 00110100 00110111 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110101 00110100 00100000 00110100 00110001 00100000 00110100 00110001 00100000 00110100 00110111 00100000 00110100 00110001 00100000 00110101 00110100 00100000 00110100 00110011 00100000 00110100 00110001 00100000 00110100 00110111 00100000 00110100 00110011 00100000

In the first Dropbox link (HELP.txt), the author said that solutions may involve binary, hexadecimal and some ADN values. Let’s decrypt each pair of strings (00110100 00110111 for the first one) through this website: www.binaryhexconverter.com/binary-to-ascii-text-converter

47 47 54 54 43 54 54 43 54 54 41 54 54 43 47 54 54 54 41 41 47 41 47 47 54 54 54 41 41 43 41 54 54 54 54 54 41 41 43 41 54 54 54 47 47 54 47 47 54 47 47 54 54 54 41 41 43 41 54 47 47 43 54 54 43 43 54 41 47 54 41 54 47 43 43 54 41 47 54 47 54 54 54 54 41 41 43 41 54 47 47 43 47 54 41 47 54 41 41 54 54 54 41 41 43 41 54 54 54 43 47 54 54 54 41 41 43 41 54 54 47 47 54 41 41 47 47 43 47 41 47 41 47 47 43 41 47 43 41 43 47 41 43 43 54 41 43 41 47 43 47 43 43 54 41 47 54 47 54 41 43 41 54 47 54 54 54 54 41 41 43 41 54 54 43 43 54 43 47 41 43 54 43 41 54 43 43 41 47 41 54 41 43 43 41 41 47 54 43 54 47 43 54 43 43 54 43 54 54 54 41 41 43 41 54 47 54 43 54 54 47 54 54 43 54 54 54 54 41 41 47 41 54 54 47 43 54 47 54 54 54 54 54 41 41 47 41 54 43 41 47 43

Now, it seems that we have hexadecimal values. If we have a look at www.asciitable.com, we obtain:

G G T T C T T C T T A T T C G T T T A A G A G G T T T A A C A T T T T T A A C A T T T G G T G G T G G T T T A A C A T G G C T T C C T A G T A T G C C T A G T G T T T T A A C A T G G C G T A G T A A T T T A A C A T T T C G T T T A A C A T T G G T A A G G C G A G A G G C A G C A C G A C C T A C A G C G C C T A G T G T A C A T G T T T T A A C A T T C C T C G A C T C A T C C A G A T A C C A A G T C T G C T C C T C T T T A A C A T G T C T T G T T C T T T T A A G A T T G C T G T T T T T A A G A T C A G C

The genetic code is composed of codons (groups of 3 letters, https://en.wikipedia.org/wiki/Genetic_code):

GGT TCT TCT TAT TCG TTT AAG AGG TTT AAC ATT TTT AAC ATT TGG TGG TGG TTT AAC ATG GCT TCC TAG TAT GCC TAG TGT TTT AAC ATG GCG TAG TAA TTT AAC ATT TCG TTT AAC ATT GGT AAG GCG AGA GGC AGC ACG ACC TAC AGC GCC TAG TGT ACA TGT TTT AAC ATT CCT CGA CTC ATC CAG ATA CCA AGT CTG CTC CTC TTT AAC ATG TCT TGT TCT TTT AAG ATT GCT GTT TTT AAG ATC AGC

Let’s assume that this is our final step. We can expect to get a Dropbox link as for previous files (HELP.txt and STEP.txt). In all URLs, there are specific characters we may decode by ourselves.

TTT AAC ATT

First step: we have these codons twice at the beginning of the URL. Let’s make TTT AAC ATT \Rightarrow /.

GGT TCT TCT TAT TCG TTT AAG AGG / / TGG TGG TGG TTT AAC ATG GCT TCC TAG TAT GCC TAG TGT TTT AAC ATG GCG TAG TAA / TCG / GGT AAG GCG AGA GGC AGC ACG ACC TAC AGC GCC TAG TGT ACA TGT / CCT CGA CTC ATC CAG ATA CCA AGT CTG CTC CTC TTT AAC ATG TCT TGT TCT TTT AAG ATT GCT GTT TTT AAG ATC AGC

Then, TGG \Rightarrow w.

GGT TCT TCT TAT TCG TTT AAG AGG / / w w w TTT AAC ATG GCT TCC TAG TAT GCC TAG TGT TTT AAC ATG GCG TAG TAA / TCG / GGT AAG GCG AGA GGC AGC ACG ACC TAC AGC GCC TAG TGT ACA TGT / CCT CGA CTC ATC CAG ATA CCA AGT CTG CTC CTC TTT AAC ATG TCT TGT TCT TTT AAG ATT GCT GTT TTT AAG ATC AGC

Then, TTT AAC ATG \Rightarrow .

GGT TCT TCT TAT TCG TTT AAG AGG / / w w w . GCT TCC TAG TAT GCC TAG TGT . GCG TAG TAA / TCG / GGT AAG GCG AGA GGC AGC ACG ACC TAC AGC GCC TAG TGT ACA TGT / CCT CGA CTC ATC CAG ATA CCA AGT CTG CTC CTC . TCT TGT TCT TTT AAG ATT GCT GTT TTT AAG ATC AGC

Then, TTT AAG AGG \Rightarrow :

GGT TCT TCT TAT TCG : / / w w w . GCT TCC TAG TAT GCC TAG TGT . GCG TAG TAA / TCG / GGT AAG GCG AGA GGC AGC ACG ACC TAC AGC GCC TAG TGT ACA TGT / CCT CGA CTC ATC CAG ATA CCA AGT CTG CTC CTC . TCT TGT TCT TTT AAG ATT GCT GTT TTT AAG ATC AGC

Now that we are done with specific characters, let’s try to replace letters. It is assumed that we are looking for a Dropbox URL. Al their URLs start with https://www.dropbox.com/s/ and ends with ?dl=0. If we make the related substitutions:

h t t p s : / / w w w . d r o p b o x . c o m / s / h AAG c AGA GGC 0 ACG ACC TAC 0 b o x ACA x / CCT CGA CTC ATC CAG ATA CCA AGT CTG CTC CTC . t x t ? d l = 0

From this step, how could I continue? I decided to write all codons in the alphabetical order (very important!) with the substitutions already done. It turns out that:

  • It seems that the last codons follow the alphabetical order.
  • We had 0 for the codon AGC.
    • 9 numbers before 0 and a 26-number gap between 0 and a. Hum…
  • After several tries, the solution was:
    • Numbers from 1 to 9 then 0.
    • Capital letters from A to Z.
    • Letters from a to z.

Finally, the full table is as follows:

Codon Dec. Codon Dec. Codon Dec. Codon Dec. Codon Dec. Codon Dec. Codon Dec. Codon Dec.
AAA 1 AAC 2 AAG 3 AAT 4 ACA 5 ACC 6 ACG 7 ACT 8
AGA 9 AGC 0 AGG A AGT B ATA C ATC D ATG E ATT F
CAA G CAC H CAG I CAT J CCA K CCC L CCG M CCT N
CGA O CGC P CGG Q CGT R CTA S CTC T CTG U CTT V
GAA W GAC X GAG Y GAT Z GCA a GCC b GCG c GCT d
GGA e GGC f GGG g GGT h GTA i GTC j GTG k GTT l
TAA m TAC n TAG o TAT p TCA q TCC r TCG s TCT t
TGA u TGC v TGG w TGT x TTA y TTC z

If I “inject” this table in the partially-deciphered URL, we obtain: https://www.dropbox.com/s/h3c9f076n0box5x/NOTDICKBUTT.txt?dl=0

Another Dropbox link (with a Dickbutt form :p). This ASCII art contains several Dropbox links. In fact, this is only one link copied-pastes several times: https://www.dropbox.com/s/sj4cww1ucab1cxk/End.txt?dl=0

This last link just forward to a Dropbox folder: https://www.dropbox.com/sh/zhfzzq2yok2xb5q/AADICepZkb8wzMFjYDxZhG9Ha?dl=0

Here are the rewards! Challenge done.

hackerman