# הפתרון לחידת המוסד 2018

### Shabak Challenge 2018 in Software and Data Science

https://www.israelneedsu.com/

To get into Challenges Web Page you need to find and enter password: `JOINUS`

https://www.chronuscity.com/challenges/2018/shabak_challenge/

## Challenge-1

Use Brute-Force for ZIP file

``````wget http://etgar.eastus.cloudapp.azure.com/software/clues.zip
sudo apt-get install fcrackzip
unzip clues.zip﻿
``````

Python Script need to be fixed:

[——–Start————–]

```from PIL import Image,ImageFont
import textwrap
from pathlib import Path

def find_text_in_image(imgPath):
image = Image.open(imgPath)
red_band = image.split()[0]
xSize = image.size[0]
ySize = image.size[1]
newImage = Image.new("RGB", image.size)
for f in range(xSize):
for j in range(ySize):
if bin(red_band.getpixel((f, j)))[-1] == '0':
imagePixels[f, j] = (255, 255, 255)
else:
imagePixels[f, j] = (0,0,0)
newImgPath=str(Path(imgPath).parent.absolute())
newImage.save(newImgPath+'/text.png')

find_text_in_image("clue.png")﻿```

[——–End————-]

Decypt of file clue.png give image with text:

#### Binary, Start 10,000 place, Fibonacci

This need to be used on Second Image clueTwo.jpg, no need to convert it.

10000buts / 8 = 1250 decimal place in file.

Use Binary Viewer on file clueTwo.jpg and start reading characters from Address 1250 by Fibonacci sequence.

Fibonacci Sequence: 1,2,3,5,8,13,21,34

``````1=y
2=o
3=u
5=g
8=o
13=t
21=i
34=t
``````

`yougotit` add spaces and yo got secret answer `you got it`

Here is my video on how to solve it: https://youtu.be/m1NY8JyOT_0

## Challenge-2

1. First fix JSON file from `"value": ?` to `"value": "?"`
2. Top Level Keys in JSON are HEX values of Gematria: https://en.wikipedia.org/wiki/Gematria
3. In JSON text you can see a lot of `u05` values, this is Unicode for Hebrew latters: https://en.wikipedia.org/wiki/Unicode_and_HTML_for_the_Hebrew_alphabet
1. Value in JSON is SUM of Decimal values of all Unicodes in this ‘text’
2. Count all missed ‘Value’, which represented by `"Value"= "?"`
3. In JSON you can see few keys which called differenly than TEXT, this is actually two clues :), if you collect all those words you will get:
``````return
in
base64
sum
of
values
below
median
``````
1. You need to calculate MEDIAN
2. Calculate SUM of all values which are below MEDIAN, you should get `2501577`
3. Encode calculated SUM to base64 value to get Final Password: `MjUwMTU3Nw==`
4. You are done.

Here is my video on how to solve it: https://youtu.be/Hqsyi1UkjvA

## Challenge-3

1. Import log.cvs file into any SQL database to simplify data analyzis
2. But before this we need to add into first row few more fields for some junk data

You can edit this file with any editor which can handle 10.000.001 lines. We need to change just first line

From `uid,uip,date,url` To `uid,uip,date,url,hara1,hara2,hara3,hara4,hara5`

On Linux it’s very fast:

``````wget http://etgar.eastus.cloudapp.azure.com/software/TheUsualSuspect.zip
unzip TheUsualSuspect.zip
sed -i "1s/.*/uid,uip,date,url,hara1,hara2,hara3,hara4/" log.csv
wc -l log.csv
``````
1. hint.txt contain ‘uid’ – userID of suspects on which we need to base our search
2. I’am using SQLite Browser to import and run SQL Queries https://sqlitebrowser.org/

SQL Queries:

`List number of use per IP per UserId`

```select uid,uip, count(uip)
from 'log-fixed'
where uid ='4918'
group by uip
order by count(uip) desc```

`List IP addresses and userID with usage number 601`

```select uid, uip, count(uip)
from 'log-fixed'
group by uid,uip
HAVING COUNT(uip) = 601
order by count(uip) desc```

Most used IP addresses for guys from `hint.txt`

``````UserID	Most used IP	Count of use
2449	104.45.191.227	601
6796	138.27.249.121	601
9237	130.76.88.3	601
4024	230.167.210.226	601
3538	67.141.120.237	601
3608	162.219.33.114	601
7239	143.204.212.207	601
435	68.17.81.83	601
2211	114.79.247.223	601
5206	10.192.20.173	601    <--- Private IP Address
``````

Here is my video on how to partialy solve it: https://youtu.be/XON76wBHpIk

Solution for Challenge-3 is: `41.239.144.6,103.205.114.34,127.95.83.100`

## Mazal Tov Agent A!

• It works quite well for me

• I precisely desired to appreciate you once again. I do not know the things that I would have tried in the absence of the entire aspects shown by you regarding this subject. This was a intimidating condition in my view, however , viewing the professional style you solved that made me to leap for delight. I will be grateful for the work and as well , sincerely hope you realize what a great job you are always putting in teaching some other people through a blog. I’m certain you have never encountered all of us.

• I must show appreciation to this writer for rescuing me from this trouble. After browsing through the internet and getting tips which are not pleasant, I figured my life was well over. Being alive devoid of the solutions to the difficulties you have fixed by means of the blog post is a crucial case, and the ones which could have adversely affected my career if I hadn’t noticed your site. Your personal mastery and kindness in maneuvering a lot of stuff was invaluable. I don’t know what I would’ve done if I had not come upon such a subject like this. I’m able to at this moment relish my future. Thanks so much for your impressive and sensible help. I will not be reluctant to propose the blog to anybody who needs and wants care on this subject matter.

I as well as my pals were analyzing the good procedures on your web page and then before long developed a horrible feeling I had not expressed respect to the site owner for those techniques. All the young boys were definitely thrilled to read through all of them and have now pretty much been taking advantage of those things. Appreciation for simply being considerably kind and for getting this sort of helpful things most people are really wanting to understand about. My very own sincere apologies for not expressing gratitude to earlier.

• I definitely wanted to develop a brief note so as to thank you for all of the lovely techniques you are writing at this site. My rather long internet look up has finally been honored with good strategies to go over with my good friends. I would suppose that many of us site visitors actually are rather endowed to exist in a remarkable site with so many perfect professionals with good strategies. I feel somewhat happy to have come across the webpage and look forward to plenty of more entertaining minutes reading here. Thanks again for all the details.