Chapter ٣
The Holy Book
of Reddit
So, we click on the link and…
well, it seems we haven’t solved the problem just yet!
well, it seems we haven’t solved the problem just yet!
This is how the page looks now…
… and this is how it looked almost 10 years ago – 8 days after the start of the quest.
You see, after one of the Reddit redesigns, the background image disappeared from the page header, and messages were sorted not by publication date, but by popularity.
So, judging by the hint, we are dealing with a book cipher. What is it?
So, judging by the hint, we are dealing with a book cipher. What is it?
A more advanced encryption method than the Caesar code. It is much more reliable and at the same time easier to use. The essence of the book cipher is that we replace the letters or words of the original message with the numerical place at which they occur in the key book. For example, if the key book is the Declaration of Independence, then the name of our channel
S U M S U B
can be written as
9 12 28 10 23 32
Please note that I encrypted the same pairs of letters S and U with different numbers, it is almost impossible to decrypt such a cipher without having a key. Of course, an attacker can try to pick up the key text, but this will only work if something very popular was used for encryption — for example, the Bible.
It was by uncovering a key book that one of the three cryptograms describing the legendary treasures of the gold digger Beale was hacked at the end of the 19th century. In this case, Beale — like me — used the text of the Declaration of Independence for encryption.
But what books he used to encrypt the two remaining notes is still not known. For decryption, enthusiasts have already gone through more than 8,000 different texts, but thus far, this search has not been fruitful. Therefore, $30 million worth of treasures is still hidden somewhere in Missouri.
But what books he used to encrypt the two remaining notes is still not known. For decryption, enthusiasts have already gone through more than 8,000 different texts, but thus far, this search has not been fruitful. Therefore, $30 million worth of treasures is still hidden somewhere in Missouri.
Beale cipher #2
We will get a similar result if we try to directly decipher the message we received. Look, these are the first four titles.
Ukbn Txltbz nal hh Uoxelmgox wdvg Akw; hvu ogl rsm ar sbv ix jwz
mjotukj; mul nimo vaa prrf Qwkkb aak kau ww Ukpsf, ogq Kzpox vvl luf
yh Qsrjfa, hvu Ktp hzs lbn ph Kipsy; ttv Sdmehpfjsf tad igr
rcbkfgaplvj am uswrerwptk la hox cazkwn. Agk wx wm fhpwln ds ztovSo, let’s cross-reference those numbers that we found in the 1, 2, 3 and 4 lines!
Here is a book code. To find the book, and more information, go to https://www.reddit.com/r/a2e7j6ic78h0j/
1:20
2:3
3:5
4:20In the first message, the 20th letter is U,
3rd letter in the second is o,
5th in the third — s,
20th in the fourth — e…
U-o-s-e — we made a mistake somewhere.
3rd letter in the second is o,
5th in the third — s,
20th in the fourth — e…
U-o-s-e — we made a mistake somewhere.
However, the book in which we are trying to search for letters is not at all similar to an ordinary book. Apparently, it is also encrypted!
There are more than 80 messages on the page — meaningless sets of characters of different lengths. And pictures have been added to two messages. The first is a doormat with the inscription Welcome. The second is a stereo picture made with the help of an "Easy stereogram builder".
There are more than 80 messages on the page — meaningless sets of characters of different lengths. And pictures have been added to two messages. The first is a doormat with the inscription Welcome. The second is a stereo picture made with the help of an "Easy stereogram builder".
The images again do not look like those that were used before. However — you probably already guessed what to do with them. That's right, check for a hidden message using OutGuess.
It seems that 3301 is afraid that fake hints will appear on the Internet in the wake of interest in his riddles. Therefore, it will now sign all messages with an electronic digital signature. Please note that for this, 3301 uses a program for another open operating system – Linux. This is the development of the famous Finnish programmer Linus Torvalds.
Unlike OpenBSD, this operating system can be found not only on servers but it is also used on office computers, laptops and even game consoles. This is one of the most popular systems of the UNIX family. But still, according to statistics, no more than 5% of Internet users used Linux in 2011.
The second interesting point is that the server of perhaps the best technical institute in the world — the Massachusetts Institute of Technology, the legendary MIT, is used to work with keys.
Unlike OpenBSD, this operating system can be found not only on servers but it is also used on office computers, laptops and even game consoles. This is one of the most popular systems of the UNIX family. But still, according to statistics, no more than 5% of Internet users used Linux in 2011.
The second interesting point is that the server of perhaps the best technical institute in the world — the Massachusetts Institute of Technology, the legendary MIT, is used to work with keys.
Linus Torvalds
Otherwise, the text of the message gives very little information. I will only note that the double space is still in place, but the first line begins with an extra character. The hyphen looks out of place there.
Rather, it is a sign of direct speech, and it is put here to enhance the solemnity of the entire phrase. I have never seen this in letters, chats or messengers, it is typical for books or essays.
Rather, it is a sign of direct speech, and it is put here to enhance the solemnity of the entire phrase. I have never seen this in letters, chats or messengers, it is typical for books or essays.
Sumsub
The phrase about patience is hard to understand now in 2021, but in 2011 it was absolutely appropriate — 3301's messages on Reddit did not appear immediately but were added one by one for a couple of weeks.
The second message is more interesting.
The second message is more interesting.
The first line sounds like a mockery — the key is right in front of our eyes? Most likely, we are talking about the symbols in the Reddit header. And then the picture jokes about itself. Take a closer look, the author chose a fragment of a picture about King Arthur as the background of the stereo image. In addition, if you know how to look at stereo pictures, you will be able to make out something similar to a cup.
It seems that this should be associated with the Holy Grail. According to legend — this is the cup into which the blood of the crucified Jesus flowed. According to legend, King Arthur and the Knights of the Round Table were looking for it. According to legend, it gives divine knowledge and even immortality.
Now I'm starting to feel like Indiana Jones!
And the following phrase also attracted my attention. Do you know what the letters KISS mean? No, this is not the name of a grandfather rock group. This is a shortening of one of the main principles of programming — Keep It Simple, Stupid!
The word KISS is often used in correspondence by programmers to slow down overclocked colleagues. I have two very good friends who are professional programmers, and I’ve seen them use this term.
It seems that now, I should take this advice myself.
The word KISS is often used in correspondence by programmers to slow down overclocked colleagues. I have two very good friends who are professional programmers, and I’ve seen them use this term.
It seems that now, I should take this advice myself.
Let's think about the image in the Reddit header.
And this is the easiest part of the puzzle. What worried superstitious people the most in 2012? That's right, the end of the world predicted by the Mayans! There was even a film about it.
Look at the photo of this stele with the calendar from La MojArra. Do you see similar symbols in the left column?
Yes, both on the stone and in the Reddit header, Myan numbers are being used. These numbers have long been deciphered.
Yes, both on the stone and in the Reddit header, Myan numbers are being used. These numbers have long been deciphered.
Unlike us, the Maya used a twenty-digit counting system.
2, 6, 8 and 0 in the header clearly coincide with the Arabic numerals of the section title. Let's rewrite all the Mayan numbers in Arabic format and get the string:
And now let's continue with the title. While it has this form:
And its beginning coincides with the Mayan key. So the letter A turns into 10, E into 14, and so on. As a result, we get the following sequence:
10 2 14 7 19 6 18 12 7 8 17 0 19
And now let's continue with the title. While it has this form:
a2e7j6ic78h0j7eiejd0120
And its beginning coincides with the Mayan key. So the letter A turns into 10, E into 14, and so on. As a result, we get the following sequence:
10 2 14 7 19 6 18 12 7 8 17 0 19 7 14 18 14 19 13 0 1 2 0
It looks good. But what should we do with all this now?
Do you remember at the beginning of our quest,
we decrypted the message with the Caesar code?
In Caesar code all the letters were shifted by the same value — the shift step. But what if each letter was shifted by its own number of steps.
The shifting will effectively be determined by our digital key. That is, we will shift the first letter by 10 steps, the second by 2, and so on. Such a complicated shift is called a Vigenère cipher.
The shifting will effectively be determined by our digital key. That is, we will shift the first letter by 10 steps, the second by 2, and so on. Such a complicated shift is called a Vigenère cipher.
Blaise de Vigenère
The algorithm appeared fifteen hundred years after Gaius Julius Caesar’s invention. But it was not used in practice until the end of the sixteenth century when its description was discovered by Blaise de Vigenère.
In those years, he worked as an ambassador in Rome and spent a lot of time in the Vatican library. He is like a French Robert Langdon.
The most interesting thing is that the principle of successive permutations of Vigener formed the basis of Enigma — the very German cryptosystem that was hacked by specialists from Bletchley Park during the war. Vigener applied separate shifts to each letter, and the Enigma mechanism repeated Vigener's approach for encoding a single character.
In those years, he worked as an ambassador in Rome and spent a lot of time in the Vatican library. He is like a French Robert Langdon.
The most interesting thing is that the principle of successive permutations of Vigener formed the basis of Enigma — the very German cryptosystem that was hacked by specialists from Bletchley Park during the war. Vigener applied separate shifts to each letter, and the Enigma mechanism repeated Vigener's approach for encoding a single character.
The classic Vigener substitution table looks like this
It contains only letters — there are no numbers or signs. So, we need to alter our key in accordance with this table. There is a 0 in our key, so we will start numbering with it. It will correspond to the letter A.
After the conversion, our digital key will turn from a combination of numbers, to a combination of letters:
After the conversion, our digital key will turn from a combination of numbers, to a combination of letters:
kcohtgsmhirathosotnabca
Text:
Ukbn Txltbz nal hh Uoxelmgox wdvg Akw; hvu ogl rsm ar sbv ix jwz
Key:
kcohtgsmhirathosotnabca
Viginer tool on boxentriq.com
"King Arthur was at Caerlleon upon Usk; and one day he sat in his"
It looks like a meaningful text! We managed to decrypt the codebook, and now we can use it to decrypt the main text.
But…
Don't you think all this is a little strange and redundant?
Don't you think all this is a little strange and redundant?
Sumsub
Now that we know the flow of decryption, everything is logical. The individual steps are simple and use well-known encryption algorithms, but the chain of reasoning is getting longer and longer. At each step, we have to check new programs, algorithms and approaches. One person will obviously not be able to cope with this. So maybe the task was initially designed for collective work, right?
Version III. We are Anonymous. We are Legion
Let's remember what the main event of that time in the world of information security was. Of course, the appearance of LulzSec!
In May 2011, LulzSec hacked the servers of the American TV channel PBS and posted fake news that the rapper Tupac Shakur, who was killed in 2006, is actually alive and hiding from everyone in New Zealand.
And then they also published the usernames and passwords of PBS employees and website visitors. The action was perceived as revenge for the film about wikileaks.
Then the hackers set their sites on Sony - first, they hacked the Japanese division of Sony Music, then the Belgian and Dutch divisions of Sony BMG, and then they hacked the network of the Sony Pictures film company. As a result of these actions, more than 70,000 Sony user accounts were compromised.
This time, the hackers were taking revenge for the persecution of the PS3 hackers. The damage to Sony was measured in millions of dollars.
But their competitors from Nintendo were much luckier. LulzSec also hacked their network, but they did not publish the data. “We're not targeting Nintendo. We like the N64 too much — we sincerely hope Nintendo plugs the gap." - hackers stated.
Then the hackers set their sites on Sony - first, they hacked the Japanese division of Sony Music, then the Belgian and Dutch divisions of Sony BMG, and then they hacked the network of the Sony Pictures film company. As a result of these actions, more than 70,000 Sony user accounts were compromised.
This time, the hackers were taking revenge for the persecution of the PS3 hackers. The damage to Sony was measured in millions of dollars.
But their competitors from Nintendo were much luckier. LulzSec also hacked their network, but they did not publish the data. “We're not targeting Nintendo. We like the N64 too much — we sincerely hope Nintendo plugs the gap." - hackers stated.
On June 10, the group made the data of 26,000 government officials who visited porn.com publicly available. Three days later – part of the senate.gov user correspondence became available too.
In addition, LulzSec managed to paralyze the websites of the US Senate, CIA units and the Serious Organised Crime Agency (SOCA).
Unexpectedly, on the night of June 26, the group announced its dissolution.
In addition, LulzSec managed to paralyze the websites of the US Senate, CIA units and the Serious Organised Crime Agency (SOCA).
Unexpectedly, on the night of June 26, the group announced its dissolution.
In fact, LulzSec existed for only 50 days, but during that time, it managed to commit more than a hundred cyber attacks.
This is surprising, considering that the group consisted of only seven people. Of course, they themselves would not be able to cope with the huge amount of routine and monotonous work on hacking such complex systems. The group’s members have adopted the experience of large companies.
Each of them recruited third-party performers to work on different projects. The structure was organized in such a way that many of the performers did not even know what they were working on.
So maybe 3301 is a recruiter of
the same hacker group?
This would explain the secrecy and anonymity — unlike government organizations, hackers have to hide. In addition, it would explain the specific operating systems and software that the author of the riddles used.
Unfortunately, there are two strong arguments against this version!
Even a quick solution of the 3301 quest does not indicate a high qualification in any way. It cannot be used to judge the knowledge of network technologies, current encryption methods, or social engineering skills. Real hacker quests look quite different.
Go to over the wire, pwnable or reversing.kr and see for yourself. Unlike 3301's riddles, an untrained person here is unlikely to understand anything except for individual words.
Go to over the wire, pwnable or reversing.kr and see for yourself. Unlike 3301's riddles, an untrained person here is unlikely to understand anything except for individual words.
Well, secondly, the history of LulzSec itself speaks against such an assumption. The FBI agents managed to arrest the group’s members. Moreover, they didn’t even have to carry out complex attacks in the cyber world. Everything is much simpler.
The group was handed over by an embedded informant. A traitor. A snitch.
And at the beginning of 2012, literally everyone knew about it. Therefore, the participants of real hacker groups were, not without reason, afraid of new members.
They got rid of the participants who caused even a little bit of suspicion. And when you start to be afraid of old friends, it's unlikely that you’ll look for new ones, let alone in such a suspicious way.
The group was handed over by an embedded informant. A traitor. A snitch.
And at the beginning of 2012, literally everyone knew about it. Therefore, the participants of real hacker groups were, not without reason, afraid of new members.
They got rid of the participants who caused even a little bit of suspicion. And when you start to be afraid of old friends, it's unlikely that you’ll look for new ones, let alone in such a suspicious way.
So, let's move on to the next level of our game!
Thanks to the decryption of the codebook, we can decrypt the message that led us to reddit. It's funny that the text turned out to be one of the stories about King Arthur...
We live in a time when the internet is assuming a massive role in our lives, and it’s not just because we can order new shoes while on the toilet, or binge seven seasons of The Office in a row.
Today, the internet poses very real dangers for our privacy, personal security, and even our identities. That’s why we’re here to keep you safe. Ready to venture into the online jungle with us?
Today, the internet poses very real dangers for our privacy, personal security, and even our identities. That’s why we’re here to keep you safe. Ready to venture into the online jungle with us?
Sumsub
Every week we upload a new video, offering unique insights from the security experts at Sumsub — an international security company that builds tools to fight money laundering, terrorist financing, and online fraud.
Join us