## A [Joint] Effort

A forum for good logic/math puzzles.

Moderators: jestingrabbit, Moderators General, Prelates

y2x1zq
Posts: 1
Joined: Sun Jun 05, 2011 9:37 pm UTC

### A [Joint] Effort

01000001 01101100 01101100 00100000 01111001 01101111 01110101 01110010 00100000 00110010 01011110 00110110 00100000 01100001 01110010 01100101 00100000 01100010 01100101 01101100 01101111 01101110 01100111 00100000 01110100 01101111 00100000 01110101 01110011 00111010 00001101 00001010 01100001 01001000 01010010 00110000 01100011 01000100 01101111 01110110 01001100 01111001 01101000 01011000 01100001 01000111 01010110 01110101 01001001 01000111 01101100 01111010 01001001 01000111 01000101 01100111 01011010 01000111 00111001 01110110 01100011 01101001 01000010 01110101 01100010 00110011 01010001 01100111 01011001 01010011 01000010 01101011 01100010 00110010 00111001 01111001 01010000 01111001 01101011 01110101 01001011 01000100 01100111 01110100 01100010 01000111 01010110 01101110 01011010 00110010 01010110 01101011 01001010 00110011 01001101 01100111 01011001 01010111 01001010 01110110 01011010 01000111 01010110 01111010 01001011 01010011 00110101 01101010 01100010 00110010 00110000 00111101

Ankit1010
Posts: 135
Joined: Fri Feb 11, 2011 11:32 am UTC

### Re: A [Joint] Effort

Translated to ASCII codes, i get:
All your 2^6 are belong to us:
aHR0cDovLyhXaGVuIGlzIGEgZG9vciBub3QgYSBkb29yPykuKDgtbGVnZ2VkJ3MgYWJvZGVzKS5jb20=

Also, every bit in the 2^7 (but not 2^6) position is 0, maybe the quote is referring to that? Don't know how to decipher the garbage below the quote yet.
EDIT: Maybe "A JOINT effort" means the rest of the garbage after the "All your 2.... to us:" is encoded in some different manner.

jaap
Posts: 2094
Joined: Fri Jul 06, 2007 7:06 am UTC
Contact:

### Re: A [Joint] Effort

Ankit1010 wrote:Translated to ASCII codes, i get:
All your 2^6 are belong to us:
aHR0cDovLyhXaGVuIGlzIGEgZG9vciBub3QgYSBkb29yPykuKDgtbGVnZ2VkJ3MgYWJvZGVzKS5jb20=

Also, every bit in the 2^7 (but not 2^6) position is 0, maybe the quote is referring to that? Don't know how to decipher the garbage below the quote yet.
EDIT: Maybe "A JOINT effort" means the rest of the garbage after the "All your 2.... to us:" is encoded in some different manner.

It's base64 encoded. Decoding that string gives

Code: Select all

`http://(When is a door not a door?).(8-legged's abodes).com`
Last edited by jaap on Mon Jun 06, 2011 12:54 pm UTC, edited 3 times in total.

Ankit1010
Posts: 135
Joined: Fri Feb 11, 2011 11:32 am UTC

### Re: A [Joint] Effort

jaap wrote:
Ankit1010 wrote:Translated to ASCII codes, i get:
All your 2^6 are belong to us:
aHR0cDovLyhXaGVuIGlzIGEgZG9vciBub3QgYSBkb29yPykuKDgtbGVnZ2VkJ3MgYWJvZGVzKS5jb20=

Also, every bit in the 2^7 (but not 2^6) position is 0, maybe the quote is referring to that? Don't know how to decipher the garbage below the quote yet.
EDIT: Maybe "A JOINT effort" means the rest of the garbage after the "All your 2.... to us:" is encoded in some different manner.

It's base64 encoded. Decoding that string gives

Code: Select all

`http://(When is a door not a door?).(8-legged's abodes).com`

Oh, nice. Gotta decode the two brackets now i guess. (8-legged's abodes) is probably "webs"

jaap
Posts: 2094
Joined: Fri Jul 06, 2007 7:06 am UTC
Contact:

### Re: A [Joint] Effort

This points towards this website:

Ankit1010
Posts: 135
Joined: Fri Feb 11, 2011 11:32 am UTC

### Re: A [Joint] Effort

jaap wrote:This points towards this website:

More puzzles! Lets keep working.

Ankit1010
Posts: 135
Joined: Fri Feb 11, 2011 11:32 am UTC

### Re: A [Joint] Effort

Looks like we need to figure out the encoding he uses on the site, and then enter the encoded version of "CINDER" into the box.

Ankit1010
Posts: 135
Joined: Fri Feb 11, 2011 11:32 am UTC

### Re: A [Joint] Effort

Just take the whole string of numbers top to bottom including the letters as a hex value. Convert that to ASCII to get:

iF A HuNDReD Is Four, cAPitalIzATiON "couNTs" mOrE.?

sfwc
Posts: 225
Joined: Tue Mar 29, 2011 1:41 pm UTC

### Re: A [Joint] Effort

Take the pattern of capital and lowercase as binary and convert to ascii, you get `whale', which moves you on to the next problem, which is morse of:
YKTYOZOBK
[YAHPKIZ]Y
Rot-6 gives
SENSITIVE
[SUBJECT]S
Last edited by sfwc on Mon Jun 06, 2011 1:24 pm UTC, edited 1 time in total.

Ankit1010
Posts: 135
Joined: Fri Feb 11, 2011 11:32 am UTC

### Re: A [Joint] Effort

sfwc wrote:Take the pattern of capital and lowercase as binary and convert to ascii, you get `whale', which moves you on to the next problem.

Next part looks like morse code, but translates to this:
yktyozobkyahpkizy

Ankit1010
Posts: 135
Joined: Fri Feb 11, 2011 11:32 am UTC

### Re: A [Joint] Effort

The title of this page is WOODEN, last page was CINDER. (for some reason i think theyre related)

Token
Posts: 1481
Joined: Fri Dec 01, 2006 5:07 pm UTC
Location: London

### Re: A [Joint] Effort

I'm betting those words are going to be relevant later (along with "joint" and "subject").
All posts are works in progress. If I posted something within the last hour, chances are I'm still editing it.

darkpyro
Posts: 1
Joined: Tue Jun 07, 2011 4:47 am UTC

### Re: A [Joint] Effort

yktyozobkyahpkizy is a caesar cipher for sensitivesubjects. All one word.

Лом
Posts: 13
Joined: Fri Jul 23, 2010 1:02 pm UTC

### Re: A [Joint] Effort

Well, I found the protection on page where it check for correct answer is easy to crack using dictionary attack.
Do not look inside spoilers, unless you really stuck.

1:
Spoiler:
whale

2:
Spoiler:
arthritis

3:
Spoiler:
Theseus

4:
Spoiler:

5:
Spoiler:
electron

6:
I do not have this word in the default linux wordlist.
If anyone can point me to more complex wordlist, I will check it out.

cjr22
Posts: 29
Joined: Thu Mar 20, 2008 12:14 pm UTC

### Re: A [Joint] Effort

For 6 (title MENTAL) I note that:
Spoiler:
It's a simple substitution code, a-> z, b->y, c->x and so on. This gives
"when hell's inferno comes, hot fire rains into everlasting night.
deluges of furnace heat obliterates repugnant, unholy sinners
while onlookers, unrepentant, lament days wasted.
ages now these themes have endured. ghastly individuals facing
the gutter impart vows, expecting no transformation.
out of ungratefulness resides holiness, even righteousness."
-originator?

But googling the first line doesn't return anything useful. I suspect it's a translation.

Edit x2:
Spoiler:
No, not a translation, just look at the first letter of each word:
"Which friend of Horus would want the gift given to our hero?"
Assuming the hero in question is Theseus (from the earlier answer) then the gift is a ball of string. That leads us to "Bastet" the Egyptian cat-goddess, which is the answer.

That takes us to the final puzzle, where the answer can be found by noting:
Spoiler:
The titles are all words that can be followed by "block"

Finished! Although only from 6 onwards. Perhaps we could backsolve the brute-forced answers?

As for SENSITIVE [SUBJECT]S, I guess the idea is to replace the word in brackets with that from the subject of this topic, giving SENSITIVE JOINTS, resulting in the answer of
Spoiler:
arthritis.

futurityverb
Posts: 7
Joined: Wed Apr 27, 2011 4:49 am UTC

### Re: A [Joint] Effort

Лом wrote:Well, I found the protection on page where it check for correct answer is easy to crack using dictionary attack.
Do not look inside spoilers, unless you really stuck.

Creator here,

This is a little sad, although I'm impressed. What could I have done to prevent this? My free web host limits me to client-side scripting, as far as I know. I used a salt, reasoning that that would protect me from rainbow tables, but I didn't consider brute forcing.

cjr22
Posts: 29
Joined: Thu Mar 20, 2008 12:14 pm UTC

### Re: A [Joint] Effort

Other puzzle trails use the approach of putting the answer in the URL. E.g. if the puzzle is here:

Code: Select all

`www.mycleverpuzzletrail.co.uk/level1/`

then I enter the answer "allyourbase" by directing my browser to

Code: Select all

`www.mycleverpuzzletrail.co.uk/level1/allyourbase.html`

Which is effectively what the MD5 bit of your script does. You could skip the SHA1 bit, and just use the MD5 bit and have a custom 404 page to tell you you got the wrong answer. (Although thinking about it, you could even do without the MD5 in this scenario). Then the only way to brute force it is to hammer your server.
Two other tips - it was annoying that pressing return didn't have the same effect as clicking on the button to submit an answer. And it was also annoying to have reached the end and then have no way of letting you know / showing off without posting here.

Good puzzles, though. I'm still looking at the ones that got skipped.

For number 4, the one labelled "WRITERS'":
Spoiler:
First translate decimal to ASCII. We get:
You have the key already. It came out of the blue.

Vdem ynt wqe hnqm, F wooewq.
Wr ynt cqnv to, rn ln F.
F vwji wr ynt vwji, rjeeo wr ynt rjeeo.
Wml vdem ynt lfe, F wk jfbejerr.

I was able to crack this substitution cipher by hand, noting F was probably "I" and the pattern wooewq was likely to be either "appear" or "annual". After that, I realised the clue about the key was pointing to "whale", a previous answer which could be blue. I'd tried it earlier, but the wrong way round.
Anyway, this gives
WHEN YOU ARE BORN, I APPEAR.
AS YOU GROW UP, SO DO I.
I WALK AS YOU WALK, SLEEP AS YOU SLEEP.
AND WHEN YOU DIE, I AM LIFELESS.

Лом
Posts: 13
Joined: Fri Jul 23, 2010 1:02 pm UTC

### Re: A [Joint] Effort

futurityverb wrote:Creator here,
This is a little sad, although I'm impressed. What could I have done to prevent this? My free web host limits me to client-side scripting, as far as I know. I used a salt, reasoning that that would protect me from rainbow tables, but I didn't consider brute forcing.

md5 + custom 404 page is a neat idea. Just remove sha1 at all.
Also, do not forget to put proper robots.txt, so your site will not get indexed by google when people using chrome solve the puzzle etc.

Edit: I do not think anyone will use rainbow tables to hack puzzle site

futurityverb
Posts: 7
Joined: Wed Apr 27, 2011 4:49 am UTC

### Re: A [Joint] Effort

Webs doesn't allow custom 404 pages sadly. Thanks for the feedback and suggestions, though. I'll try to figure something out.