Challenge: Kryptic Ransomware

brueh · January 24, 2020, 6:49pm

come on… it has not even started yet…

brueh · January 24, 2020, 6:50pm

but never mind…any nudges appreciated… for me too … (as soon as this challenge has been published)… … …

clubby789 · January 24, 2020, 8:31pm

Am I missing something obvious? The only thing I see that could be dug into is a parked domain.
E: Got very basic leads, but not sure what’s in scope…

H0CTP0M0 · January 24, 2020, 8:49pm

Tried tracing the domain’s IP but coordinates wouldn’t work…

BlWasp · January 24, 2020, 10:17pm

I have tried like 3 or 4 different coordinates from various ways, nothing works…

Ljugtomten · January 24, 2020, 10:30pm

Currently stuck…
Tried the GPS coordinates (in DMS format) for city in europe and the building (not in europe) for the big event the leader tweeted about… Anyone got a nudge if I’m barking up the wrong tree or if I’m getting closer?

Kucharskov · January 24, 2020, 10:35pm

Done with one hint. Hardest part for me is calulating correct DMS format.
At first i tough: whois creating that strange challenges?
Then i sang a song with bird and cat

As always we can bruteforce that challenge with two nested for’s loop from 0 to 90 with 0.000001 step. Its only 90 000 000 * 90 000 000 attempts. Easy

clubby789 · January 24, 2020, 10:54pm

Owned, thanks to @Kucharskov for keeping me in the right direction

GhostSquad · January 25, 2020, 12:14pm

Got it. Thanks @clubby789

LukuRajad · February 1, 2020, 2:26pm

I found the position but when i get “Sattelite is repositioning…”
Is this a bug or the challenge is not over yet lol ?

clubby789 · February 1, 2020, 2:28pm

@LukuRajad said:

I found the position but when i get “Sattelite is repositioning…”

The website is basically a wrapper for AES decryption, using your coords as the key. That error means that there was an error during decryption. Your coords/format is wrong

juwilie · February 6, 2020, 11:51am

i guess challenge got broken.
pm’ed author

RedNas · February 7, 2020, 2:02pm

Found some interesting

!WHOIS records
but got stuck after that. The coords linked to those weren’t correct so I must be barking up the wrong tree. Time to try harder.

SEBLOG · February 8, 2020, 5:08pm

Done.
But now its challenge dont work how it must do.
We can’t finish this challenge without help now.
If you need help pm me.

Dethread · February 9, 2020, 6:23am

Yeah, the challenge looks broken now for the first step. I solved it a few days ago but when trying to help someone just now, I saw the information has changed now and I don’t think one can get past the first step without help. Needs to be fixed.

roaldnefs · February 9, 2020, 11:45am

The first step is indeed broken, send me a PM if you need help.

scoobay · February 11, 2020, 3:38pm

Finally got this… thanks to @roaldnefs for the first hint(which is now gone) and the nudge

0ba1 · February 13, 2020, 9:13am

Any updates? is it still broken?

SiegeCMD · February 15, 2020, 2:23pm

Done.
Thank you @roaldnefs for sending me the right information after it got broken.
That was really fun.

ThunderM · February 15, 2020, 5:43pm

After PM’ing @roaldnefs, I believe I was already past the “broken” part and got the required info. Now I just need to dig deeper for more information I guess. Will update if I manage to get further or solve the challenge.

For now my tips would be:
don’t rely on WHOIS, as that got changed.
remember it’s an OSINT challenge.