GCHQ Can You Crack It 2011 (Stage 1)
The three stages within
the challenge are designed so that participants can demonstrate the
basics of analysing shellcode and obfuscation mechanisms, reverse
engineering of malicious binary code and vulnerability analysis. These
techniques are fundamental skills for a cyber security specialist at
This starts with the main image on the canyoucrackit.co.uk site. To solve this stage it is necessary to identify that this is code that can be run by an Intel x86 compatible processor. After analysis, it is clear that this machine code implements the RC4 decryption algorithm, and is able to decrypt a block of data that is hidden inside the PNG file, in a comment tag. Once decrypted, this data reveals the location of stage 2 of the challenge.
Dr Gareth Owen
School of Engineering
University of Greenwich
Click on Image for more information.
School of Computing
University of Portsmouth
Can You Crack It Stage 1 Part 1
Can You Crack It Stage 1 Part 2
GCHQ Can You Crack It 2011 (Stage 2)
Can You Crack It Stage 2
GCHQ Can You Crack It 2011 (Stage 3)
stage is a reverse engineering challenge. An executable file can be
downloaded from the location revealed in stage 2. This executable parses
a license file - if it gets given a correct input, the challenge is
revealed to be over, and a link to the 'success' page is provided to the
We included a number of ways that this stage could be solved, as we are interested to see how people would attack the problem - coming up with innovative solutions to seemingly impossible problems is the day job at GCHQ. For example, there has been some comment by security experts on the fscanf buffer overflow that we included in this executable - one option to solving the problem would be to use this overflow to skip over certain checks in the executable. Other alternatives for this stage involved breaking the weak crypt, patching the executable directly to bypass the check, or analysing the assembly instructions and realising that this was all a complete diversion.
Can You Crack It Stage 3
This website address will revel the Key:
Enter Keyword at http://www.canyoucrackit.co.uk click submit.
You will then be redirected to URL: