

Finnish Defence Forces' Cyber Challenge - mdf
http://erityistehtavat.puolustusvoimat.fi/cyberchallenge.html

======
brunnsbe
In Finland we have a mandatory army service, this is the test you need to take
and send in your answer before 20th of July if you want to apply for the
army's cyber security division. More info here in Finnish:
[http://erityistehtavat.puolustusvoimat.fi](http://erityistehtavat.puolustusvoimat.fi)

~~~
airza
Too bad I can't apply from the US, it's fun :D

------
sampo
Link to Google cache:
[http://webcache.googleusercontent.com/search?q=cache:tPfs4yO...](http://webcache.googleusercontent.com/search?q=cache:tPfs4yOPZXQJ:erityistehtavat.puolustusvoimat.fi/cyberchallenge.html)

------
jakozaur
Spoiler alert! Answers below:

===

===

===

===

===

Ad 1. Someone tries to exploit Internet Explorer. You see a command line which
is subprocess of web browser (unlikely normal).

Ad 2. a) 16 days ~= (31337 __4) / (700 * 10 __9 * 3600 * 24) b) 10 days ~= 95
__9 / (700 * 10 __9 * 3600 * 24)

Ad 3. Lorem~Ipsum (Base64)

Ad 4. Yes. One of the programs guess the same as random, the other guess the
opposite of random.

Ad 5. QWErty

~~~
Retr0spectrum
8\. "password"

    
    
        $6$saltsaltsaltsalt$bcXJ8qxwY5sQ4v8MTl.0B1jeZ0z0JlA9jjmbUoCJZ.1wYXiLTU.q2ILyrDJLm890lyfuF7sWAeli0yjOyFPkf0
    

11\. (1/3)^3 + 3 * (1/3)^2 * (2/3) = 0.2592592 (can someone else please verify
this?)

26\. An attacker could work out the password reset token using the time.

Multiple SQL injection vulns.

Not a vuln, but a mistake - Line 6 of passwordRecover.php should be

    
    
        if ($_GET['token'] == $result[0]['pass_recover']){

~~~
S4M
For 11 I think you're wrong because you forgot the part: "As minutes pass, you
begin to vaguely remember lurking in your basement and typing the command
':(){ :|: & };:' in an _xterm_ session just before everything went black.".
The fact that you have a machine which has an xterm session means that it's
either an OS X or Linux Box, which rules out the possibility of having 3
windows boxes. So you have 1/26 chances of having 3 linux boxes and 3*2/26
chances of having 2 exactly 2 linux boxes, so in total it's 7/26 (or
0.2692307692307692).

~~~
Retr0spectrum
Yes, that would make more sense.

~~~
t0mk
ad 11. I think that all the possible "combinations" are not 27 but 10, because
e.g. tuples (Linux, Windows, Linux) and (Linux, Linux, Windows) are identical.
I.e you should count combinations not variations.

All the poss combinations: LLL, LLW, LLO, LWW, LWO, LOO, WWW, WWO, OWO, OOO

Then you cross out WWW (xterm constraint), and you have 9 combinations, of
which 3 are valid for the condition (at least two "Ls"). So 1/3.

Let me know if I got sth wrong :).

~~~
S4M
No, there are 27 combinations(when you still account for the fact that you can
have three windows machines).

You can see it in that way:

machine1: L, machine2: W, machine3: O machine1: L, machine2: W, machine3: W

The reason why it matters is that you have more ways to have exactly two linux
machines:

m1: L, m2: L, m3: O

m1: L, m2: O, m2: L,

etc.

That gives you 2*3 ways of having exactly two linux machines (you have 3 ways
of having exactly one non linux machine, and then this machine can be two
different things). If you say that LLO is OLL, you would have only 2 ways of
having exactly two linux machines.

Hope this makes sense.

~~~
t0mk
I see. LLO and LOL are different occurences and must be counted for. Thanks
for clarifying!

------
bryondowd
Anyone get a solution to 7 that doesn't involve a whole lot of steps? I did it
in 44 steps, with the same 4 step combo being repeated 10 times in a row to
work down to 0.3 liters.

~~~
deckar01
My breadth first search found that the shortest solution was 44 steps.

[https://gist.github.com/deckar01/beb96fc0afc0715f01bb](https://gist.github.com/deckar01/beb96fc0afc0715f01bb)

~~~
metafunctor
Most buckets are shaped like a truncated cone, so with a steady eye one should
be able to fill a bucket to exactly half (2.15 or 2.35 liters). However, in
this puzzle, this little trick doesn't help and the shortest solution is
indeed 44 steps.

~~~
thaumasiotes
How does being shaped like a cone frustum help?? Even if the bucket were a
cylinder (so filling it to half height got you half the volume), that would be
crazy difficult. With slanted sides, how could you possibly know how high to
fill for half the volume? Did you bring a protractor? Sextant?

------
green7ea
That is pretty cool. I liked q9 since they named the characters after the RSA
creators (Ron Rivest, Adi Shamir, Leonard Adleman) and the question is most
likely modular exponentiation.

------
bagosm
Lorem~Ipsum

)87*;+xorXOR

