Hacker News new | past | comments | ask | show | jobs | submit login

Spoiler:

... as it was said, the first brainfuck program prints xor-with-key. The second program doesn't output anything but it sets the memory "array" with 12 non-zero values. By XORing these values with the phrase present in the image (12 characters too) you get "35.205.32.11" which can be an IP (something in Google's ranges), geographical coordinates (interpreted as x,y they point somewhere in Israel, in fact) or I don't know whatever else.




The IP is only accessible from inside Isreal, use a proxy from there and the IP works.


This link leads to page with the first challenge: "Your help is needed once again to solve an urgent matter. Our digital forensics division is trying to track the source of a phishing attack on one of our government officials..."


HaHaha! (cit.)


Yeah that's HEX decoded but I don't think it has anything to do with the solution. I'm not sure though.


I think it's more a joke from the fake 'anonymous' hacker in context to the tech-news. After some testing I think the solution could be within this so called 'pass-through' attack which is described in the tech-news.

There is an 'admin' account, with whom I think you can access the /administration site. For now I think the solution could be with modifying cookies, maybe the session cookie (after you create an account and log in) to get access to the admin account


I think the exploit would have something to do with the PNG profile picture upload feature, I've figured out how to upload my own files but not sure what I can do with this.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: