impossible-challenge.md

If it's so easy to guess a uuid, here you go

I ran crypto.randomUUID() twice on my machine.

The first ID was 15041508-fd38-4eda-bc1d-7b74e4738cd9

The second? That's your challenge.

I encrypted a text file with the following command:

openssl enc -aes-256-cbc -salt \
  -in impossible-challenge.txt \
  -out impossible-challenge.txt.enc \
  -pass pass:{2nd-uuid-goes-here}

If you can crack this UUID, I'll give you $1,000.

Tbh it will probably easier to brute force the decryption than to guess the right ID.

glhf 🫡

URL: https://ezkf3xv6eh.ufs.sh/f/3odeDX4eRzTNTR6yUXl7hyMRY9qSDBodia428EnbJtWKgZzp

I have been waiting for hours and hours trying to crack this UUID with my setup but it seems like its an impossible task so Im making my repo public now for anyone else who wants to give it a try

I have used Rust and CUDA to accelerate the brute force process getting ~55M UUIDs/sec :)

Good luck to anyone still working on it theres very little time left but u might get lucky idk
https://github.com/ImPavloh/uuid-cracker

It was fun :)

I have been waiting for hours and hours trying to crack this UUID with my setup but it seems like its an impossible task so Im making my repo public now for anyone else who wants to give it a try

I have used Rust and CUDA to accelerate the brute force process getting ~55M UUIDs/sec :)

Good luck to anyone still working on it theres very little time left but u might get lucky idk https://github.com/ImPavloh/uuid-cracker

It was fun :)

just checking: it looks like OpenSSL uses MD5 as a default key derivation function, tho you are using SHA1. However I am not sure and not a crypto guy at all.

just checking: it looks like OpenSSL uses MD5 as a default key derivation function, tho you are using SHA1. However I am not sure and not a crypto guy at all.

I confirm, EVP_BytesToKey with MD5, you need to add the -pbkdf2 flag for this use case

wait, this point took me to https://stackoverflow.com/a/16056298 which says https://robertheaton.com/2013/07/29/padding-oracle-attack/ can work

wait, this point took me to https://stackoverflow.com/a/16056298 which says https://robertheaton.com/2013/07/29/padding-oracle-attack/ can work

A padding oracle attack requires interacting with a system like an web server, not with an encrypted file locally.

we could bruteforce actual words in the english dictionary i'd imagine it would be quicker to do the whole proces that way

i'm wondering do yall really believe you can crack that or what?! xhxxhaxha.. oh my gosh, what an audience.

i'm wondering do yall really believe you can crack that or what?! xhxxhaxha.. oh my gosh, what an audience.

Yes.

Hey guys, ive made some pretty ground breaking discoveries haha, currently running this on a i9 12900k at 4.3ghz which is 24 threads, but wait im also using a GTX 1650 S, i see the twitter post only 2 hours ago sadly, but in the 2hrs ive manged to HIT a AVG OF 1.82B/sec

I plan to upgrade the gpu maybe tomorrow if i find a good deal.
So technically this is now possible ? with a super computer? the answer is NO ...
doesn't mean this isnt possible, because this doesn't account for the probability of luck

Is this the correct UUID?

wtf is going on here.

Pro tip: If you switch to quantum brute-forcing, you might shave it down to a mere 10²⁰ years. Let me know when you’ve got a working qubit array handy.

Is this the correct UUID?

@t3dotgg

Is it the correct one?

Is this the correct UUID?

@t3dotgg

Is it the correct one?

Why not checking yourself first?

openssl enc -d -aes-256-cbc -salt \
  -in impossible-challenge.txt.enc \
  -out impossible-challenge.txt.dec \
  -pass pass:7dbf5a58-3163-4e43-b06e-9957168c40fc
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
bad decrypt
40C8BCEE01000000:error:1C800064:Provider routines:ossl_cipher_unpadblock:bad decrypt:providers/implementations/ciphers/ciphercommon_block.c:107:

cat impossible-challenge.txt.dec
ThK�n���|E�̵�z<3*�hJ�n���;gpϹ��`�q�sFn��%                                                                                                                                                                                                             

Is this the correct UUID?

@t3dotgg
Is it the correct one?

Why not checking yourself first?

openssl enc -d -aes-256-cbc -salt \
  -in impossible-challenge.txt.enc \
  -out impossible-challenge.txt.dec \
  -pass pass:7dbf5a58-3163-4e43-b06e-9957168c40fc
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
bad decrypt
40C8BCEE01000000:error:1C800064:Provider routines:ossl_cipher_unpadblock:bad decrypt:providers/implementations/ciphers/ciphercommon_block.c:107:

cat impossible-challenge.txt.dec
ThK�n���|E�̵�z<3*�hJ�n���;gpϹ��`�q�sFn��%                                                                                                                                                                                                             

The words from the decrypt must be valid English

checking

Is this the correct UUID?

@t3dotgg
Is it the correct one?

Why not checking yourself first?

openssl enc -d -aes-256-cbc -salt \
  -in impossible-challenge.txt.enc \
  -out impossible-challenge.txt.dec \
  -pass pass:7dbf5a58-3163-4e43-b06e-9957168c40fc
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
bad decrypt
40C8BCEE01000000:error:1C800064:Provider routines:ossl_cipher_unpadblock:bad decrypt:providers/implementations/ciphers/ciphercommon_block.c:107:

cat impossible-challenge.txt.dec
ThK�n���|E�̵�z<3*�hJ�n���;gpϹ��`�q�sFn��%                                                                                                                                                                                                             

Saw the tweet in transit, still in transit.

is the content of the file "The quick brown fox jumps over the lazy dog"?

Guys I think I found it, is it 892ca870-c4bf-4d1b-9ebe-c98003454635?

Oh shit wrong account

hello from stream

Thank you @t3dotgg i had the time of my life. i feel like we need to sign a yearbook or something

We.re.gonna.be.friends._.mp4

Theoretically, and that caries a lot of meaning in this sentance, if you knew a way to predict openSSL's RAND_bytes method's next output from it's previous few inputs. In this case [21, 4, 21, 8, 253, 56, 78, 218, 188, 29, 123, 116, 228, 115, 140, 217]. You could get the next few bytes, meaning you could know what the rest of node's uuidData variable is filled with, meaning you could convert that to hex and format it into a UUID. Only issue is the whole predicting openSSL's RAND_bytes method's next output.

My very smart friend solved this challenge and called me over to show me the solution. But when I got there, the police was all over, and I heard he was shot dead. Apparently he hacked into NSA or something.

The bastard had a failsafe that wiped his computers clean with the DoD 5220.22-M algorithm. Now there's no chance of getting that solution.

My very smart friend solved this challenge and called me over to show me the solution. But when I got there, the police was all over, and I heard he was shot dead. Apparently he hacked into NSA or something.

The bastard had a failsafe that wiped his computers clean with the DoD 5220.22-M algorithm. Now there's no chance of getting that solution.

Damn you police! shakes fist