Follow us on Twitter!
Few are those who can see with their own eyes and hear with their own hearts. - Albert Einstein
Wednesday, April 23, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 20
Guests Online: 16
Members Online: 4

Registered Members: 82877
Newest Member: MWiki
Latest Articles

Stegano #7 and SQL

Arrow Image A simple approach to JOIN power



You might thinging.... \'hei! what SQL has to do with this challenge\'!
Well... I like imagination more than deliberation... and I \'ll explain.

Here is the problem.
I have the following wordlist:
1. word1.1, word1.2
2. word2.1, word2.2
3. word3.1, word3.2

I want to create a sentence by using the above words in the word list according to the following rule:
RULE: Create a sentence from the wordlist by using only one word per wordlist-line. No word must be used twice.

So, what are the possible combinations?
Answer: Every word of line N with EVERY word of other lines.
Ex:
word1.1 word2.1 word3.1
word1.1 word2.1 word3.2
word1.1 word2.2 word3.1
word1.1 word2.2 word3.2
word1.2 word2.1 word3.1
....

All possible combination is the Cartecian Product (come on!!! dont hate mathematics!!!) of the lines in my wordlist:
One word with all others except the words in line that belongs.
The cartecian product is the result of an SQL join of two or more tables without any join condition.
So, if i create the tables:
table1 (column1 varchar(10));
table2 (column1 varchar(10));
table3 (column1 varchar(10));

and i put in table1 all words in line 1 of my wordlist, in table2 all words in line 2 in my wordlist,... etc.

Then if i run the SQL query:
SELECT *
FROM TABLE1, TABLE2, TABLE3

I will get all sentences that follow the rule i set above!
Try it!! there is a lot of fun there!

Now, I come to Stegano 7 challenge.
We have the same problem here... with commas... x,y
So, create a word list with.... how many???? ... well ... 5 lines (i.e. 5 tables)!
Create the tables as above... and run the query.
The result is a set of sentences.
Try them... one by one... you will be surpised of how... quick you\'ll get the 50 points!

Comments

SlimTim10on August 24 2006 - 22:21:32
I've done Stegano challenge 7 and this doesn't seem to have anything to do with it. No offense, but did the admin(s) even read this before uploading it?
a-hackon August 24 2006 - 23:35:03
Excellent article 100,000/10;I think it should be nominated article of the year, and the admins always say my articles suck :evil:
Thiseason August 25 2006 - 08:17:42
There two kiinds of ppl... those that understand nad those that doesnt. If you doesnt then... better thinking twice (maybe more) before you make an offensive remark... Anyway, thanks 4 your time guys.... but maybe you could spend more on this!
Thiseason August 25 2006 - 08:50:23
a-hack!!! I dont like your ATTITUDE man!!! ITS TO IRONIC AND ARROGANT!! If you dont understand this then better behave like SlimTim... than make ironic remarks!!!!!! I dont like to make comparisons but just 4 your info i progam from 1983 and i hack from 1988.... I tell you this, because I want to underline that I know what i m writting!!! You better do the same! Dont stuck on the mission itself!!! Knowledge must be as open as possible and must be a result of many combinations.... even with SQL.... Did you note that the first thing to note in the article is imagination.... did you note? unless you dont have.
The_Cellon August 25 2006 - 17:22:15
It is a nice wayto solve it and if you did it this way, fine with me. Many ways lead to Rome. Hacking is also about using something in a way that the creators didn't intend to be used. In this case: I don't think any of the HBH staff or the developer of this challenge thought one would solve it this way.
Thiseason August 25 2006 - 18:51:51
The_Cell,... thnx!! I did it using this method, in 45 minutes (most time spend to understand the algorithm... you kow... word1 , word2 with commas). English is not my natural language so, I use this way to see all the possible sentences to choose which of them make more sense to me.... and I succeded for the very first... Thnx 4 your coment... (i needed it) Wink
SlimTim10on August 26 2006 - 20:52:11
No offense Thiseas, but I think it's you that doesn't understand this. You completely missed the point of the challenge. Steganography is used so that the receiver can find the message relatively easy, knowing the technique used. Using the technique you described would result in flaws: there could be more than one resulting message that makes sense, others can use the same common technique to find the message(s), and even the receiver who knows the technique will have a difficult time finding the secret message. There is a much simpler way of doing this challenge; the way the creator intended.
Thiseason August 28 2006 - 15:55:03
SlimTim..... "Steganography is used so that the receiver can find the message relatively easy" I agree.... but you probably miss something.... what we are trying to do here is to find the "key"... once we find it, of cource its easy to read any other message with this method!! I am not going to explain again what I did.... totally diff thinking!!! I am not trying to follow any creators intention/s,.... but just mine! I will not spend more time on this...
n30on October 01 2006 - 02:02:09
then some of these shouldnt be stegano as they are a royal pain in the ass, like the bubbles one....
mr noobon October 14 2006 - 11:50:32
i think thiseas is trying to say that this is a good method for someone who doesnt speak english as their first language, i think its quite a good idea Smile
loxaXcrackeron December 07 2007 - 19:45:29
very interesting way to solve the challenge.... hmm good gob thiseas!!:love: bw. are you greek?:right:
MAWofNULLon December 07 2011 - 19:20:55
I definitely like this method. Although I can see why people dislike it as it has a very 'bruteforce' feel to it. Personally I didn't use SQL I used C++ to complete this, as that is my language of choice. From reading this article to programming the solution and gaining the passphrase took around two minutes. Definitely a good method. I applaud you, your method and your mentality.
Lemminkon February 28 2013 - 17:53:24
To be fair the sentence doesn't really make sense... If you don't brute force it it'll be very hard to find.
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.