Post Thu Jul 05, 2007 10:20 am

Skillz April 07 Winning Entry - Creative

Andrew Laman did such a wonderful job of answering the questions in a manner and style that fit with the original Challenge, that I thought it only fitting to present his answer here with only a little touch of editing.
Great job, Andrew!"

- -TL

Excellent Skillz Challenge, Tom!  Thank you very much.  It was a lot of fun to think about and work on...though, I still think I could get it to work a better way.  Hmm, it's just a ratio problem, as in the ratio of time I have to play with it vs. work vs. honeydos, etc.  ;-) Thank you again and I appreciate all the time & work you put into it.

Don - Thank you for hosting the skillz challenges...much appreciated.

- -Andy
- ------------------------------------------------------

...as the plan developed in his head, Peter's smile stretched across his face.  With dollar signs flashing through his head, he slowly focused back to reality.

"It is running Windows...it can't be a really nice phone!" screams Michael.

"Just because YOU don't understand Windows, doesn't mean that it isn't nice." says Samir and pushes his chair back from the table, as if he is going to jump up.

"Shut up, both of you." barks Peter, "Joanna and little Petey are out tonight and I want to discuss this in a more discrete place.  Come by the house after work and I'll tell you what we are going to do."

Samir and Michael look at each other, then at Peter.  "You call your son little Petey..??.." they asked in unison.

Glaring back at them, Peter says "Just meet me at the house."  They get up and head back to the office not speaking a word during the long, somber walk back.

Later that evening, Peter answers a knock on his door.  "What's up G?"
says Michael as he flails his arms around in some sort of spastic gangsta move.  Samir just pushes by him and gives Peter a nod.

As Peter leads them through his living room, he turns off the Channel
39 kung-fu movie that was blasting through the television and takes them to a back room.

"Now just like at Initech, before we go any further, we have to swear to God, uh...Allah, that nobody knows about this but us, all right? No family members, no girlfriends, nobody." said Peter.

Samir and Michael nod in agreement as they hear a voice through the back wall. "Don't worry, man.  I won't tell anyone either." shouts Lawrence.

"WTF!!" exclaims Michael.

"Uh, don't worry, it's just Lawrence. He's cool." says Peter.

"Lawrence is living in your walls?" asks Samir.

"Of course not, he has been renting our attic since he lost his apartment. It gives us some extra money and Lawrence a place to live."
explains Peter, "Now, we don't have much time before Joanna and little Petey get home."

Samir and Michael glance at each other but decide not to make any comments.  They can feel Peter's glare as if he is daring them to say something about his son's nickname.

Peter continues, "So like we were talking about at lunch, my plan will still work.  See, CRC32 is not a cryptographically secure hash.  It was developed to detect errors in transmission."

"Yeah, polynomial division." pipes in Samir flaunting his phone in Michael's face.

"Shut up!" shouts Michael.  "I know what he is talking about.  I did some system analyst work for the District in LA awhile back. While Chloe and I were stopping a worm caused by Nina, she was telling me about a paper that came out of Humboldt-University in Berlin.  It was called 'Reversing CRC - Theory and Practice'.  A very good read."

"Nina developed a worm?" asks Peter, confused.

"Yes." confirms Michael.

"Nina... the receptionist?
Corporate-Accounts-Payable-Nina-Speaking-Just-A-Moment Nina?
The Nina who is now working in Initrode's HR department and sleeping with Brian?" asks Peter, now even more confused.

Samir interrupts "Nina is sleeping with Brian?"

Frustrated Michael blurts out "No! Nina Myers, the double-agent.
Anyways, it doesn't matter and I'm not supposed to talk about it."

"Using a tool like CRC32 Hacker developed by Andrew Koupparis, we can duplicate a CRC32 hash with an additional 4 bytes or less.  I like the command line version." says Michael as he throws a glance at Samir.

"It is still Windows." smirks Samir.

Ignoring him, Michael continued to describe his idea.  "If we take an original transaction like this:"

SELECT balance FROM account WHERE acctno = 141143153; SELECT balance FROM account WHERE acctno = 57165156; UPDATE account SET balance = 1021651.711031 WHERE acctno = 57165156; UPDATE account SET balance = 164145.162110 WHERE acctno = 141143153;

"It has a CRC32 value of b69162cf." injects Samir again flaunting his phone.

Still ignoring him, Michael says, "We can change the transaction to this:"

SELECT balance FROM account WHERE acctno = 141143153; SELECT balance FROM account WHERE acctno = 57165156; UPDATE account SET balance = 1021651.711031 WHERE acctno = 57165156; UPDATE account SET balance = 164145.16 WHERE acctno = 141143153; UPDATE account SET balance = .002110 WHERE acctno = 31337; --

"Then a little command line kung-fu and we can add hex bytes 0x6E 0xA4
0x42 0x59 to the end of the transaction and poof - duplicate CRC32 value.  The new transaction looks like this in hex:"

53 45 4c 45 43 54 20 62 61 6c 61 6e 63 65 20 46 52 4f 4d 20 61 63 63 6f 75 6e 74 20 57 48 45 52 45 20 61 63 63 74 6e 6f 20 3d 20 31 34 31
31 34 33 31 35 33 3b 0d 0a 53 45 4c 45 43 54 20 62 61 6c 61 6e 63 65 20 46 52 4f 4d 20 61 63 63 6f 75 6e 74 20 57 48 45 52 45 20 61 63 63
74 6e 6f 20 3d 20 35 37 31 36 35 31 35 36 3b 0d 0a 55 50 44 41 54 45 20 61 63 63 6f 75 6e 74 20 53 45 54 20 62 61 6c 61 6e 63 65 20 3d 20
31 30 32 31 36 35 31 2e 37 31 31 30 33 31 20 57 48 45 52 45 20 61 63
63 74 6e 6f 20 3d 20 35 37 31 36 35 31 35 36 3b 0d 0a 55 50 44 41 54
45 20 61 63 63 6f 75 6e 74 20 53 45 54 20 62 61 6c 61 6e 63 65 20 3d 20 31 36 34 31 34 35 2e 31 36 20 57 48 45 52 45 20 61 63 63 74 6e 6f 20 3d 20 31 34 31 31 34 33 31 35 33 3b 0d 0a 55 50 44 41 54 45 20 61
63 63 6f 75 6e 74 20 53 45 54 20 62 61 6c 61 6e 63 65 20 3d 20 2e 30 30 32 31 31 30 20 57 48 45 52 45 20 61 63 63 74 6e 6f 20 3d 20 33 31
33 33 37 3b 20 2d 2d 6e a4 42 59

"That worked!" exclaims Samir staring at the duplicated CRC32 number on his phone."But won't the accounting people notice the comment statements at the end of the transactions?"

"Who cares?!" says Peter.  "If they are dumb enough to use CRC32 for transaction security, they will probably just think it is garbage from the transmission because the CRC32 values will still match."

"We probably could arrange the bits in such away that the skimmed balance or fake account number would include the four additional bytes and then we could remove the trailing comment statement." offers Michael.

"But that would take to long to develop and compute each week.  We also have the time-stamp issue to worry about.  This way seems fast enough and they will never notice. Let's script this up and we can get it ready for Friday's transactions." says Peter.

"No way!" says Samir shaking his head. "I'm not going to spend my life in a PMITA Federal prison.  We have good jobs and no reason to do this."

"Of course we have a reason to do this.  Didn't you see the TPS memo that Lumburgh sent out?" asks Peter.

"Yes, but what does that have to do with anything?" ask Simar.

"Everything."  exclaims Peter.  "That dumb ass Lumburgh reused a memo that he sent to the Mr. Roop as a template for the memo that he sent to us.  I noticed the 'deleted' text in the document when I was watching the wireless traffic.  This is what he put in the memo to Mr.
Roop:"

Mr. Roop,

It has been six months since I was brought on board here at Initrode and, I might add, I'm happy as a clam being on your team.  Per your sage advice, I've waited several months before initiating any type of downsizing activity within my team, because, as you so wisely point out, coming on board and immediately cleaning house could appear badly to the employees.  So, now that it is my six month anniversary, I want to get the go-ahead from you to remove some troublemakers and dead wood that Simmons stuck me with before his retirement.

I would recommend discharging the following employees:

Peter Gibbons – Peter is habitually late, lacks focus, has a bad attitude (as demonstrated by his failure to participate in Hawaiian Shirt Friday) and has repeatedly failed to put cover sheets on his TPS reports.

Samir Nagheenanajar – I don't trust this one.  He appears to be from some sort of middle-eastern country and I believe he may be plotting against Initrode.  Also, he constantly undermining my authority by correcting my pronunciation of his last name.

Michael Bolton – When I worked at Initech, we had an employee who snapped and was responsible for starting the fire that destroyed the company.  Bolton reminds me of that employee.  He's always getting upset with the office equipment and muttering under his breath at it—a sure sign of a psychotic personality

I am currently planning to discharge these employees when their current project is complete.

How is your lovely wife and how are the kids?  Hope to see you at the country club this weekend.

Regards,

"Mr. Roop, as in VP of Software Development, Mr. Roop?" Michael asks rhetorically.

"Yes." says Peter.  "Which is why we need to get this implemented.
Lumburgh is such a suck-up!"

"Oh, we are going to be in so much trouble." groans Samir. "and it is not my fault if no one in this country can ever pronounce my name right. It's not that hard: Samir Na-gheen-an-a-jar. Nagheenanajar."

"Yeah, well at least your name isn't Michael Bolton." says Michael.
"Now come here and help me, we've got to get this working.  You know Peter, if they would have just used a cryptographically secure algorithm like MD5, we would not be here working on this."

"You are such an idiot." Samir says to Michael.  "Didn't you see Charlotte's Web 1.1, the director's cut?  Charlotte had faked her death.  She and Geography Ants used a multi-collision flaw in the MD5 algorithm to save Wilbur and expand her consulting business."

But Peter is no longer paying attention.  He is steadily working on his scripts thinking about all the money they are going to make...
CISSP, MCSE, CSTA, Security+ SME