Challenge: A Black Hats Tale  Go to the A Black Hats Tale challenge

Hope I'm not giving away too much, but if you're having incoherent results with a C++ source code, keep in mind that the code is old and won't work if compiled for recent machines

I don't seem to find anymore a valid download link for a good enough old version of the software
so the Tool is included with the old 16 bytes seed algorithm. Anyone by chance saved it or can
easily pinpoint me to a valid URL without you spending much time so I can download it?

If you solved it I can prove you that I know exactly what is required just I haven't found it yet.
The chall is not about finding the software after all, years pass and it's harder and harder to find.

found lots of old versions on KAT...

Quote from New_LucA

Oct 27, 2015 - 21:09:19

I don't seem to find anymore a valid download link for a good enough old version of the software
so the Tool is included with the old 16 bytes seed algorithm.

I found the software on piratebay. As I remember ,it was a 2007 hacker tool suite.

Hi all, dear Challengers of the IT-Worlds,
once again coming to ask for help. I wrote to www.wechall.net/profile/Z (creator of this chall) 2019-12-19 but I see that He isn't online since 2019-10-15. I pm'ed him with explaining all the walkthrough very precisely of how everything was solved until the (maybe?) last part... the timed token.

May I have the possibility to pm a Solver? - Many thanks in advance and I will provide all my efforts
Kindest Regards - occasus

You can PM me, Iet's see if my brain still works

Fun challenge. I haven't finished it yet but I just wanted to say that the link on the login page (2nd step I think), the link given is wrong:

should contain `&` instead of `&`.

Quote from kubuk

Feb 02, 2021 - 02:02:17

Fun challenge. I haven't finished it yet but I just wanted to say that the link on the login page (2nd step I think), the link given is wrong:

GeSHi`ed Plaintext code

1	www.wechall.net/challenge/Z/blackhattale/login.php?action=login&username=username&password=password

should contain `&` instead of `&`.

No, it's just some html engines get it wrong.

https://stackoverflow.com/questions/3705591/do-i-encode-ampersands-in-a-href

We have the same problem in singup activation urls... we get it right. Some mail clients get it wrong.
So maybe noone is right on this one, in terms of interoperatibility.

Greetz
giz

At least you weren't right about this one, giz. It's not about an actual link, just an address shown in text. The string was double encoded. Should be fixed now.

Quote from m0ngrel

Oct 28, 2015 - 02:31:55

Quote from New_LucA

Oct 27, 2015 - 21:09:19

I don't seem to find anymore a valid download link for a good enough old version of the software
so the Tool is included with the old 16 bytes seed algorithm.

I found the software on piratebay. As I remember ,it was a 2007 hacker tool suite.

Thank you for the point. I found v3.3 , set UTC+1 and correct time, loaded asc file, checked that it derives key and serial correctly, but it dont want to show me correct values (that ones in Z' op post)