Security Challenge #2 (Hidden Message)

ridders · 07-06-2018, 12:38 PM

Attached is a 'security challenge' for anyone interested in finding the solution.

I originally wrote this for another forum as a 'fun challenge' whilst demonstrating various methods of making apps reasonably secure

It is NOT intended to be a completely locked down database that is impossible to crack (if indeed such a thing exists)

It is intended to be solvable and I have provided various clues which are intended to help achieve a solution.
The app is password protected but all the information to obtain that has been provided in this thread ... if you look and think carefully

A password cracking utility is NOT required ... and using one will be considered as cheating!

The challenge is to:
a) unlock the database, obtain the name and contents of the hidden table
b) open the main form and find out how to enable the 'Click Me' button
c) work out the meaning of the message displayed

The first part should be relatively simple if approached in the correct way.
The rest of this MAY be a little harder to accomplish.

Obtaining the full solution will need a mixture of problem solving skills and knowledge of some of the deeper recesses of databases

NOTE:
You can only run this application FOUR TIMES once you have deduced the correct password.
After that it will be disabled, so plan carefully

If you succeed, please follow the supplied instructions to provide feedback.
Please do NOT post your solution in this thread or it will spoil the challenge for others

If you get totally stuck, you can send me a PM - I may provide hints later

A further reminder that Access databases, including this one, can NEVER be made 100% secure
A capable and determined hacker can break any Access database given sufficient time

Both 32-bit & 64-bit versions have been supplied

I hope you enjoy puzzling out a solution

ridders · 07-07-2018, 11:50 PM

Following a couple of PMs, here are a few hints which should help you deduce the password:

HINT #1
Always read the small print

HINT #2
The first clue is in each of my posts in this thread including this one

HINT #3
A good way to remember a password is to make use of a phrase that can act as a memory aid

HINT #4
Think what it tells you about capitalisation

That should hopefully be more than enough to solve the first step
Please PM me when you've worked out this part with the password and a screenshot of the form

ridders · 07-07-2018, 11:53 PM

And here's a spoiler....

HINT #5
Bill Murray, Scarlett Johannson, Tokyo, 2003

Is that clear now?

ridders · 07-18-2018, 03:05 PM

The challenge has now been downloaded over 140 times across 3 forums (02/08/2018)
However, AFAIK, so far only one person has completed the challenge

As this thread has gone a bit quiet, I'm going to provide additional guidance which should make solving the password trivial

The following refers to the hints from post 2 and the spoiler from post 3

The spoiler is : Bill Murray, Scarlett Johannsen, Tokyo, 2003

-----------------------------------------------

Hints 1 & 2 suggest you should look for small text in my signature line (as its in every post)
nil illigetimi carborundem est
This is a fairly well known mock Latin phrase (at least its fairly well known in the UK) - the fact that it spells out 'nice' was a nice coincidence

If you google the words in hint 5, it gives the film Lost In Translation

This together with hint 3 suggests you should translate the entire phrase
Put the entire phrase into Google & you will get lots of hits which will give you the password phrase you need

But that's far too long for a password
Hint 3 again - its a memory aid - so use the first letter of each word to get a 7 character password

Hint 4 - capitalisation - its all in small letters

-----------------------------------------------

PHEW! Got it now?
Sorry if that was more tricky than I meant it to be
Well done to those who got it themselves ... including one person who did so before I posted the hints
Hopefully knowing the password will rekindle interest in solving the rest of the challenge for which Access skill/knowledge is definitely required

GOOD LUCK
Remember you only get 4 attempts after you enter the correct password

ridders · 08-10-2018, 09:36 AM

Many congratulations to AWF member Insane_ai who has now completed BOTH challenges and ... even better ... done so without hacking them.

For info, Insane_ai's signature line is:

Quote:

I actually know a few things, just not all of them.

I think he is being too modest!

Some of you may be pleased to know that challenge #3 is on its way in the next few days. This will require some different skills

Insane_ai · 08-10-2018, 10:22 AM

Thank you Ridders!

These exercises taught me about things I never thought to look for.

I am going to give one spoiler:

Don't over think it; pay attention to what is in front of you.

ridders · 08-10-2018, 12:34 PM

You're welcome. Glad you persevered with it

I've enjoyed creating these challenges and have also learned things in the process.

Your 'spoiler' is very appropriate and hopefully will encourage others to complete this as well.