The given string 1DYsiB7a9hGWitCRky5wmN9ogeHKsVmNFF
is a peculiar hash; one might note that it starts with 1 and is 34 characters long.
It is a bitcoin address, which has some inbound and outbound transactions.
Of note, the interesting transaction is bd4c44372669c8010dd63d9a900504df5b0d0852636aaf26c49151455f805791
, which is goes from the given address to 18W97kXnWpS41Gbg8RMdEBayH51v2Cepee
. That address has only one outbound transaction, to 1FzWnY7yNyb2kafG9es4BoFSdLMaRgXyaa
, and so on, until the chain loops back to 1DYsiB7a9hGWitCRky5wmN9ogeHKsVmNFF
.
Each address in the chain ends in two identical letters, which would hopefully make the solver(s) suspicious. Taking either letter, the chain spells (separated with newlines for clarity):
Feathercoin6kW1y63PTRJCKHATVgYq3GyM6cei3RXGCC LitecoinLUXny1MQ2rmGytGet4GUgeBJ38WiNFZdCC PPcoinPCEUQvnuyQby3WjKUTxMmqSrZmiH4Uv2CC DogecoinDLErpcttiCXjPs6mT2pfhHmGhDxdvqdJCC RiecoinRHkfmHbTzaC152VKpprEfXcugDxMuGycCC AuroracoinAVxBFKEfE1W3TrSRCmoYcDnvDrKSqYQNCCThe giant string has six substrings, each of which has the format
(cryptocurrency)(starting address)
.
Repeating the same chain finding process from above, the cryptocurrencies spell the following strings, respectively:
CrackThisMD55edc3bed517dbf9865fb815552c1eb21 CrackThisTigerc1f242dde1a689991e46261f145dac8d8fb9c8ca87d378a6 CrackThisEmptysaLt1kPBKDF28f72c23c1a832d5c62981ad2365e2416e156324c12ff77c8788d919e93b52468 CrackThisSHA25636c2c915463715bbee9b9e2f4c5e1d1e8af2fc2c97eeadf8d4ec1bdcf2f43542 CrackThisKeccak25641ffa5436c7d522a616a38b17955df447ec9bd3544b962fd7464d2f7938d8667 CrackThisSHA1a8dbbfa41cec833f8dd42be4d1fa9a13142c85c2These new strings all start with
CrackThis
, and some are followed by common hash algorithms MD5
and SHA
, which probably imply breaking the given hash with the algorithm.
The complete mapping is as follows:
Coin | Hash Algorithm | Address |
---|---|---|
Feathercoin | MD5 | 5edc3bed517dbf9865fb815552c1eb21 |
Litecoin | Tiger | c1f242dde1a689991e46261f145dac8d8fb9c8ca87d378a6 |
PPcoin | EmptysaLt1kPBKDF2 | 8f72c23c1a832d5c62981ad2365e2416e156324c12ff77c8788d919e93b52468 |
Dogecoin | SHA256 | 36c2c915463715bbee9b9e2f4c5e1d1e8af2fc2c97eeadf8d4ec1bdcf2f43542 |
Riecoin | Keccak256 | 41ffa5436c7d522a616a38b17955df447ec9bd3544b962fd7464d2f7938d8667 |
Auroracoin | SHA1 | a8dbbfa41cec833f8dd42be4d1fa9a13142c85c2 |
EmptysaLt1k
has inconsistent capitalization because all bitcoin-derived cryptocoin addresses use base 58, which means no lowercase l or capital I (or the number 0 or capital O, for that matter) to avoid confusion.
The efficient puzzle solver will input each address into a search engine before writing a dictionary attack for each hash.
Luckily, the MD5, SHA256, and SHA1 hashes are searchable, which decrypt to fuckyou1
, christy7
, and password8
, respectively.
One notices that the passwords have the form (string)(number)
, where (number)
is less than the length of (string)
.
Thus, a good start for the dictionary attack for the rest of the hashes is to try common strings followed by a number between 1 and the length of the word.
In fact, all words were drawn from the top 1000 common passwords.
Python has easy-to-use libraries for tiger, pbkdf2, and keccak256.
The resulting passwords are
Hash Algorithm | Password | Indexed Letter |
---|---|---|
MD5 | fuckyou1 | f |
Tiger | laserjet5 | r |
PBKDF2 | animal5 | a |
SHA256 | christy7 | y |
Keccak256 | farmer5 | e |
SHA1 | password8 | d |
(number)
into (string)
to get a letter. The six letters form the answer, FRAYED.