Forum: >>> Magnum BBS <<<

Re: Hide data in M-ID

From Ben Bacarisse@21:1/5 to Stefan Claas on Sat Oct 28 00:05:55 2023

Stefan Claas <stefan.claas@iris.to> writes:

Chris M. Thomasson wrote:

On 10/20/2023 4:16 PM, Stefan Claas wrote:

Z ,Go1 ,Id

Is that a header?

It is part of a SCOSv2 message.

To decode the message you have to look at the
Message-IDs first part, which is crockford base32
encoded. Hence the Subject: name.

Or one can just search the key space, which is small. That works well
enough because most SCOS texts are recognisable language.

So I wish you the same, Stefan.

--
Ben.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Stefan Claas@21:1/5 to Chris M. Thomasson on Sat Oct 28 00:39:57 2023

Chris M. Thomasson wrote:

On 10/20/2023 4:16 PM, Stefan Claas wrote:

Z ,Go1 ,Id &{M,2Afu= 'Yu)Jat~Q Q u'|T! ,Ca4=Oc/ my-

b~Zy -;Qi{/f
d~,Vo[

Base64?

No, it is SCOSv2

Regards
Stefan

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Stefan Claas@21:1/5 to Chris M. Thomasson on Sat Oct 28 00:41:55 2023

Chris M. Thomasson wrote:

On 10/20/2023 4:16 PM, Stefan Claas wrote:

Z ,Go1 ,Id

Is that a header?

It is part of a SCOSv2 message.

To decode the message you have to look at the
Message-IDs first part, which is crockford base32
encoded. Hence the Subject: name.

Regards
Stefan

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Stefan Claas@21:1/5 to Ben Bacarisse on Sat Oct 28 11:52:10 2023

Ben Bacarisse wrote:

Stefan Claas <stefan.claas@iris.to> writes:

Chris M. Thomasson wrote:

On 10/20/2023 4:16 PM, Stefan Claas wrote:

Z ,Go1 ,Id

Is that a header?

It is part of a SCOSv2 message.

To decode the message you have to look at the
Message-IDs first part, which is crockford base32
encoded. Hence the Subject: name.

Or one can just search the key space, which is small. That works well
enough because most SCOS texts are recognisable language.

Thanks, but how does this work in general? I mean if someone writes a
SCOS message cracker, will it print to stdout all decoded tries and then
uses, grep like, some key words, so that the user can see the plain text
in one of the decoded messages, which he has to go through?

So I wish you the same, Stefan.

Thank you.

Regards
Stefan

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Stefan Claas@21:1/5 to Richard Harnden on Sat Oct 28 15:11:43 2023

Richard Harnden wrote:

On 28/10/2023 10:52, Stefan Claas wrote:

Ben Bacarisse wrote:

Or one can just search the key space, which is small. That works
well enough because most SCOS texts are recognisable language.

Thanks, but how does this work in general? I mean if someone writes
a SCOS message cracker, will it print to stdout all decoded tries
and then uses, grep like, some key words, so that the user can see
the plain text in one of the decoded messages, which he has to go
through?

Because scos leave spaces alone, I just look for 3-letter words with
a consistent increament and print out the best hits. It seems to
make a fairly good guess ...

eg:

| $ cat x
| Z ,Go1 ,Id &{M,2Afu= 'Yu)Jat~Q Q u'|T! ,Ca4=Oc/ my-
|
| b~Zy -;Qi{/f
| d~,Vo[
|
| $ ./decode_scos x | ./scos
| ./decode_scos: Not sure, but ...
| > -17 -14
| > I 62=+ CAH fZpL3~EFT Miq0)+]GV H Xspv} ,'\OSll~ TRZ
| >
| > 7Fdo wt59>:Q
| > Algrw_
|
| > -17 -24
| > I wish the sci.crypt community a great weekend! :-)
| >
| > Best regards
| > Stefan
|
| > -67 -14
| > z IEYX try =*:2Fevw! 3[/CUXcx$ y ^.:<a nfp59~~e !8*
| >
| > Jw-; \>HLmi7
| > r~{?\V
|
| > -67 -24
| > z \[.} >}+ ._[l_?A:> _;'',@[>A ( {?+(> \++#+@-M iWU
| >
| > s+.> ?+{(?-.
| > 9>+=(@

Ah, ok I understand.

Otherwise, there are only about 8000 possible keys - so brute forcing
is easy.

Thanks for the info, I thought there would be more possible keys.

Also: The Message-ID should be set be the server, not you.
Duplicates would cause confusion. Hide things in an X-something
header.

This was only a test with M-IDs, but I understand what you mean.

Regards
Stefan

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Chris M. Thomasson@21:1/5 to Stefan Claas on Sat Oct 28 12:13:22 2023

On 10/27/2023 3:41 PM, Stefan Claas wrote:

Chris M. Thomasson wrote:

On 10/20/2023 4:16 PM, Stefan Claas wrote:

Z ,Go1 ,Id

Is that a header?

It is part of a SCOSv2 message.

To decode the message you have to look at the
Message-IDs first part, which is crockford base32
encoded. Hence the Subject: name.

Thanks. I feel like kicking my self in the ass. That is going to be hard
to do! lol. ;^)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Chris M. Thomasson@21:1/5 to Stefan Claas on Sat Oct 28 12:07:02 2023

On 10/27/2023 3:39 PM, Stefan Claas wrote:

Chris M. Thomasson wrote:

On 10/20/2023 4:16 PM, Stefan Claas wrote:

Z ,Go1 ,Id &{M,2Afu= 'Yu)Jat~Q Q u'|T! ,Ca4=Oc/ my-

b~Zy -;Qi{/f
d~,Vo[

Base64?

No, it is SCOSv2

Oh my. Face palm!!!

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Stefan Claas@21:1/5 to Chris M. Thomasson on Sat Oct 28 21:49:25 2023

Chris M. Thomasson wrote:

Sorry about that. Btw:

http://fractallife247.com/test/hmac_cipher/ver_0_0_0_1?ct_hmac_cipher=

fceb3d1d17deb327eaa475df2a6c3aed13467375adcd5c0c2f4fcb56a39070cd3c2afa54936ac8da5459ab83a8e2c6e57a64b495e0ea515275023488ab0e0bc69dbcf0717c367ced7c093bf76d89288ad8fe4a20f793fc6b306f0c5d11ac755f726969ca0385a1dcc8b0c2eaad6e384c173cb41dec89f847c96cb2e651882e9
074ea3bd8d96a16c2ff334cdc6e

http://fractallife247.com/test/hmac_cipher/ver_0_0_0_1?ct_hmac_cipher= b8930b5c41f08cb639be2c3f600a90324eb720fe8c70442848a493ab0843a3004e8255a20450e7cb9329b418cffb43895aed81cb6179c059fd950f2ee87af60d5df429bb9bd026df6db02ebd958eeeab107ce71f51868caa3b84ec791d5e964f6a3ac3eb48fab9bf2ee02d983cfbec9a4f66524abdbe23562fc9d92c6479039
163484ae0a2b75369d43ba7371cf7d85077738d966477863d27159faf0d6068ed15313797e0297607a82f551d8f19fad14c519d5fb643a5c4b8b5c30f10f2e5c8945218c99866409906ca74a66f4e880b1a8f2b3f4e46426d461a14ca03a4e489dc96d0448cdd63f410741c3c8225959d40881a0c011a2f7e913e275f833582
1a1ec5d335ee791c40a418d2912eea7d635b95cafef28cbf

Regards
Stefan

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Chris M. Thomasson@21:1/5 to All on Sat Oct 28 12:59:29 2023

T24gMTAvMjgvMjAyMyAxMjo0OSBQTSwgU3RlZmFuIENsYWFzIHdyb3RlOg0KPiBDaHJpcyBN LiBUaG9tYXNzb24gd3JvdGU6DQo+IA0KPj4gU29ycnkgYWJvdXQgdGhhdC4gQnR3Og0KPj4N Cj4+IGh0dHA6Ly9mcmFjdGFsbGlmZTI0Ny5jb20vdGVzdC9obWFjX2NpcGhlci92ZXJfMF8w XzBfMT9jdF9obWFjX2NpcGhlcj1mY2ViM2QxZDE3ZGViMzI3ZWFhNDc1ZGYyYTZjM2FlZDEz NDY3Mzc1YWRjZDVjMGMyZjRmY2I1NmEzOTA3MGNkM2MyYWZhNTQ5MzZhYzhkYTU0NTlhYjgz YThlMmM2ZTU3YTY0YjQ5NWUwZWE1MTUyNzUwMjM0ODhhYjBlMGJjNjlkYmNmMDcxN2MzNjdj ZWQ3YzA5M2JmNzZkODkyODhhZDhmZTRhMjBmNzkzZmM2YjMwNmYwYzVkMTFhYzc1NWY3MjY5 NjljYTAzODVhMWRjYzhiMGMyZWFhZDZlMzg0YzE3M2NiNDFkZWM4OWY4NDdjOTZjYjJlNjUx ODgyZTkwNzRlYTNiZDhkOTZhMTZjMmZmMzM0Y2RjNmUNCj4+DQo+IA0KPiBodHRwOi8vZnJh Y3RhbGxpZmUyNDcuY29tL3Rlc3QvaG1hY19jaXBoZXIvdmVyXzBfMF8wXzE/Y3RfaG1hY19j aXBoZXI9Yjg5MzBiNWM0MWYwOGNiNjM5YmUyYzNmNjAwYTkwMzI0ZWI3MjBmZThjNzA0NDI4 NDhhNDkzYWIwODQzYTMwMDRlODI1NWEyMDQ1MGU3Y2I5MzI5YjQxOGNmZmI0Mzg5NWFlZDgx Y2I2MTc5YzA1OWZkOTUwZjJlZTg3YWY2MGQ1ZGY0MjliYjliZDAyNmRmNmRiMDJlYmQ5NThl ZWVhYjEwN2NlNzFmNTE4NjhjYWEzYjg0ZWM3OTFkNWU5NjRmNmEzYWMzZWI0OGZhYjliZjJl ZTAyZDk4M2NmYmVjOWE0ZjY2NTI0YWJkYmUyMzU2MmZjOWQ5MmM2NDc5MDM5MTYzNDg0YWUw YTJiNzUzNjlkNDNiYTczNzFjZjdkODUwNzc3MzhkOTY2NDc3ODYzZDI3MTU5ZmFmMGQ2MDY4 ZWQxNTMxMzc5N2UwMjk3NjA3YTgyZjU1MWQ4ZjE5ZmFkMTRjNTE5ZDVmYjY0M2E1YzRiOGI1 YzMwZjEwZjJlNWM4OTQ1MjE4Yzk5ODY2NDA5OTA2Y2E3NGE2NmY0ZTg4MGIxYThmMmIzZjRl NDY0MjZkNDYxYTE0Y2EwM2E0ZTQ4OWRjOTZkMDQ0OGNkZDYzZjQxMDc0MWMzYzgyMjU5NTlk NDA4ODFhMGMwMTFhMmY3ZTkxM2UyNzVmODMzNTgyMWExZWM1ZDMzNWVlNzkxYzQwYTQxOGQy OTEyZWVhN2Q2MzViOTVjYWZlZjI4Y2JmDQpbLi4uXQ0KDQpodHRwOi8vZnJhY3RhbGxpZmUy NDcuY29tL3Rlc3QvaG1hY19jaXBoZXIvdmVyXzBfMF8wXzE/Y3RfaG1hY19jaXBoZXI9M2Zh MWJlNWZmNGU1YjA1MDI0NTMwZDQ0ZDNkYjdjZWZlNzA3OWZiMzY1NWNlNzkwYzQxZmM2N2Fh NGRmMWFmODA0MzI0MDMxNjE3ODBiYjQ3ZTdmZWFmNjk3MjkyNjc4NzAwZDVhY2QzYWFlZjcx YjZjNmJkZTc4ZDBhMjk3ODYyOWEwN2U1ZTgzZjc5MjI3YmZhY2Y1YjBjNWNjZTJmNmZmYzlm NDc1ZTdiMTFhZTA3Yzg3ZDRmYmU0NmUxNGNjOWY1MGY2YWE0ODZkZjMxZTg0MTc1NjMyNTYx MjUxZTlkYzU1ZDc2YmExNGYyNzczNmYxY2QxOWFhMmJkMzgxODVmMmFhOGQ2ZTM0NDBjZWQw OTlmNmJjZDNlMzhkYmJlOTUxYTdiYzdjOWQ2NTE5YjJlZDJjNThlY2Q5NzNjNWQ4ZjYwZjMy YmM0Yzk3NWI3NjBjNGNhM2U0ZjU1MTVkYjkyYjM2MTEyNjg5YzYyYzllZjY3ZWIwOWFkOTQ3 NjM3MDNkNTM5NmZiMDQ4MTZjOWE1ODAzNWUxMTcyMmJmNjM5ZWQ2YTQ0ZDM5NTBiZDI0MTk3 YmNhN2E3ZDE4MGQxMzhkMmVmMTkxZDgyZTQ4OGE4NDI4MjU2ODlmMTUwMDZhOTQ4MzAzNjkz MWQwZjIxNzdkZGQ5ZTJhN2JiNDk5NzBlNTE3MzU1ZTgyNzZmYTNjMGU2YmVhZTQ3ZmVjOWQ3 NDY4ZTdjY2M3ODgwYjA0NDE0YzVhMDAyNDk4Zjg1NDMxOGNhOThhYTAyMjMxZjA2MzVmNTAx MWU3YTM1Y2YxNDJmYzg3ZTgwZjA4M2NmMzVjNDVmZTllMDYxMzgyODA1OGEwYjc5MWEyY2Ri ZGYxZjQ3MjFlMDYxMTRlM2Q2Mzc3YzRlMDlkNTY2YmFlYTUwOWQyNWE3YzRmOTIyZTEyYjNl ZDA1N2I5MzEyMmNjNmYyZGRlMTM5NTJmOWQwMDg1NzA4YzhiODE1NzQ1OWFmYTc1ZGVjYzUy ZDU1ZDg1N2YyMjhmNzY4OGM2ZmUyYTM0MDIzOGE5ODQwNzAxMGMzNjcyOGE2NmQwY2ZlZTRi Y2FmZDhkOThlZGI0ODMyNzliMTcwYTFkZjA3ZGRjM2Y2ZmE1ZWI3OWQ5MzhkMTM2ZDk0Nzkz NWIxMDA2NzNjMDBlYjI3MmJjMDY3NTMwOTdlNzBmNzgzZmJlYzEyYjkxNWNlNDhkMDkxZjM1 NGQ2NWQ4ZjAyMTBiZDU3NzJlMzNhNjJmN2EzNTM4ZmZkOGQyMmIzYzQ0MGQ4ZjNiODgwYjM4 MGU1Y2ExYmMyYjY4YzJjMmQyYjFlN2RkYzBjZjg3ODNkOWViZGYwYmQyMzNhNGU3ZTJmMWE1 YWY0YWEzYTE1NzZkYzExODhiYmIxODEyN2Q1ZjUxM2MyYTc2ZWFhMGQyY2UyYjk2ZWE5YjFm YWU2MGUyNzQxOWU0NGM2MGJmYmE5OGUzMGM0MTJkNjg1MDY3ZTdhNWU5ZmY3M2VhODFiY2Ez ZWZjNDA2ZGRjOWRjNTQxNmYzMzIxYmYxMjI5MTE1NzY4YmRhYWQ1MDRkOGY5MTY4MmRlMTBj NGU4ZjI3NTE3NzE0ODQ1ODgNCg0K

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Who's Online
Recent Visitors
- Jack
  Sun Jun 8 06:41:19 2025
  from Mississipi via Telnet
- Centurion
  Sun Jun 8 00:08:04 2025
  from Berea, Ohio via Telnet
- Centurion
  Sat Jun 7 21:52:22 2025
  from Berea, Ohio via Telnet
- Tnmoc
  Sat Jun 7 13:44:20 2025
  from Milton Keynes via Telnet
- Tnmoc
  Sat Jun 7 13:40:01 2025
  from Milton Keynes via Telnet
- Plume
  Sat Jun 7 11:13:29 2025
  from Uk via SSH
- Gwylbert
  Sat Jun 7 08:57:45 2025
  from Sydney, Nsw via Telnet
- Centurion
  Sat Jun 7 04:30:40 2025
  from Berea, Ohio via Telnet

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	487
Nodes:	16 (2 / 14)
Uptime:	00:57:17
Calls:	9,660
Calls today:	2
Files:	13,709
Messages:	6,166,517

Re: Hide data in M-ID

Who's Online

Recent Visitors

System Info