# Reto 17: Toulouse

# mkdir reto17
# cd reto17
reto17# hp=http://www.hackplayers.com/2013/05/reto-17-toulouse.html
reto17# url=`curl --silent $hp | grep mega | awk -F '"' '{print $6}'`
reto17# cat mega-dl
#!/bin/bash

url=$1
enc_file=$2.enc
out_file=$2

 id=`echo $url | awk -F '!' '{print $2}'`
key=`echo $url | awk -F '!' '{print $3}' | sed -e 's/-/+/g' -e 's/_/\//g' -e 's/,//g'`
b64_hex_key=`echo -n $key | base64 --decode --ignore-garbage > /dev/null | xxd -p | tr -d '\n'`
key[0]=$(( 0x${b64_hex_key:00:16} ^ 0x${b64_hex_key:32:16} ))
key[1]=$(( 0x${b64_hex_key:16:16} ^ 0x${b64_hex_key:48:16} ))
key=`printf "%x" ${key[*]}`
iv="${b64_hex_key:32:16}0000000000000000"
new_url=`curl --silent --request POST --data-binary '[{"a":"g","g":1,"p":"'$id'"}]' https://eu.api.mega.co.nz/cs | awk -F '"' '{print $10}'`
curl --output $enc_file $new_url
openssl enc -d -aes-128-ctr -K $key -iv $iv -in $enc_file -out $out_file
rm -f $enc_file
reto17# ./mega-dl $url stego.mp4
reto17# tc=truecrypt-7.1a-linux-console-x64.tar.gz
reto17# curl --output $tc http://www.truecrypt.org/download/$tc
reto17# tar xvzf $tc
reto17# ./truecrypt-7.1a-setup-console-x64
reto17# mkdir volume
reto17# truecrypt --non-interactive --password=TOULOUSE stego.mp4 volume
reto17# head volume/CABLE_245612.txt
UNCLAS SECTION 01 OF 04 MADRID 000086

SENSITIVE
SIPDIS

STATE FOR EUR/WE, EEB/TPP/IPE, EEB/IFD/OIA, EEB/TRA/AN
STATE PASS USTR FOR D.WEINER
COMMERCE FOR 4212/DON CALVERT
ENERGY FOR PIA/K.BALLOU AND EERE/D.BIRNS
TREASURY FOR OIA/OEE/R.JOHNSTON AND OTP/M.CORWIN

References

http://keyj.emphy.de/real-steganography-with-truecrypt/
http://www.steganosaur.us/lecture