Photo Credit:
Mossad ad

In a style reminiscent of John le Carré novels, the Mossad Cyber-Operations Arm published a recruiting ad with a series of columns of numbers and letters, four pairs of which were highlighted, along with the clandestine unit’s logo, complete with its slogan—a verse from Proverbs, as befits a Jewish clandestine operation— “Where no counsel is, the people fall: but in the multitude of counselors there is salvation” (Proverbs 11:14). To the side of all that came the ad’s recruitment call: “Are you ready for a challenge?”

Since this was a recruitment appeal to folks who think outside the box and enjoy nothing more than cracking riddles and codes, the highlighted group of numbers of letters had to be in the Hexadecimal positional numeral system, which is a base-16 system using the digits 0 to 9 to represent values zero to nine, and the letters a,b,c,d,e,f for the values 10 to 15. And so, the group of four pairs in the ad, “82, d3, 54, aa,” actually stood for an I.P. address of four groups of numbers, which is what every World Wide Web address looks like before it is dressed up with a name.

Advertisement



So, if you’re a devoted code cracker, it should have taken you under 5 seconds to figure out that the highlighted pairs in the ad referenced the I.P. address 130.211.84.170 — where the real challenge began.

“Challenge #1” declares the web page at said I.P., and proceeds:

“Good morning Agent C!

“We require your skills for an urgent search & rescue mission.

“One of your colleagues has been taken hostage by an unidentified group, and is being held in a previously unknown holding facility. Our SIGINT squad has been successful in geo-locating the facility and found indications of an electronic lock mechanism in the main entrance.

“The rescue team needs your help in opening this mechanism so they can enter and search the premises.

“Good luck, A.”

When Agent C clicks the “Start Challenge,” he or she reach a Login prompt, asking them to “Please submit your security token,” which is a challenge since none has been awarded. There’s also a cute icon of a lock with “MaxSec Prison” written underneath, presumably to enhance the tension. The page wants you to upload the security token from your own computer—it notes “File missing” if you sign in without one.

A group of wannabe hackers on Israel’s citizen reporter website Rotter has been attempting to crack the Mossad challenge since Wednesday this week, which is where we’ve dug up much of the information we laid out so neatly for you above. Some of the participants were true hackers, and they were the ones having the most fun, while revealing no real clue as to what happens once you’ve gone past the login page.

One suggested reverse engineering, saying it was fairly easy once he got that part figured out. We have no idea what he meant.

Another suggested saving the little MaxSec Prison icon and then uploading it as the security token. Well, we tried it and received the unkind response: “XMODEM-CRC not matching.” But then another Rotter participant said “the error message suggests an ancient communication protocol,” which used to be popular in the 1980s in BBS groups (If you’re younger than 50 you won’t understand).

One Rotter member offered an official Mossad help wanted page, where one can apply without those clandestine games. Maybe they’ll dispense you a clue if you went over the counter…

Here’s an intriguing message from a member: “If you convert this hexadecimal code using a CRC calculator you get a CRC value for XMODEM which is 2BAD — is that a clue?”

A few members raised the valid question — what hacker reads print newspapers? Is that in itself a clue as to the kind of candidate the Mossad is looking for?

Advertisement

12 COMMENTS

  1. When I was a teenager, my dream was to move to Israel and join the Mossad! Life gets in the way of dreams sometimes … now I am 70, and looks like I won't make that dream … BUT, I am STILL A WARRIOR for my beloved Israel! A CYBER warrior! I spend hours a day defending and promoting Israel!
    NEVER NEVER NEVER give up!

  2. Dolores – Have to agree with you in all respects. I am of an age that would probably pull a rejection. I am 69 years of age. I still do investigative chores for my family and friends and friends of friends, and so on. I have spoent, both part time and full time about forty plus years in field work, i.e. investigations, apprehensions and security for companies and executives, and abused spouses or partners, and lastly and unfortunately, the dreaded paperwork that goes along with all kinds of assignments. So for me, it would be a cherry on the chocolate shake. You're not too old in my opinion. There is always something our age group can do. Taut your experience – shout it loud and shout it clear. Whoever is reading these comments should consider this an application. My local e-mail address is olingergallegos@msn.com. I do need to renew my passport other than that, I am ready to go. Micah BenYehudah.

  3. I love very much Israel and MOSSAD as well, like wise my age is loading but still consider myself as young boy who can do more which is in my ability to serve my beloved organisation and people i love and value Israel. Yes maybe i dont have much education to cope with brilliant organisation such as MOSSAD but i know i have what it takes to reach that dream. I can be more proud to serve such organisation and people of Israel.

  4. Actually XMODEM was a file transfer protocol for Bulletinboard systems. Fortunately it was later replaced by Ymodem and finally Zmodem, which supported file compression and transfer batches.

    XMODEM was terribly unreliable. Just saying.

  5. well if you notice the logo of maxsec get you to another window, if you look at the parameters above you will see multi… and h and name h is kind of checksum, this checksum is hash function md5 while you take the 4th till the 12th chars and than you should insert name = *(well known symbol of every file in folder) and h=md5(*)[4:13] (like python) than change multi to 1 and you will find list of few files one of the file hold the correct crc and you should try to create png with the same crc (i tried to do so but the challange is over)

Comments are closed.

Loading Facebook Comments ...