¹®Á¦ ÆÄÀÏÀÇ ÆÄÀÏ Æ÷¸äÀº ´ÙÀ½°ú °°½À´Ï´Ù.
$ file forensics400-8a555f9a250d5fb0e1a0c653ceaf1be1
forensics400-8a555f9a250d5fb0e1a0c653ceaf1be1: gzip compressed data, from Unix

±×·¯³ª gunzipÀ¸·Î ¾ÐÃàÀ» Ç® ¼ö ¾ø½À´Ï´Ù.
$ gunzip ./forensics400-8a555f9a250d5fb0e1a0c653ceaf1be1
gunzip: ./forensics400-8a555f9a250d5fb0e1a0c653ceaf1be1: unknown suffix -- ignored

zcatÀ¸·Î stdoutÀ¸·Î »ÌÀº°ÍÀ» dumpMe·Î ·Î ÀúÀåÇؼ­ º¸¸é
$ zcat ./forensics400-8a555f9a250d5fb0e1a0c653ceaf1be1 > dumpMe

dumpMeÀÇ ÆÄÀÏ Æ÷¸äÀ» º¸¸é tar·Î ¾ÐÃàµÇ¾î ÀÖ½À´Ï´Ù.
$ file ./dumpMe
./dumpMe: tar archive

tar·Î Ç®¾îº¸¸é ½ÇÁ¦ ¹®Á¦ÆÄÀÏÀ» º¼ ¼ö ÀÖ½À´Ï´Ù.
$ tar -xvf ./dumpMe
x f400
x f400/awesomeify
x f400/readme.txt
x f400/key.enc

awesomeify¸¦ ¸®¹ö½ÌÇغ¸¸é encrytpion½Ã argument·Î ÁÖ¾îÁø byte¼ö ¸¸Å­ 
random sequence bytes¸¦ ¸¸µé¾î³» ( key Value) key Value¿Í plain txt¸¦ 
encryption ÇÏ°Ô µË´Ï´Ù.

±×¸®°í ÀÌ Key Value°¡ ¸¸µé¾î Áö´Â ¹æ½ÄÀº srandom( time(0))¸¦ ÅëÇØ seedValue¸¦ ¸¦ ÁÖ°í
ÁÖ¾îÁø byte¸¸Å­ random()À» ÇÏ¿© ÇÏÀ§ 1¹ÙÀÌÆ®¾¿¸¸ ÀúÀåÇÕ´Ï´Ù. ¹®Á¦´Â time(0)ÀÇ return°ªÀº 
key.encÀÇ time stamp value¿Í °°À¸¹Ç·Î À̸¦ ÅëÇØ key.enc°¡ »ý¼ºµÉ¶§ »ç¿ëµÇ¾ú´ø 
Key Value¸¦ ¿ªÃßÀûÇس¾ ¼ö ÀÖ½À´Ï´Ù.

¶ÇÇÑ symmetric encryptionÀ» ÇÏ°í ÀÖ´Â °ÍÀ¸·Î ÃßÁ¤µÇ¹Ç·Î encryption µÈ °á°ú°ª°ú ¿ªÃßÀûÇÑ 
Key Value¸¦ »ç¿ëÇÏ¿© decryption ÇÒ ¼ö ÀÖ½À´Ï´Ù.

-- key.enc ÀÇ time stamp value
$ stat ./key.enc
84 697 -r-------- 1 root wheel 8486 27 "Jun  4 05:38:45 2007" "May 10 21:37:23 2007" "May 31 10:27:43 2007" "May 10 21:37:23 2007" 4096 4 0 ./key.enc

$ stat -r ./key.enc
84 697 0100400 1 0 0 8486 27 1180935525 1178833043 1180607263 1178833043 4096 4 0 ./key.enc

À̸¦ ÅëÇØ key.encÀÇ time stamp value´Â 1178833043 ÀÓÀ» ¾Ë ¼ö ÀÖ½À´Ï´Ù.
À̸¦ Åä´ë·Î encryption½Ã »ç¿ëµÇ¾ú´ø Key Value¸¦ ¿ªÃßÀû ÇÏ´Â Äڵ带
ÀÛ¼ºÇÏ¿´½À´Ï´Ù.


====================================================================
$ cat expFor400Time.c
#include <stdio.h>
#include <time.h>

#define SIZE 100

int main(void)
{
    time_t t = 1178833043; // time stamp value of key.enc
    int i, j;
    long value;
    unsigned char tmpValue;

    srandom(t);
    for( i=1; i<SIZE; i++)
    {

        value = random();
        tmpValue = (unsigned char)value;
        printf("%02x", tmpValue);
    }
    printf("\n");
}
====================================================================

$ ./expFor400Time
dcf2ceb612957e37c658386361b27dbd1d4b6eecab897acb05e6a49ea842ac84357a3a470fb97ed611b6397268b63086019e72ad28ec782dd31ccb7b5f770094f13adb01f359d70510107778c6a7fec74671746e5dec9b300966ac68ddacfccee6d7cf

====================================================================

encryption½Ã »ç¿ëµÇ¾ú´ø byte ¼ö´Â ¾Ë¾Æ³¾¼ö ¾øÀ¸¹Ç·Î brute force ÇÑ´Ù.
À̸¦ À§ÇØ ÀÛ¼ºµÈ ÄÚµå´Â expFor400Brute.py ÀÔ´Ï´Ù.
=====================================================================
$ cat ./expFor400Brute.py
#! /usr/local/bin/python
import os
import struct
import sys
import re

tKey = "dcf2ceb612957e37c658386361b27dbd1d4b6eecab897acb05e6a49ea842ac84357a3a470fb97ed611b6397268b63086019e72ad28ec782dd31ccb7b5f770094f13adb01f359d70510107778c6a7fec74671746e5dec9b300966ac68ddacfccee6d7cf"

############################################
def print_bin_data(data):
    print
    i = 0
    while i < len(data):
        j = 0
        while (i < len(data)) and (j < 16):
            c = '0x%02X' % ord(data[i])
            sys.stdout.write(c)
            sys.stdout.write(' ')
            i += 1
            j += 1
        print
    if i == 0:
        print '<NO DATA>'



if __name__ == "__main__":
    keyStr = ""
    for i in range( len(tKey)/2):
        keyStr += struct.pack("B", int(tKey[i*2:(i+1)*2], 16))

#print_bin_data( keyStr)


    # Brute force of length
    for length in range(1, 90):
        cmd_str = "./awesomeify -D -b %d ./key.enc" % length

        fin, fout = os.popen4(cmd_str)

        fin.write(keyStr[:length])
        fin.flush()
        output = fout.read(100)

        f = open("./key.enc.dec")
        fstr = f.read()
        f.close()
        try:
            re.match("^(\w*)$" , fstr).end()
            print "-----------------------------"
            print "GOT IT ! "
            print "%s" % fstr
            print "-----------------------------"
        except:
            pass
======================================================================

$ ./expFor400Brute.py
-----------------------------
GOT IT !

FORENSIC400 key: infinitybitfromsupercipher