Donate to us via Paypal!
Never in the field of human conflict was so much owed by so many to so few. - Winston Churchill
Friday, December 04, 2020
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 104
Guests Online: 101
Members Online: 3

Registered Members: 130836
Newest Member: hesterkk2
Latest Articles

Javascript16

Arrow Image A guide to beating js16



The script works by taking the password you enter and doing various functions to it to give it a value. It then compares this value to the checksum and if they are the same you complete the challenge. All we need to do to complete this challenge is make our password equal the value of the checksum. There are thousands of possibilities so this shouldn't be too hard.

There are two possible ways to complete this mission:
----------------------------------------------------
1. Bruteforce
2. Dictionary attack


What we need to find out:
-------------------------
*The checksum
*The length of the password


The checksum:
-------------
The javascript code which changes your input into a value is a function called "Check(checksum)". The function is executed when the "check" button is pressed. The checksum is given as an argument, so you can look for the checksum as an argument between the <form> tags or you could just edit the script to make it alert the checksum to you.


The length:
-----------
For this section you are going to have to edit the script so that instead of alerting "Wrong Pass!! Try Again." it will alert the sum.
The length of the correct password can be worked out mathematically. To calculate the sum, every part of the entered string is multiplied by the number of characters of the string. This means that the string length must be a divisor of the final sum (minus one, because it starts with 1 instead of 0). Therefore, the password length must be a divisor of the checksum - 1.
We know that the longest password that the password box will accept is 20 characters. So see which numbers between 1-20 are divisors of the checksum-1, make a list of these numbers. You should now have 8 possible numbers in your list. So, using the character from the character set with the highest value, '@', find out the most characters you can input without going over the required checksum. Starting with '@' then '@@' and so on. Write this number down. Now use the character from the character set with lowest value, 'a'. See how many characters you can use without going under the required checksum. Write this number down. Now, the number in your list of 8 possibilities which is between these two numbers is the length of the required password.


Bruteforcer:
------------
If you are coding a bruteforcer this is all the information you need. We know the length of the password so coding an efficient bruteforcer is pretty easy. Convert the javascript function into a language of your choice. Use a powerful language such as C++. If you make your bruteforcer efficient enough, you will turn out a few correct strings in no time. DO NOT CODE YOUR BRUTEFORCER IN JAVASCRIPT!!! It will crash your browser.


Dictionary attack:
------------------
I coded a dictionary attack in javascript. It pushed my browser to the verge of crashing but it worked fine. If you are going to use a dictionary attack to complete this challenge you can't just use a list of 12 letter words because there won't be any words that match the checksum. What you want to do is string smaller words together to make 12 characters. Add a few numbers aswell. Do something like word+number+word. Play around with the format a bit and you'll eventually get it.



So...that's the end of this article. Hoped it helped you a bit. If you need any further help please don't hesitate to contact me, either by pm or by posting a comment here. I'll be glad to help. After all, thats why I wrote this article.

southafrica1

Comments

korgon April 09 2010 - 00:12:26
I liked it, Gives enough info but not too much to spoil. 10/10.
CBOon April 14 2010 - 20:36:22
Very good ! I wonder if one should use the alphabet given in the javascript or just a-z and 0-9. Because the alphabet is real long. Btw. I coded a Bruteforcer in C++ and well, ... it takes longer than some time. Really long when using real brute force.
elmiguelon April 19 2010 - 02:40:50
Good article, I made a brute force in Actionscript 3 (flash), it was easier to transcode JS to AS (same base).
southafrica1on April 24 2010 - 08:22:25
Thanks for the comments people. CBO, have you tried optimizing your code by changing the password that it is trying in relation to whether it is going above or below the checksum? The trick is not to try and make your code try tons of strings faster, but to avoid trying tons of strings
kadenon May 23 2011 - 11:39:52
I just did this challenge. there are a few hints around the forums, and tbh it took me less then 10 minutes to get my program made. I did this in java as its my prefered language. For those who can't get this, try looking through the forums. there are pleanty of hints to get the correct answer. After writing my program it gave me the correct answer in less then 5 seconds. My technique was a sort of Dictionary/bruteforce hybrid.
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.