| Author | Javascript 16. bruteforce, really |
asdfgasdfg
Member
Posts: 5
Location:
Joined: 11.09.13
Rank: Hacker Level 1 | |
So I finally reached javascript 16 and after reading through the javascript and learning about the algoritm I created my own bruteforce in python, but since the algorithm uses 65 characters brutforcing the password will take forever, I only reach about 100k checksums per second with my python script. Is there some clue I've missed on different characters I can filter or something? Or is it possible to create a bruteforce for 1kk+ checksums per second?
Also I've read though the articles and a lot of threads and most information I can find it that the password is 12 characters long, and may look like this '4LetterWord-4Digits-4LetterWord' without the '-'. 12 characters long with 65 possible characters mean about 6,831,675,453,247,426,400,256 total combinations and then 12 characters long are only rumors.
Edited by Mordak on 14-09-13 21:03 |
 |
| Author | RE: Javascript 16. bruteforce, really |
rex_mundi
☆ Lucifer ☆
Posts: 1986
Location: Scotland
Joined: 20.02.08
Rank: God | |
1) The password is 12 characters long
2) The password is in the format wordNUMBERword all lowercase chars.
3) The password 'makes sense'
All those hints referred to when the challenge originally only accepted one answer.
It was changed ages ago to also accept multiple solutions where those rules no longer apply.
However, since you already know the format of the original answer, a simple combined dictionary attack using a common 4 letter wordlist and a list of 4 digit numbers, should take no time at all to complete, in comparison to blindly bruteforcing 12 chars with a full charset.
Edited by rex_mundi on 15-09-13 20:03 |
   |
| Author | RE: Javascript 16. bruteforce, really |
synstealth
Member
Posts: 812
Location: /etc/shadow
Joined: 30.11.04
Rank: God | |
ha,, to me.. in my opinion.. the password DOES not make sense. LOL  |
|
|
| Author | RE: Javascript 16. bruteforce, really |
ArgonQ
Member
Posts: 19
Location:
Joined: 20.11.09
Rank: God | |
I never did crack the original pass..mmmh think i'll have a try
using python.
begin@19:37-->
end @20:07--> got one but i does not look meaningful 
edit
Hmm got some more but still not meaningful, this could take a while.
@asdfgasdfg:
keep your code flat.
try psyco or pypy for speedup.
edit @20:54 got it, hehehe.
Edited by ArgonQ on 21-09-13 20:54 |
|
|
| Author | RE: Javascript 16. bruteforce, really |
asdfgasdfg
Member
Posts: 5
Location:
Joined: 11.09.13
Rank: Hacker Level 1 | |
| Yea I'm done with this challenge now, I have to say dictionary attack is the way to go. A medium dictionary and search "4-letter-word 4-digits 4-letter-word" combinding a 12 character long string |
|
|
| Author | RE: Javascript 16. bruteforce, really |
synstealth
Member
Posts: 812
Location: /etc/shadow
Joined: 30.11.04
Rank: God | |
the idea of this 4letter word+4digit+4letter word combination has nothing to do with a specific word to be used as a password that makes sense. it is only there to make you think harder!
this challenge is all about getting the right checksum. the password itself must go through the iteration to the point where the position of the character that is given in a order , by using that position number makes a big difference so that is why I had to go through each line combined from 2 wordlists to compare with the checksum using my php script, I got a long list of passwords, and all of them worked...
that is why I said the password does not make sense lol.
|
|
|
| Author | RE: Javascript 16. bruteforce, really |
Euforia33
philalethes
Posts: 879
Location:
Joined: 05.10.09
Rank: God | |
| That is basically how I solved it but word lists or dictionary attacks aren't really necessary. Just set a charset and it will spit out a working "password" in less than a second, at the time it seemed more like coding a keygen than anything else, but that was just my approach. |
|
|
| Author | RE: Javascript 16. bruteforce, really |
FikretPhh
Member
Posts: 6
Location:
Joined: 15.08.11
Rank: God | |
To those that might still be having trouble with this, check that your "tab" variable contains the right number of space characters (copy pasting from the site can cut off some of them, and they do matter for the reverse algorithm). If u need help just PM me it really isn't that hard  |
|
|
