| Author | js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
I have completed all of the js's b4 but this on got me stumped ....
Sums, tab vars, checksum ...
No ... Im really stuck
Dotti.
|
 |
| Author | RE: js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
Kind of like breaking an encryptions.
Each key is turned into a number and if multiple letters are submitted, it does math to all of them to make it unique. You basically have to reverse engineer what the encrypt method is doing and make it the same as the checksum.
What i would do is change the false alert to say alert(sum) and then do guesses from there.
|
|
|
| Author | RE: js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
ty dude, ill try that
Dotti.
|
|
|
| Author | RE: js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
This one is very hard !
Can i pm someone with what i found ?
|
|
|
| Author | RE: js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
u can pm me but i doubt i will get the answer quick...lol
|
|
|
| Author | RE: js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
any thoughts on why is this challenge only worth 40 points. and js15 is worth 50?
js15 is as simple as alerting the comparison string. js16 will really make us reverse the algorithm so i think we should get a little more for our trouble.
im contemplating bruteforce for it but i think this chall might have more than one possible answer.
|
|
|
| Author | RE: js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
I'm with sakarin, I tried bruteforcing it in javascript but my processor went up to 100% and my browser crashed...I think it would take way too long to bruteforce it, especially considering we don't know the character set (the "tab" variable?) or the length. I'm actually really confused on how to go about this challenge, it seems impossible to reverse it because of all the factors involved in calculating the sum, and I do think there could be more than one answer...
|
|
|
| Author | RE: js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
if you coded a bruteforcer for it you should know enough to answer your first doubt
Edited by on 22-06-07 00:49 |
|
|
| Author | RE: js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
right, I guessed about some stuff. I don't think bruteforcing is the right way to go though.
|
|
|
| Author | RE: js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
by bruteforce i mean create a loop that will stop when it matches the comparison string..
the other way is to reverse the algorithm and i don't think i have the brain power to do that.. =)
|
|
|
| Author | RE: js16 |
ranma
Member
Posts: 273
Location: Behind a sphere
Joined: 27.08.05
Rank: Active User | |
| There are definitely many possibilities for this one. I've figured out so far that he first letter doesn't matter, since "i" will always be 0 in the "for" for the first letter, and since multiplying by zero and adding 1 gives you always 1, the sum is not changed, so you can use any first letter from the set "tab". |
|
|
| Author | RE: js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
at first glance i thought that indexOf had that taken care of but u're right.
and one thing is for sure there's only one php file there are at least as many right passwords as there are ascii characters.
|
|
|
| Author | RE: js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
yeah that's what makes me think we're not supposed to bruteforce it...that said, I made a bruteforcer in C just for fun, I had to write a new indexOf function and stuff. it got my processor up to 60 degrees C though so I stopped it but if anyone wants the code PM me.
|
|
|
| Author | RE: js16 |
richohealey
Member
Posts: 1022
Location: #!/usr/local/bin/python
Joined: 01.05.06
Rank: Monster | |
hey guys... yeah it's a tricky one!!
the first character thing is owing to a slight bugger up on my part, though when you get it you'll know what the first character is.... and there are multiple solutions, but you'll arrive at the right one long before any of the wrong one.
Good luck
|
   |
| Author | RE: js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
OK i reversed it but there are thousands of possibilities !
for example (without quotes) :
[deleted]
all those are valid but not the required password!
Richo : maybe you could give us the last character of the pass ? :happy:
Edited by SySTeM on 04-01-09 17:11 |
|
|
| Author | RE: js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
richo have you coded your answer to the challenge. something that doesn't bruteforce and gives the right solution?
i mean when someone creates a challenge it's always good to do some testing before making it public.
if so could you make it avaliable on the final url so we at least know the intended solution?
i still can't get past you comment on having multiple right answers is a feature not a bug..
|
|
|
| Author | RE: js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
Im still really stuck
|
|
|
| Author | RE: js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
thank's for sharing..
|
|
|
| Author | RE: js16 |
I-O-W-A
Member
Posts: 206
Location: Somewhere Only I Know
Joined: 01.08.06
Rank: Apprentice | |
this challange has got me completley stumped lol i dont even know where to begin
^thanx x-x for the sig^
thanks CyberSpider For The Sig ^^
You See My Soul Its Kinda Grey, You See My Heart You look Away |
|
|
| Author | RE: js16 |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
This challenge is IMPOSSIBLE to solve as there are billions of valid solutions ! Bruteforce would take years !
OK you want more "valid" strings ?
[deleted]
And for each you can change the first space with any 85 chars of the tab string and it will still be valid.
So what can we do now ???
[edit] there's 2 spaces between 'p' and '4d' but it shows only one after post... HTML problem 
Edited by SySTeM on 04-01-09 17:11 |
|
|
