|
An accidental? solution on the road to devious |
Devious | |
 |
|
|
| fra_00xx 980308 JimBob 1000 NA PC | Well, the minimum you can do if you found this 'easy' entrance is (if you did not do it already) to work your way in through the harder devious one and trough the TWO accesses to the advanced javascript page! |
|
I tried out the page before even looking at the source, just to see
what it wanted and what its responses were.
First I quickly read the couple sentences on your easy page and
saw it wanted a password. I entered the word 'correct' and got sent
to _tuub_o.htm. Hmm, it looks like a 1 to 1 letter substitution,
it has the same number of letters in each word and the c's become
_'s
and the r's become u's. We haven't looked at the source yet so we
still
don't know exactly what +his set of letters is.
If we glance at the source we can confirm that a simple letter
exchange
is happening based on the string
"0123456789ibwdefghajklmnopqrstuvcxyz._~VBCDEFMHIJKLGNOPQRSTUAWXYZ"
But why make it hard so quickly, lets forget about the specifics of
the protection for a minute. Lets slow down and re-read what
reverser
actually wrote 'the code works as a generator: if you introduce
the name of a url, you get the password to the url as well,
Wait a minute now, that sounds like he's giving us part
of the answer right here!
So we also re-read the 2nd sentence 'The correct password,
that would land you on my 'devious' page on 20 MARCH 1998, would
land you on vournt.htm on another march day..another, not any other
day'
I figured that if the same password would get you to 2 different
pages on different days, then somehow the protection must also use
the date when scrambling the password, this seems re-enforced by the
fact
that he emphasizes another day and not any other.
He tells us the protection can be used as a keygenerator.
Now if I want to find the password the the page vournt.htm, I need
to enter the word 'vournt' as the password and get a 404 error,
but write down the page it tried to find. Then I take this page,
which when I tried this on March 4th, I got rsqvjp.htm. So lets
test what reverser is telling us and enter 'rsqvjp' as the password
and bingo, we land on vournt.htm Now lets examine what he is saying
about March 20th,
'The correct password, that would land you on my 'devious' page
on 20 MARCH 1998, would land you on vournt.htm on another march
day'
Ok so on March 4th the password to vournt.htm is 'rsqvjp' I figure
ok,
all I have to do is set my clock and find the password to vournt.htm
on each day of the month, 1-31 and then set my clock to March 20th
and try each password. So I start entering vournt as the password
on each day of the month, then on March 30th, I enter vournt and
instead of a 404 error and a password, I get sent to the devious
page!
Now I ask myself 2 questions, was my approach correct?
and what the hell just happened?
1st, yes my approach would have worked, Here is a listing of the
passwords
for vournt.htm on each eay of March:
1 upvqms
2 tqsplv
3 srtoku
4 rsqvjp
5 qtruao
6 puothr
7 ovpsgq
8 ngmjvl
9 mhnauk
10 lakhtn
11 kjlgsm
12 jkanrh
13 aljmqg
14 hmglpj
15 gnhkoa
16 f8eb7d
17 e9fi6w
18 diw95f
19 wbd84e
20 bwif39
21 idbe28
22 9e8d1b
23 8f9w0i
24 7063f5
25 6172e4
26 5241d7
27 4350w6
28 3427b1
29 2536i0
30 160593.htm devious javascript page!
31 071482
On March 10 the password for vournt.htm was lakhtn,if I try that
password on March 20th, it does also bring me to the devious page.
2nd, I guess what I am left asking myself is, is this how reverser
'happened' to choose the pair 160593 and vournt?
homepage
links
search_forms
+ORC
students' essays
academy database
reality cracking
how to search
javascript wars
tools
anonymity academy
cocktails
antismut CGI-scripts
mail_reverser
Is reverse engineering
legal?