26292 total geeks with 3498 solutions

Recent challengers:

UserZero level 1 - 11:38PM
Tyranus level 2 - 02:21AM
Tyranus level 1 - 01:44AM

Welcome, you are an anonymous user! [register] [login]

	GEEK
Challenge Bonus Levels Geek Reverser View Solutions Test Centre Hall of Brain Hall of Bonus Hall of Reverse Geek or Freak

User's box

Username:

Password:

Forgot password?
New account

Shoutbox

	MaxMouse It's Friday... That's good enough for me!
	CodeX non stop lolz here but thats soon to end thanks to uni, surely the rest of the world is going good?
	stabat how things are going guys? Here... boring...
	CodeX I must be going wrong on the password lengths then, as long as it was done on ECB
	MaxMouse lol... the key is in hex (MD5: of the string "doit" without the "'s) and is in lower case. Maybe i should have submitted this as a challenge!

Donate

Donate and help us fund new challenges

Due Date:	May 31
May Goal:	$40.00
Gross:	$0.00
Net Balance:	$0.00
Left to go:	$40.00

Contributors

News Feeds

The Register

	Phones for the elderly: Testers wanted for senior service
	Lego X-wing fighter touches down in New York"s Times Square
	Experts: Network security deteriorating, privacy a lost cause
	Internet cafés declared "illegal businesses" in Ohio
	SAP shuffles execs to chase cloud success
	AT&T adds 61¢ "Mobility Administrative Fee" for users
	Microsoft caves to Google, pulls YouTube app from WinPhone Store
	Amazon expands Appstore reach, gives devs more user data
	Now it gets serious: Fracking could RUIN BEER
	Reports: New Xbox could DOOM second-hand games market

Slashdot

	Six Months Developing Software For Wearable Computing
	Human Stem Cell Cloning Paper Contains Reused Images
	How the Smartphone Killed the Three-day Weekend
	Spain"s New S-80 Class Submarines Sink, But Won"t Float
	Can the Wii U Survive Against the PS4 and Xbox One?
	World"s Biggest "Agile" Software Project Close To Failure
	Google Unable To Keep Paying App Developers In Argentina
	Ex-Marine Detained Under Operation Vigilant Eagle For His Political Views Sues
	European Commission Launches $12 Billion Chip Support Campaign
	Scanner Identifies Malware Strains, Could Be Future of AV

Article viewer

Why JScript crypto is insecure

Written by:	dimport
Published by:	Nightscript
Published on:	2003-06-21 07:19:46
Topic:	Javascript

Search OSI about Javascript.

More articles by dimport.

viewed 10284 times

The following is the reason why using java-script cryptography is not very secure. I'm going to paste some code and then show you why. OK heres the code....

---------------------copy & paste begin-------------------------------------

var pass=new Array()
var t3=""
var lim=6
pass[0]="J1MtnBQAfoxi1WO"
pass[1]="gFViHrEGzELGXK"
pass[2]="ALoTt4CuswQGzah"
pass[3]="wyVAKUCMEIVg"
pass[4]="9LGQAm5YIHf6WCvJ"
pass[5]="53LGQAm5YIHf6WCv"
//configure extension to reflect the extension type of the target web page
(ie: .htm or .html)
var extension=".htm"
var enablelocking=0
var
numletter="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
var temp3=''
var cur=0

function max(which){
return (pass[Math.ceil(which)+(3&15)].substring(0,1))
}
function testit(input){
temp=numletter.indexOf(input)
var temp2=temp^parseInt(pass[phase1-1+(1|3)].substring(0,2))
temp2=numletter.substring(temp2,temp2+1)
return (temp2)
}

function submitentry(){
t3=''
verification=document.password1.password2.value
phase1=Math.ceil(Math.random())-6+(2

---------------------------------copy & paste end-------------------------------------

This is commonly used code at websites for pasworded access. Who said all
those cryptograph problems in my puzzle books never paid off!!! The first
thing to notice here is that this script works by taking the password that
the user enters and adds .htm to it then takes you to that page. So if the
password was "woot" then it would take us to woot.htm.We know this
because of the following lines:

var extension=".htm"
&
window.location=verification+extension

---------------------------------------------------

Now at the top of the code is a line that says:

var lim=6

this is the length of the password.
----------------------------------------------------

We also see this line at the top:

var t3=""

This is a variable that is being set to "nothing" at the beginning of the
code before things get cranking. (Same as in Qbasic) But notice that it shows up later in the code during the verification of the password.This variable is actually what the password is AFTER it is de-encrypted. We can use this to our advantage.

----------------------------------------------------------------------------

At the end of the code we have:

alert("Invalid password. Please try again")

Obviously this is what the user sees when he enters the wrong password. How
about we edit that a bit and save it to the hard drive? We want to know what
t3 is. (Because inquiring minds want to know!) so lets change that line to
say this...

alert(t3)

Now we save it to the hard drive and change it's extension to .html or .htm
so we can load that puppy up in good-ole Internet Explorer and crack at it
on the Hard drive. wOOt wOOt.

----------------------------------------------------------------------------

Back at the top of the code, we have this....

pass[0]="J1MtnBQAfoxi1WO"
pass[1]="gFViHrEGzELGXK"
pass[2]="ALoTt4CuswQGzah"
pass[3]="wyVAKUCMEIVg"
pass[4]="9LGQAm5YIHf6WCvJ"
pass[5]="53LGQAm5YIHf6WCv"

Hmmmm. This took me a while to figure out. Theres only one password right?
So why are there 6 encrypted lines here? At first I thought it was 1
encrypted line per letter. Since the password length is 6, but that is only
what the author wants you to think. Turns out only one of them is the
password and the rest are meaningless decoys or fakes to throw people like
us off. I've found that pass[3] is usually the one thats real. so we will
ignore the rest even though we could do those too if we wanted, but it would
come out as giberish. Only one would look like a password at the beginning
of it.

OK so now we copy and paste the letters from pass[3] into the password box
of the page that it running off of the code we just edited. (wyVAKUCMEIVg in
this case) Essentially we are using the code against itself to decrypt it
for us. Instead of telling us "invalid pass", it tells us t3. The response
it gives for this example is:

"lnchrdj5t"

Now we are getting somewhere. OK var lim=6 (the length) so we only use the
first 6 letters. So now we have:

lnchrd

Now who would use that for a password? So we must be missing some letters.
Well, java-script is ignoring any zeros that go into the string.even if they
represent letters. So we have to find out which letters equals zero for this
example. So first we type in a zero and we get an "R". So we have to see
which letters equal R (because R=0) so we type in all the letters of the
alphabet one at a time into our newly-made self-decrypter. (This includes
Upper case Lower case and 0-9 numbers)
Well the only letters that come back that equal R in this example are:

a & b

SO what we have thus far is :

lnchrd

missing an "a" or a "b" or both. Well they could be inserted anywhere but we
know that lnchrd is already in the correct order. So I tried
lanchard (inserted 2 a's) and it actually took me to "lanchard.htm" instead
of giving me the usual alert, which of course does not exist on my hard
drive since thats where I was testing. So I got a 404. So I tried it on the
REAL website- didn't work. (is lanchard even a word?)
But I must be getting close.

Then I thought where in the heck would a "b" even fit in here to make a
word? Ding!!! Its gotta be the first letter followed by the "a" !!!
so I tried

"blanchard" hmmm it tried to take me to blanchard.htm instead of giving me
the usual alert. So I tried it on the REAL website. Bingo I'm in!

I won't reveal what website this example code came from but Google is a great place to get examples. There are many javascript tutorials on the internet.
Whatfun

This article was originally written by whatfun

Did you like this article? There are hundreds more.

Comments:

dsakfl
2005-07-26 19:59:14

This makes little sense. Here's the REAL way on getting the password out of this script. Just follow the

authentication procedure backwards. It's that simple. This script tries to confuse the reader with bit

shifts and math functions and constants, but if you were to just work them out it's really quite simple.

For instance we have the following line of code:

phase1 = Math.ceil(Math.random()) - 6 + (2<<2)

But, 0 < Math.random() < 1 and 2<<2 = 8, so Math.ceil(...) = 1 and therefore phase1 = 8. It's just that

simple. Anyway, the password is always in pass[3] and pass[4][0] is the length of the password,

not lim. So in your example:

     pass[0]="J1MtnBQAfoxi1WO"
     pass[1]="gFViHrEGzELGXK"
     pass[2]="ALoTt4CuswQGzah"
     pass[3]="wyVAKUCMEIVg"
     pass[4]="9LGQAm5YIHf6WCvJ"
     pass[5]="53LGQAm5YIHf6WCv"

The "encrypted" password is wyVAKUCME of length 9. The number 53 (pass[5][0] and pass[5][1]) is the "key" so to say. In the function testit(), this number is XOR'd with the index of numletter[] where the letter of the encrypted password occurs. (If you don't know what XOR is and why it work in this script, you really have no business being a programmer in my opinion... Know your bitwise operators!). So we have 'w' which is at index 32 in numletter. 32 XOR 53 = 100000 XOR 110101 = 010101 = 21. So the first letter of the password is numletter[21] = l. Continuing in the fashion give you password. By the way "blanchard" is not the password in this example.

The better way to password protect is just have the password be the name of webpage (as is here) and skip the validation all together. If the password is wrong, they get a 404, and if it's right they're in.

dsakfl
2005-07-26 20:00:10

Correction, phase1 = 3... Can't add today!

Anonymous
2007-03-24 15:45:45

What do you think is the password here, then?? XD Guess what it is!

var pass=new Array(
var t3=""
var lim=7
pass[0]="ncHc57SrAJ0v2Nc"
pass[1]="XPsUBB3U8zmXHzf"
pass[2]="yxiz8LlAhTqLfV"
pass[3]="6bo5rliF19kO2hl"
pass[4]="7l8zkfDkOly1HGGa"
pass[5]="21l8zkfDkOly1HGG"

email me at potlog2carlo @ yahoo dot com

Anonymous
2007-06-12 15:12:47

anonymous, you can try it...if you want to crack a page, the least you can do is to find the password by yourself!! XDD

Anonymous
2008-01-26 00:56:47

Just make a small Java program like this:

public static void main(String[] args) {
int lim = 9;
String [] pass = new String[6];
String numletter="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
pass[0]="OUR4O2ZpDtLP7qI";
pass[1]="yp1qUglYgOyK1bu";
pass[2]="sNdHBTPgeK8Ht0b";
pass[3]="jm3fileafMGvhFS";
pass[4]="9mixyaT7TrOd1M5W";
pass[5]="24mixyaT7TrOd1M5";
String answer = getPass(pass, lim, numletter);
System.out.println("\nThe password is: '" + answer + "'");
}
public static String getPass(String [] pass, int lim, String numletter) {
String decoded = "";
String encoded = pass[3].substring(0, lim);
for (int i=0; i<lim; i++) {
int p = numletter.indexOf(encoded.charAt(i));
int s = Integer.parseInt(pass[5].substring(0, 2));
decoded += numletter.charAt(p^s);
}
return decoded;
}

Change the lim, pass array, and numletter to whatever is on the website. Run the program, get password.

Anonymously add a comment: (or register here)
(registration is really fast and we send you no spam)

BB Code is enabled.

Captcha Number:

Blogs: (People who have posted blogs on this subject..)

Thizzordie

help Koch Snowflake on Fri 12th Jun 10am
var total_num_sides; var current_num_sides = 3; var x = 4; var i; { total_num_sides = current_num_sides * x; i++; total_num_sides = current_num_sides; }do while (i<=93); document.write(total_num_sides); ^^^^ help koch sno

Your Ad Here