|
The way through Easygate
In one simple lesson
|
Javascript
|
10 february 1998
|
by
Tomba
|
|
 |
Courtesy of Reverser's page of
reverse engineering
|
|
fra_00xx 98xxxx handle 1100 NA PC
|
An interesting, technical approach that underlines the importance of deduction in all
reversing matters. Enjoy!
|
|
|
There is a crack, a crack in everything
That's how the light gets in
| |
Rating
|
(x)Beginner ( )Intermediate ( )Advanced ( )Expert
|
|
You'll get a long way with simple deduction.
A deductive & recursive way into Reverser's java-pages
Written by
Tomba
One brain,
One C-compiler,
One Fanta - Orange (you don't need alcohol to do this one ...)
1) Deduction
--> The password has to be 9 positions long. You can find this by dividing the number by
9,8,7,6,5,4,3,2,1 while keeping (& adding) the "leftovers" from the division. If you
understand Reverser's algorithm, you'll know that the resulting number has to be the
sum of 9 numbers from the table. Only with 9 positions do you get a possible number
(14 gives a number that's too small, 7 gives a number that's too big).
--> The actual password is 10 positions, but the first char is thrown away. Do we want
to avoid caps here ? Let's asume so, this means that the table is only to be used
from position 36 (seriously reducing the posibilities).
--> The number of possible combinations is still too big. We need filters. So let's see.
Reverser's pages concerning Java almost always (but not quite always) begin with
"jav". Since the first char is suppressed, this leaves us with "av" in the first
two positions of the password.
--> Conclusion of Deduction
It worked this way, but I was lucky. Without knowing at least 1 char, you would
have to check all the results against a dictionary in order to reduce the
posibilities.
2) The program
--> Pretty straightforward. I used recursion because I love the way it simplifies
coding (as long as you remember "the way out").
/*--------------------------------------*/
/*--- Reverse Engineering project ---*/
/*--- author : Tomba ---*/
/*--- date : 1998/02/07 ---*/
/*--- subject : Easy Javagate ---*/
/*--------------------------------------*/
/*------------------------------------------------------------------*/
/*--- !!! this program has to be compiled in 32 bit mode ---*/
/*--- !!! otherwise the declares of the long doubles & integers ---*/
/*--- !!! won't work. ---*/
/*------------------------------------------------------------------*/
#include /* cin & cout */
#include /* floor & ceil */
/*------------------------------------*/
/*--- Step 0 : Global Declarations ---*/
/*------------------------------------*/
/*--- Our Magic Function (recursive) ---*/
/*--------------------------------------*/
void MagicFunct(unsigned long int, long double);
/*--- The estimated length of the password ---*/
/*--------------------------------------------*/
const unsigned long int lMAXLENGTH = 9;
/*--- The password to be ---*/
/*--------------------------*/
char rgcPassWord[lMAXLENGTH]=" ";
/*--- The constant tables, second one made with the help of ---*/
/*--- the ALERT-function in Reverser's javacoding ---*/
/*-------------------------------------------------------------*/
const char rgcSYMBOL[62]=
{ '0', '1', '2', '3', '4', '5', '6', '7', '8',
'9', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H',
'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q',
'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i',
'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r',
's', 't', 'u', 'v', 'w', 'x', 'y', 'z'};
const unsigned long int rglOBSCURE[62]=
{ 23, 535, 1047, 1559, 2071, 2583, 3095, 3607, 4119,
4631, 12, 21, 26, 38, 53, 72, 101, 139,
294, 375, 584, 841, 1164, 1678, 2425, 4989, 6478,
10076, 14496, 21785, 30621, 69677, 87452,139356,201113,278810,
80, 83, 93, 99, 113, 131, 159, 194, 346,
416, 619, 861, 1165, 1649, 2256, 4766, 6077, 9554,
13713, 20576, 28894, 65661, 82386,131248,164801,262524};
/*----------------------------------------------------------------*/
/*--- step 1 : The Main Function ---*/
/*--- Nothing very complicated, just enter the number ---*/
/*--- & you're off ---*/
/*----------------------------------------------------------------*/
int main(void)
{
/*--- I use a long double instead of an _INT64 ---*/
/*------------------------------------------------*/
long double ldInputNum;
/*--- Enter Reverser's number 25834242042 ---*/
/*-----------------------------------------*/
cout << "Enter Reverser's number :" << endl;
cin >> ldInputNum;
/*--- Call recursion ---*/
/*----------------------*/
MagicFunct(lMAXLENGTH, ldInputNum);
return 0;
}
/*-----------------------------------*/
/*--- step 2 : the Magic Function ---*/
/*-----------------------------------*/
void MagicFunct(unsigned long int lMagicLength,
long double lRestOfReverser)
{
unsigned long int lDivideBy;
long double lHelpRest;
unsigned long int lCount;
lRestOfReverser = lRestOfReverser / lMagicLength;
lDivideBy = lMagicLength - 1;
/*--- Only lowercase characters need apply ---*/
/*--------------------------------------------*/
for ( lCount = 36;
lCount < 62;
lCount ++)
{
/*--- enter filters here ---*/
/*--------------------------*/
/*--- filter 01 : first needed char might be 'a' (from Ja) ---*/
/*------------------------------------------------------------*/
if ( (lDivideBy == 0) &&
(rgcSYMBOL[lCount] != 'a') )
{
continue;
};
/*--- filter 02 : second needed char might be 'v' (from Jav) ---*/
/*--------------------------------------------------------------*/
if ( (lDivideBy == 1) &&
(rgcSYMBOL[lCount] != 'v') )
{
continue;
};
/*--- normal execution of the loop ---*/
/*------------------------------------*/
if ( lDivideBy == 0 )
{
/*--- final character to be found here ---*/
/*----------------------------------------*/
if (lRestOfReverser == rglOBSCURE[lCount] )
{
rgcPassWord[lDivideBy] = rgcSYMBOL[lCount];
rgcPassWord[lMAXLENGTH] = '\0';
cout << "Found it ??? j" << rgcPassWord << endl;
};
}
else
{
/*--- character must make 'natural' division possible ---*/
/*--- because I'm not using integers I had to use ---*/
/*--- both floor & ceil to accomplish this ---*/
/*-------------------------------------------------------*/
lHelpRest = lRestOfReverser - rglOBSCURE[lCount];
if (floor(lHelpRest / lDivideBy) == ceil(lHelpRest / lDivideBy))
{
rgcPassWord[lDivideBy] = rgcSYMBOL[lCount];
MagicFunct(lDivideBy,lHelpRest);
};
};
};
};
Afterthougths
--> I read the help section after I solved the problem. Having the "r" in the last position is
the 1 char I talked about in my "deduction" part. By the way, if "r" is the last char, than
there HAS to be a vowel before that, and "e" is the only possibility there.
Use it, Don't Abuse it !!!
You are deep inside reverser's page of reverse engineering,
choose your way out:
homepage
links
search_forms
+ORC
students' essays
academy database
reality cracking
how to search
javascript wars
tools
anonymity academy
cocktails
antismut CGI-scripts
mail_reverser
Is reverse engineering legal?