Hi everyone,



                 first i want to tell reverser+ that his affirmation in the main entrance

                 is not quite correct:

                 "All my pages are optimized for Opera browsers, could not care less

                 about lusers using Netscape or M$IE".

                 In the Java problem, the ones that use Opera (me) are the lusers, coz

                 Opera has some bugs in Java. How can it be possible that the Javascript

                 generated code with Opera for the password 'javfurther' is 4205221038

                 (should be 25834242042). However, if i give Opera the explicit array of

                 f, it calculates the value: 25834242024, but compares that value with

                 25834242042 (the same) and it returns false! So i had to use Netscape

                 for this approach.

                 for a good reason, reverser+ invites us not only to find the passwords

                 that

                 matches the number 25834242042, but to choose the passwd that makes

                 sense. that was the second plan applied by reverser+ in order to put our

                 brains at work. however, we had to search in 308 passwords, that is

                 easy,

                 but what if the password was 'makessense' and the postgenerated passwds

                 for the number 1313019801 (that is the code for 'makessense') were in

                 number of four thousands, that would be a real searching, and would

                 really eliminate the ones that search for 'jav' or 'frav' or whatever.

                 by the way, reverser+ gived too much hints, some of these 'crackers'

                 should

                 not pass the gateway. they used your 'r' last leter hint, or the passwd

                 must contain 'jav' or 'ava', and other 'deductions' like this.

                 the password length was easy to find, and with a little thinking, any

                 real cracker should know to build a program that generates all valid

                 passwds from a code and see which makes sense.

                 this c++ program shows a real solution using backtracking



                 <---------------------- cut here ----------------------->



                 // reverser.cpp - (c) 1998 by +mISu

                 //

                 // cracker for reverser+ advanced java 'easy' entrance

                 // it gives all the valid passwds for 25834242042

                 // but it is really sad to search for 'xubwqhdich.htm'

                 // on reverser.org. this shows no imagination, so you'll

                 // have to find the correct passwd from these ones...

                 //

                 // compile 'wcl386 /k1000 reverser'



                 #include <iostream.h>



                 #define  XFROM  36

                 #define  TARGET 25834242042



                 int main(int argc, char* argv[])

                 {

                     long f[62]= {     23,    535,   1047,   1559,   2071,

                                     2583,   3095,   3607,   4119,   4631,

                                       12,     21,     26,     38,     53,

                                       72,    101,    139,    294,    375,

                                      584,    841,   1164,   1678,   2425,

                                     4989,   6478,  10076,  14494,  21785,

                                    30621,  69677,  87452, 139356, 201113,

                                   278810,     80,     83,     93,     99,

                                      113,    131,    159,    194,    346,

                                      416,    619,    861,   1165,   1649,

                                     2256,   4766,   6077,   9554,  13713,

                                    20576,  28894,  65661,  82386, 131248,

                                   164801, 262524 };

                     char base[62]={'0','1','2','3','4','5','6','7','8','9',

                                    'A','B','C','D','E','F','G','H','I','J',

                                    'K','L','M','N','O','P','Q','R','S','T',

                                    'U','V','W','X','Y','Z','a','b','c','d',

                                    'e','f','g','h','i','j','k','l','m','n',

                                    'o','p','q','r','s','t','u','v','w','x',

                                    'y','z'};

                     __int64     temp,stack[8];

                     int         i,j,x,sc,stackx[9],n;

                     char        pass[11]="?123456789",nl[2]={0x0d,0x0a};



                     sc=0;

                     n=0;

                     x=XFROM;

                     cout << "reverser advanced java \'easy\' entrance valid passwds" <<

                 endl;

                     cout << "(c) 1998 by +mISu" << endl;

                     cout << "find the good one, it REALLY makes sense!" << endl;

                     cout << "___________________________________________________" <<

                 endl << endl;

                     cerr << "Working..." << endl;

                     temp=TARGET/9;

                 ag: while(sc<8)

                     {

                         while((x>61)|(temp-f[x])%(8-sc))

                         {

                             if(x<62) { x++; continue; }

                 backt:      sc--;

                             if(sc<0) goto end;

                             temp=stack[sc];

                             x=stackx[sc]+1;

                             if(x>61) goto backt;

                         }

                         stack[sc]=temp;

                         stackx[sc]=x;

                         temp=(temp-f[x])/(8-sc);

                         sc++;

                         x=XFROM;

                     }

                     for(i=XFROM;i<62;i++) if(temp==f[i])

                     {

                         for(j=0;j<8;j++) pass[9-j]=base[stackx[j]];

                         n++;

                         pass[1]=base[i];

                         if(n<100) cout << "0";

                         if(n<10) cout << "0";

                         cout << n << ": " << pass << endl;

                         break;

                     }

                     goto backt;



                 end:return 0;

                 }



                 <---------------------- cut here ----------------------->



                 +mISu (plusmisu@eudoramail.com)





redhomepage redlinks red+ORC redbots wars redreality cracking redcounter measures
redbots wars redantismut CGI tricks redacademy database redtools redjavascript tricks
redcocktails redsearch_forms redmail_reverser
redIs software reverse engineering illegal?