*****************************************
The 'WHEEL OF FORTUNE' solution by Pr!Me5
*****************************************


after cracking Fravia's 'easy' solution to the devious page in about 20 minutes, i decided to check out his corresponding 'easy' entrance to the advanced page. i was shocked to find that this entrance wasn't as easy as the other one. really contrasting concepts of 'easy'!

i contemplated writing a brute force cracker but was reluctant. i didn't need to do any calculations to know that there would be a helluva lot of possibilities. and i wasn't too eager to go through all of these possibilities just to find 1 correct password. not to mention the waiting time for the brute cracker to finish its run. i also personally find brute force cracking a lazy and unimpressive way of doing things. traditional brute force cracking methods are almost always a last resort for me.

at the outset, to make things more challenging, there was this self-imposed restriction that i would only use javascript to crack Fravia's tests. JAVASCRIPT TO CRACK JAVASCRIPT. this seemed to make sense since i was within Fravia's javascript section. i also promised myself not to look at Fravia's help page.

preliminary calculations showed that the password length consisted of 10 characters. a strange thing i noticed was that the code used the second character onwards to get the encrypted pass, meaning that the first character can be anything. was this an oversight? i also determined the possible last characters. ((25834242042/9)-f[x]) just had to be perfectly divisible by 8. this gave C, Z, h, i, r, w as possibilities. here's another property of your code, that the second and third password characters could be interchanged.
((0 + f[x])*1 + f[y])*2
=2*f[x] + 2*f[y]
=((0 + f[y])*1 + f[x])*2
and hence interchanging won't affect the encrypted result. to be honest, this was something i only realised after trying out a script i wrote (which will be talked about in the coming paragraphs).

what happened next is pretty interesting.

while trying to figure out a ZEN way of cracking, i suddenly heard shouts from my room. it was just my girlfriend getting excited watching the popular wheel-of-fortune gameshow. i decided to take a break and join her. in the midst of our excited shouting, a thought struck me. wouldn't it be cool if i can crack Fravia's password in a fashion similar to the wheel-of-fortune guessing sequence? i had already figured out that i could find the possible characters working from the right to the left. hmmm, kinda interesting. i took a smoke.

my scripting began...

my girlfriend was wondering why i wasn't really keeping her much company. she sorta hovered around my computer imploringly. i decided to take another break and explain to her what i was doing, and at the same time give her some attention. she became pretty interested in my script, especially when i told her about my wheel-of-fortune idea. she even wanted to try it out. and so i was persuaded to make my script user-friendly enough that she could 'play' it. no problem, dear...

my idea was this. an alert box displays the possibilities for the last (9th) character. my choice then generates the next set of possibilities for the 8th character, displayed in an alert box. i guess again. this generates the next set of possibilities and so on working leftwards. when i have 2 characters left to guess, i will then generate all the possible passwords, if any, using my selected 7 characters and display them in another alert box. you'll have to wait a while for this final step to run. it takes about 10 seconds on msie and 20-30 seconds for netscape. not sure about opera. so even though you hate msie, using it for my script would be your best bet. the user can at any time go back and change any or all of his previous selections. i assumed of course that Fravia chose a password which didn't look like gibberish, and that this password was in english. after all, this was supposed to be the 'easy' test, right? i should then know not to chose a 'q' after say an 'x'. i should also know when vowels or consonants should come next, based probably on english words. in short, a mini wheel-of-fortune guessing game!

i began trying out my script, but i always reached a dead end. the problem is, i didn't know whether to use all the possible characters (numbers and digits),numbers only, lowercase letters only, etc. too many possibilities! i was kinda forced to turn to Fravia's help section. but i promised myself to only look at ONE clue. i ignored the 2 long letters by jean and tristan and then, bingo! i read that the last letter was an 'r'. i also read that the password contained letters only. damn, that was TWO clues, but i guess it was kinda inescapable since both these clues were written so close together.

using my wheel-of-fortune script and the clues, i then managed to guess the correct password in 45 minutes. based on the lowercase 'r', i made the reasonable assumption that all the letters were likewise in lowercase, except perhaps when 2 or more words were joined together (eg. DarthVader). i also deduced that an 'e' should precede the 'r', since the other possibilities of L, T, W, d, q, v were highly unlikely to give legitimate english words. incidentally, when i got '***ehither' as a possibility, i thought i had cracked it and the password was 'comehither'. alas it wasn't to be...yet. when i got '*avfurther', i knew for sure that this time i got it. immediately after reaching 'javfurther.htm', i started writing this essay.

after explaining some things to my girlfriend and giving her a few clues, i let her try guessing Fravia's password with my script. she was kinda hooked. surprisingly, she got it in under an hour. it's probably coz she's an expert at wheel-of-fortune and other similar word games. she even forced me to come up with my own passwords so she could 'play' again! i don't know if my method is the best, but it's definitely the most fun!

here's the code below. just hit the 'Start!' button before each selection.
----------------------start------------------------
<HTML>
<HEAD>
<TITLE>'WHEEL OF FORTUNE' cracker by Pr!Me5</TITLE>
<SCRIPT language="JavaScript">
<!--
base=new 
Array("0","1","2","3","4","5","6","7","8","9","A","B","C","D","E","F","G","H","I","J",
"K","L","M","N","O","P","Q","R","S","T","U","V","W","X","Y","Z","a","b","c","d","e","f","g",
"h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z");
K=new Array();
f=new 
Array(23,535,1047,1559,2071,2583,3095,3607,4119,4631,12,21,26,38,53,72,101,139,294,375,
584,841,1164,1678,2425,4989,6478,10076,14494,21785,30621,69677,87452,139356,201113,278810,80,
83,93,99,113,131,159,194,346,416,619,861,1165,1649,2256,4766,6077,9554,13713,20576,28894,
65661,82386,131248,164801,262524);
//*****************************************
//required 25834242042
function crack(form) {
calc=eval(form.pwcode.value);
calc2=0;
lttr=new
Array(form.lttr1.value,form.lttr2.value,form.lttr3.value,
form.lttr4.value,form.lttr5.value,form.lttr6.value,form.lttr7.value,
form.lttr8.value,form.lttr9.value,form.lttr10.value);
deadend="Uh oh...dead end! Try again.";
find2="";
show2="";
num1=0;
num2=9;
num3=9;
for (a=0;a<10;a++) {
num1=(lttr[num2]!==""?num1+1:num1)
if (lttr[num2]=="") {
break;
}
num2--;
}
for (b=0;b<num1;b++) {
for (c=10;c<62;c++) {
if (lttr[num3]==base[c]) {
calc/=num3;
calc-=f[c];
}
}
num3--
}
num1=8-num1;
calc1=calc/(num1+1);
for (d=10;d<62;d++) {
calc2=calc1-f[d];
find1=(calc2%num1==0?base[d]:"");
find2+=(find1==""?"":find1+", ");
}
if (find2==""&&num1>1) {
alert(deadend);
}
if (num1==1) {
rem=form.lttr4.value+form.lttr5.value+form.lttr6.value+form.lttr7.value
+form.lttr8.value+form.lttr9.value+form.lttr10.value;
result();
msg=(show2==""?deadend:"Here are the
possibilities:\n\n"+show2)
alert(msg);
}
if (find2!==""&&num1>1) {
alert("Choose a character:\n\n"+find2);
}
}
function result() {
make=new Array();
for (e=10;e<62;e++) {
make[0]=base[e];
for (f1=10;f1<62;f1++) {
make[1]=base[f1];
calc3=0;
for(g=1;g<3;g++) {
for(h=10;h<62;h++) {
if (make[g-1]==base[h]) {
calc3+=f[h];
calc3*=g;
show1=(calc3==calc?"*"+make[0]+make[1]+rem:"");
show2+=(show1==""?"":show1+"\n");
}
}
}
}
}
return(show2);
}
//-->
</SCRIPT>
</HEAD>
<BODY>
<FORM>
<P>
<INPUT TYPE="text" SIZE=2 NAME="lttr1" VALUE="*">
<INPUT TYPE="text" SIZE=2 NAME="lttr2">
<INPUT TYPE="text" SIZE=2 NAME="lttr3">
<INPUT TYPE="text" SIZE=2 NAME="lttr4">
<INPUT TYPE="text" SIZE=2 NAME="lttr5">
<INPUT TYPE="text" SIZE=2 NAME="lttr6">
<INPUT TYPE="text" SIZE=2 NAME="lttr7">
<INPUT TYPE="text" SIZE=2 NAME="lttr8">
<INPUT TYPE="text" SIZE=2 NAME="lttr9">
<INPUT TYPE="text" SIZE=2 NAME="lttr10">
<FONT FACE="ARIAL"><B>Enter from <U>right to
left</U></B></FONT></P>
</P>
<P><INPUT TYPE="text" SIZE=14 NAME="pwcode"
VALUE="25834242042">
<FONT FACE="ARIAL"><B>Password code</B></FONT></P>
<P><INPUT TYPE="button" VALUE="Start!"
onClick="crack(this.form)"></P>
</FORM>
</BODY>
</HTML>
-----------------------end-------------------------
i've separated the following conlusion from the essay as i find this conclusion rather long. if you think it's appropriate, you can directly append it to the essay or include it as a separate essay.

----------------conclusion start-------------------

to conclude this essay, let me say that minimal modification of the protection script can make it more difficult to crack. this can be achieved by making it harder to deduce the correct password length. the would-be-cracker must then not only contend with the numerous possibilities for a 10-character password, but also with the many possibilities for the other password lengths.

a very easy modification would be to simply interchange the encryption step. just replace
code+=f[x];
code*=y;

with this

code*=y;
code+=f[x];
the password length would then not be so immediately attainable just by finding a perfect divisor to the password code number.

another way would be to replace y with a fixed number as in the example below.
code+=f[x];
code*=2;
this prevents any divisor of the password code from being directly related to the password length. the cracker would still be able to find possible f[x] values by verifying if subtraction yields numbers divisible by the chosen fixed number. this subtraction-divisibility approach can be made harder by replacing y with a smaller fixed number as it implies a larger number of password character possibilities. this can be readily seen using the above example. assuming that the f[x] values are distributed somewhat evenly, then about half of the f[x] values would be divisible by 2, meaning that about half of all the characters would be possible at each loop. again assuming even distribution, using the number 3 instead would mean that about a third of the characters would be possible for every loop, thus demonstrating a smaller number of possible passwords in this case.

an interesting situation arises if the 'code*=y;' line is deleted altogether. this is actually a particular case of the above modification equivalent to assigning to y the value of unity. since all integers are perfectly divisible by unity, the cracker then cannot use the aforementioned subtraction-divisibility approach at all!

the previous modification (using small fixed y) can be coupled with the coming one to make it more difficult for the cracker. this modification in fact simplifies the original script since the many steps to obtain f[x] are not needed. just assign to the f[x] array random values which have as large a difference as possible between the smallest and largest f[x], as in the following example.
f=new
Array(5464654,1,84567,45,...,1354563465435,...389);
the aim of this is to make the range of possible password code values for consecutive password lengths overlap. by checking which password length's range that the password code falls into, the cracker may be able to obtain the desired length, or at least eliminate other lengths. this approach is hindered when widening the f[x] range since this increases the chances of consecutive password length's ranges overlapping to include the password code.

to finally conclude this conclusion, very simple modifications out of many possible others were demonstrated on Fravia's script. the attendant increases in security, though by no means breathtaking, are advantageous when considered with respect to the relatively simple modifications, which can also be mixed-and-matched for an accumulative effect.

-----------------conclusion end--------------------

********************** End of essay by Pr!Me5 **********************