Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Can you crack this code? (Part 2)

Status
Not open for further replies.
meeble

meeble

Programmer
Sep 24, 2002
137
GB
Recently I posted a JavaScript password script from a friend's site that was cracked by people here.

I have found this one on the net and modified it.

I think it is much harder to crack?

I have put up a test page here -
Gold star for anyone that cracks it ;)

The code is below:


<center><form name=login>
<input type=&quot;hidden&quot; value='John Smith|59364|OEIPPFGF' name=&quot;memlist&quot; value=&quot;&quot;>
<input type=password size=10 maxlength=8 name=pass>
<input type=button value=&quot;Submit&quot; onclick=&quot;check(this.form)&quot;>
</form>
<SCRIPT LANGUAGE=&quot;JavaScript&quot;>
<!-- Begin
var params=new Array(4);
var alpha=&quot;ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHI&quot;;
function check(form) {
which=form.memlist;
choice = form.memlist.value+&quot;|&quot;;
p=0;
for (i=0;i<3;i++) {
a=choice.indexOf(&quot;|&quot;,p);
params=choice.substring(a,p);
p=a+1;
}
h1=makehash(form.pass.value,3);
h2=makehash(form.pass.value,10)+&quot; &quot;;
if (h1!=params[1]) {
alert(&quot;Incorrect Password!&quot;); return; };
var page=&quot;&quot;;
for (var i=0;i<8;i++) {
letter=params[2].substring(i,i+1)
ul=letter.toUpperCase();
a=alpha.indexOf(ul,0);
a-=(h2.substring(i,i+1)*1);
if (a<0) a+=26;
page+=alpha.substring(a,a+1); };
top.location=page.toLowerCase()+&quot;.html&quot;;
}
function makehash(pw,mult) {
pass=pw.toUpperCase();
hash=0;
for (i=0;i<8;i++) {
letter=pass.substring(i,i+1);
c=alpha.indexOf(letter,0)+1;
hash=hash*mult+c;
}
return(hash);
}
// End -->
</script>
</center>
 
Sort by date Sort by votes
Well... you'll have to post the code again... this time use the TGML [code] tags to wrap your code... that way we won't get [i] (which you use for a for loop) tags being parsed as italics tags. As it stands, your code will not work.

Jeff
 
Upvote 0 Downvote
Sorry,

The code is:

Code: 
<center><form name=login>
<input type=&quot;hidden&quot; value='John Smith|59364|OEIPPFGF' name=&quot;memlist&quot; value=&quot;&quot;>
<input type=password size=10 maxlength=8 name=pass>
<input type=button value=&quot;Submit&quot; onclick=&quot;check(this.form)&quot;>
</form>
<SCRIPT LANGUAGE=&quot;JavaScript&quot;>
<!-- Begin
var params=new Array(4);
var alpha=&quot;ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHI&quot;;
function check(form) {
which=form.memlist;
choice = form.memlist.value+&quot;|&quot;;
p=0;
for (i=0;i<3;i++) {
a=choice.indexOf(&quot;|&quot;,p);
params[i]=choice.substring(a,p);
p=a+1;
}
h1=makehash(form.pass.value,3);
h2=makehash(form.pass.value,10)+&quot; &quot;;
if (h1!=params[1]) {
alert(&quot;Incorrect Password!&quot;); return; };
var page=&quot;&quot;;
for (var i=0;i<8;i++) {
letter=params[2].substring(i,i+1)
ul=letter.toUpperCase();
a=alpha.indexOf(ul,0);
a-=(h2.substring(i,i+1)*1);
if (a<0) a+=26;
page+=alpha.substring(a,a+1); };
top.location=page.toLowerCase()+&quot;.html&quot;;
}
function makehash(pw,mult) {
pass=pw.toUpperCase();
hash=0;
for (i=0;i<8;i++) {
letter=pass.substring(i,i+1);
c=alpha.indexOf(letter,0)+1;
hash=hash*mult+c;
}
return(hash);
}
// End -->
</script>
</center>
 
Upvote 0 Downvote
There's still something wrong with the code after I post it.

Here it is again, taken from the source of the webpage I put up:

Code: 
<center><form name=login>
<input type=&quot;hidden&quot; value='John Smith|59364|OEIPPFGF' name=&quot;memlist&quot; value=&quot;&quot;>
<input type=password size=10 maxlength=8 name=pass>
<input type=button value=&quot;Submit&quot; onclick=&quot;check(this.form)&quot;>
</form>
<SCRIPT LANGUAGE=&quot;JavaScript&quot;>
<!-- Begin
var params=new Array(4);
var alpha=&quot;ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHI&quot;;
function check(form) {
which=form.memlist;
choice = form.memlist.value+&quot;|&quot;;
p=0;
for (i=0;i<3;i++) {
a=choice.indexOf(&quot;|&quot;,p);
params[i]=choice.substring(a,p);
p=a+1;
}
h1=makehash(form.pass.value,3);
h2=makehash(form.pass.value,10)+&quot; &quot;;
if (h1!=params[1]) {
alert(&quot;Incorrect Password!&quot;); return; };
var page=&quot;&quot;;
for (var i=0;i<8;i++) {
letter=params[2].substring(i,i+1)
ul=letter.toUpperCase();
a=alpha.indexOf(ul,0);
a-=(h2.substring(i,i+1)*1);
if (a<0) a+=26;
page+=alpha.substring(a,a+1); };
top.location=page.toLowerCase()+&quot;.html&quot;;
}
function makehash(pw,mult) {
pass=pw.toUpperCase();
hash=0;
for (i=0;i<8;i++) {
letter=pass.substring(i,i+1);
c=alpha.indexOf(letter,0)+1;
hash=hash*mult+c;
}
return(hash);
}
// End -->
</script>
</center>
 
Upvote 0 Downvote
OK, I don't know why but the code won't work after I post it.

Ignore all the code in this thread and view the source of the webpage I put up -
This is the only 'good' code....
 
Upvote 0 Downvote
The still gets rendered even inside the
Code: 
 tag. Uncheck the &quot;Process TGML&quot; checkbox before you post.

Adam
[i]while(ignorance==true){perpetuate(violence,fear,hatred);life=life-1};[/i]
 
Upvote 0 Downvote
Man is this seriously a challenge took me like 2 minutes to get your password...want me to tell you what it is...or no?

code one
 
Upvote 0 Downvote
cpfc (Programmer) Feb 14, 2004

328040 = wrong

JOHNSMITH = right


regards,

codeone
 
Upvote 0 Downvote
Um, if you think either 328040 or JOHNSMITH is right I suggest you go to the page and put that in and see what happens. You'll be disappointed...

Seeing as one of the lines in the code is:

<input type=&quot;hidden&quot; value='John Smith|59364|OEIPPFGF' name=&quot;memlist&quot; value=&quot;&quot;>

JOHNSMITH wouldn't be much of a password would it?
 
Upvote 0 Downvote
The code is a bit funny and doesn't always pop up an error box saying wrong password when an incorrect password is entered. For e.g I typed all these and pressed enter and received no error:
*
JOHNSMITH
wierd
hello

but if I click on the button or tab to it and then press enter it pops up an error box.

Sean.
 
Upvote 0 Downvote
yup, true, but the point is, you need to crack the code and put the RIGHT password in. So far it looks to be uncrackable....
 
Upvote 0 Downvote
nice code, I have to say that I didnt try clicking the button just enter and I assumed i was right, since it didnt say anything...

uncrackable, hardly...

The answer is in the script, the thing is finding out how the code knows what the password is, I know the follwoing about the code:

1. It gives a the value of 25
2. if you add a 1 to a you get P (P=26)
3. i = 8
4. c = 1
5. the numbers represent the alpha

now the rest is figuring out how you pre determine the password...

or am i just way off...?
 
Upvote 0 Downvote
>>>>>>>>>>>cpfc (Programmer) Feb 17, 2004
XAY881X8 loads a page not found...



Good, you are getting close. As you may have worked out, when you put the right password in, it takes you to a page that is named the uncoded version of the password.

The password 'XAY881X8' you put in takes you to mafkpfeb(.html)

That should be quite a big clue I think....
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rogerte
  • Locked
  • Question
Code that works on Windows, Android and Iphone
Replies
0
Views
755
rogerte
rogerte
Kennelbloke
  • Locked
  • Question
Can't Get Markers to show on Map
Replies
0
Views
1K
Kennelbloke
Kennelbloke
tyutghf
  • Locked
  • Question
Konami code help 3
Replies
10
Views
620
tyutghf
tyutghf
bs6600
  • Locked
  • Question
How can I make a window wider?
Replies
1
Views
272
xwb
xwb
keisha1
  • Locked
  • Question
How can I append/insert multiple text files into one .dbf file using java script /html command
Replies
1
Views
342
Samthyr
Samthyr

Part and Inventory Search

Sponsor

Back
Top