dragon52225 0 Report post Posted June 12, 2005 NO MORE CHALLENGEBecause I'm leaving Xisto.Reason-I'm a member in too many sites.Bye Everyone Share this post Link to post Share on other sites
jipman 0 Report post Posted June 13, 2005 Bruteforcing is the only way, since passworded zips are encrypted using that password.Also, changed your topic title a bit, this falls under cracking challenge Share this post Link to post Share on other sites
dragon52225 0 Report post Posted June 13, 2005 Ok, so you got it yet, for people who don't know where*cough* http://forums.xisto.com/no_longer_exists/*If anyone needs a hint, post here asking me so I can tell you. Share this post Link to post Share on other sites
qwijibow 0 Report post Posted June 13, 2005 Does this really classify as a challenge if the only way to pass it is with a point and click using downloaded software ?good examples of challenges...reverse engineering / use of hex-editors or unix Strings command.http://forums.xisto.com/topic/83942-topic/?findpost=1064303695telnet / packet sniffing / knoledge of insecure phpany challenge posted by jipman.cracking encryption.http://forums.xisto.com/topic/83748-topic/?findpost=1064302535(by me , sorry for plugging my own challenge )Think hacker as opposed to script kiddie. Share this post Link to post Share on other sites
dragon52225 0 Report post Posted June 14, 2005 uhh, YEAH, the html is encrypted using....... (something) Share this post Link to post Share on other sites
jipman 0 Report post Posted June 14, 2005 (something) = javascript encrypting function?Probably a javascript that reads the encrypted html file and on-the-fly translates it into parseable html which the browser can use, but with the advantage that you can't view it's source? Share this post Link to post Share on other sites
qwijibow 0 Report post Posted June 14, 2005 uhh, YEAH, the html is encrypted using....... (something) <{POST_SNAPBACK}> Then maybe you could post the html file for those of us who dont have access to windows machines (and therefore cant use the unzip porgram you linked to). Share this post Link to post Share on other sites
dragon52225 0 Report post Posted June 14, 2005 OK fine, forget aobut the zip thing, just try to crack this jsHINTS: try entering nothing, then entering one letter...NOTE-READ MY FIRST POST Share this post Link to post Share on other sites
qwijibow 0 Report post Posted June 15, 2005 OK fine, forget aobut the zip thing, just try to crack this js HINTS: try entering nothing, then entering one letter... <{POST_SNAPBACK}> Yayy i dont know about you, but trying to read java script in UNI-code (spaces between each character) does my head in, so i converted it to plain ascii. here ya go ÿÞ<script language='JavaScript'><!--var _$a=20,_$b=new Array("*R(fH4N;f(*h3*?<N*\\K>MNgu");var _$c="",_$d,_$e=0,_$f=0,_$g,_$h,_$i,_$j,_$k,_$l=new Array(256),_$m=0,_$n=0;var _$o="ýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿýÿ ";function _$x(){ if(_$e%4==0){ if(_$e%64==0) _$d=0; for(_$k=_$j=0;_$k<5;++_$k) _$j=_$j*85+_$b[_$e>>6].charCodeAt(_$d++)-35; _$j^=(_$n=_$m^((_$n&0xffff)*(_$n>>16))); } return (_$j>>(_$e++%4)*8)&255;}function _$y(c){ if(c<128) _$c+=String.fromCharCode(c); else _$c+=_$o.charAt(c-128); _$l[_$f++]=c; if(_$f>255) {_$f=0;document.write(_$c);_$c="";}}var _$k=prompt("PASSWORD:","");if( !_$k ) _$k="";for(_$i=0;_$i<_$k.length&&_$i<4;++_$i) _$m=(_$m<<8)+_$k.charCodeAt(_$i);while(_$i<_$k.length&&_$i<8) _$n=(_$n<<8)+_$k.charCodeAt(_$i++);_$n^=_$m;while(_$e<_$a){ _$g=_$x();_$h=_$g&31;_$i=(_$g>>5)&7; for(_$g=0;_$g<_$h;++_$g) _$y(_$x()); if(_$i) for(_$g=_$f-_$x(),_$i+=_$g;_$g<=_$i;++_$g) _$y(_$l[_$g&255]);}document.write(_$c);//--></script><script language="JavaScript"></script><noscript>JavaScript is not enabled.</noscript> thats quite a nice piece of code, how long did it take you write it ???and why did you add "ÿÞ" to the start of the file ? it perars to be ignored by the browser. Share this post Link to post Share on other sites
dragon52225 0 Report post Posted June 15, 2005 1 problem, it doen't look like that to me, I opened it with notepadLooks like this: <script language='JavaScript'><!--var _$a=20,_$b=new Array("*R(fH4N;f(*h3*?<N*\\K>MNgu");var _$c="",_$d,_$e=0,_$f=0,_$g,_$h,_$i,_$j,_$k,_$l=new Array(256),_$m=0,_$n=0;var _$o="�������������������������������������������������������������������������������������������������������������������������������� ";function _$x(){ if(_$e%4==0){ if(_$e%64==0) _$d=0; for(_$k=_$j=0;_$k<5;++_$k) _$j=_$j*85+_$b[_$e>>6].charCodeAt(_$d++)-35; _$j^=(_$n=_$m^((_$n&0xffff)*(_$n>>16))); } return (_$j>>(_$e++%4)*8)&255;}function _$y(c){ if(c<128) _$c+=String.fromCharCode(c); else _$c+=_$o.charAt(c-128); _$l[_$f++]=c; if(_$f>255) {_$f=0;document.write(_$c);_$c="";}}var _$k=prompt("PASSWORD:","");if( !_$k ) _$k="";for(_$i=0;_$i<_$k.length&&_$i<4;++_$i) _$m=(_$m<<8)+_$k.charCodeAt(_$i);while(_$i<_$k.length&&_$i<8) _$n=(_$n<<8)+_$k.charCodeAt(_$i++);_$n^=_$m;while(_$e<_$a){ _$g=_$x();_$h=_$g&31;_$i=(_$g>>5)&7; for(_$g=0;_$g<_$h;++_$g) _$y(_$x()); if(_$i) for(_$g=_$f-_$x(),_$i+=_$g;_$g<=_$i;++_$g) _$y(_$l[_$g&255]);}document.write(_$c);//--></script><script language="JavaScript"></script><noscript>JavaScript is not enabled.</noscript> Share this post Link to post Share on other sites
dragon52225 0 Report post Posted June 15, 2005 I tried you code and it doesn't work, so I think the browser doesn't parse it in unicode, I read it in ANSI w/ notepad Share this post Link to post Share on other sites
qwijibow 0 Report post Posted June 16, 2005 my browser parses it fine,but it was comming up completely wrong in all my favouritetext editors / IDE's.ill have a bash in notepad if i have time.(i hate notepad lol) Share this post Link to post Share on other sites