javascript 16

hi,can anyone help me with this challenge?just a push in the right direction

oh lord

oh lord

where can i find an article explaining how to build a bruteforce?

redhothacker wrote: where can i find an article explaining how to build a bruteforce?

You have to implement the javascript algorithm in a language of your choice and then calculate the checksum for all possible strings ("aaa", "aab",.., "zzz", "aaaa", etc) until you find the one which yields the right checksum.

But it will take forever, if you don't find some smart optimization (*). Has someone already solved this challenge?

(*) You can also try random strings. If you are very very lucky, it will take only a few seconds… ;)

Read the Forum (and this thread) and you will find members who have beaten this. I'm convinced that this can't be done without any hints. Do some maths and write a fast burteforcer, but there are still billions (and I mean billions) possible solutions. So I would be interested in how -cL did this challenge.

Well, perhaps if all generated passwords were checked against a wordlist all 'real' words could be separated from the rubbish :right:

But that requires the true password to be a normal word which exists in the wordlist, and we don't know that until we've beaten the challenge lol

This is actually very simple, I just need someone to tell me which language will fill out the text box and submit it. It can be done easily with 'for' loops.

First you start with all letters and numbers in an array/vector, for example vector dictionary. Then do a bunch of for loops for how big you want the word to be. So for 2 letter words you would do something like this (written in C++ format):

for (int a=0;a<dictionary.size();a++) { string temp1 = dictionary[a]; for (int b=0;b<dictionary.size();b++) { string temp2 = dictionary[b];

cout << temp1 << temp2 << endl; // This part should put the code into the box } }

Can Java auto-enter something into the box?

devilsson2010 wrote: This is actually very simple, I just need someone to tell me which language will fill out the text box and submit it. It can be done easily with 'for' loops.

First you start with all letters and numbers in an array/vector, for example vector dictionary. Then do a bunch of for loops for how big you want the word to be. So for 2 letter words you would do something like this (written in C++ format):

for (int a=0;a<dictionary.size();a++) { string temp1 = dictionary[a]; for (int b=0;b<dictionary.size();b++) { string temp2 = dictionary[b ];

cout << temp1 << temp2 << endl; // This part should put the code into the box } }

Can Java auto-enter something into the box?

LMFAO. So in a challenge aimed at producing clean FAST code, you'regoing to pass each iteration to a freaking javascript parser in a browser? good luck mate.

And as far as I know there is no trick. If someone cracks this mathematically there'll be a big prize.

The algorithm has HEAPS of collisions, but they're easy to flter out (grep ;)), but only the right pass will work.

This challenge is an ample PoC of a secure client side authentication system.

brb, has anybody here beated this challenge with perl script. Is it even possible do this in some sensible time in perl ?

ugh, this won't be fun to do. #WORD# and htat it's 12 cahrs long saves tons of time, but still.

The only programming language i know so far is C++ and not too much of it really.

My question is…

Would writing this in C++ be a bad idea? Speed wise

not at all, just make sure you rewrite the algo in c++, then you done have to do a web request per attempt.

I didn't understand what is the value of checksum so that i can know the password's hash. It is the parameter of the function, but does it get a value if so? :)

s33us00n wrote: I didn't understand what is the value of checksum so that i can know the password's hash. It is the parameter of the function, but does it get a value if so? :)

If that made sense, I should stop with the drugs, because seriously I've got no idea what you want or mean….:o:o:o:o

I see you are talking about the checksum, so I will just write this,the script checks your answer against the preset checksum (88something), when you enter password, it goes through the algo, where the checksum is calculated from the password, then the calculated checksum is compared against the given checksum (the 88something :)) and if it's equal you win ;) you need to in some programming language "re-write" the algo used to calculate the checksum, and then dictionary attack it ( password has 12 chars and is in format numberwordnumber and the answer makes sense )

clone4 wrote: If that made sense, I should stop with the drugs, because seriously I've got no idea what you want or mean….:o:o:o:o

LOlo:))

Sorry for misunderstanding. I understand that the variable sum is calculated from the password and is the hash of the password you type. It is checked against another variable(checksum) which is also the parameter of the function. What i meant was…..what is the value of checksum? Is that the value(88something) you talked about?…or what did you mean by that?

s33us00n wrote: [quote]clone4 wrote: If that made sense, I should stop with the drugs, because seriously I've got no idea what you want or mean….:o:o:o:o

LOlo:))

Sorry for misunderstanding. I understand that the variable sum is calculated from the password and is the hash of the password you type. It is checked against another variable(checksum) which is also the parameter of the function. What i meant was…..what is the value of checksum? Is that the value(88something) you talked about?…or what did you mean by that? [/quote]

It's 88692589, just check the source of the challenge properly, and everything is there ;)

oops…i didn't see it….sorry. Thanks a lot!

OK…i got quite nervous with this challenge. Can somebody tell me what is the password like so i won't get false positives?…When somebody here said wordNUMBERword and the password made sense…i thought that the number would be like 4 meaning "for" and the password will look like life4fun…for example. Somebody told me that the words have the same length(4 letters) and the number has 4 digits….even so after running my program for 2 minutes i got around 15 false positives….and it will finish in around a week. Here are some of them. [deleted] The point is that…..this is ridiculous. It sould work with every one of this or it should display none of these. It was better if i got some hints about the password at the beginning..or if it should work with every false positive. This is crazy.:angry: Can somebody give me more hints…cause it's impossible to do it without them.

The words make sense, somehow. Try a dictionary analysis on the results.

s33us00n wrote: Somebody told me that the words have the same length(4 letters) and the number has 4 digits…. The number probably makes sense as well ^^

Prime Numbers…are easier way.

Brute Force is good option if you were planing to live ten thousand years… (JS16) :)

Great! :o Now i just need 743 posts to solve the challenge…(That's not going to happen ;)) (Other 16)

I finally solved it.:p I have to say that it was useful and i learned many things from it, even if it wasn't fair with those false positives.

The password can be a random jumble of letters.

Also, the first letter doesn't matter, since addition to 'sum' from it is multiplied by i, which is zero for the first letter.

I solved it with a recursive brute-force thingy in C, which ran and gave me an answer in the blink of an eye. I was able to generate 500000 valid passwords (which work) in under half a minute.

If anyone doesn't believe me, just PM me.

-ken

The challenge was changed a week or two ago. The first version only accepted one answer, not all of them. The answer it accepted was in a wordnumberword format. Hence the confusion.

bashes head on table

Sorry about that.

While I'm here, I'll just point out that symbols also give false positives. [If someone has already mentioned this, disregard me].

-ken

:(:(:(

am not studyin anythin for my semesters coz of this friggin challenge!!!

been doodling algorithms for 4 hrs on the trot now… damn this thing!!!:(:(:(

Well so far I've seen multiple posts in this thread that say its "numberWORDnumber" and a few that say its "wordNUMBERword", also that there are two words of the same length, that would make the "numberWORDnumber" format not possible.

I plan on trying a completely different approach than trying to bruteforce the checksum.

I just wanted to point out that the people coming to this thread for help are jsut gonna leave more confused than they were before reading it.

On that note, I think its a great challenge. I wouldnt want the last challenge in the category to be very easy (because then where is the challenge?). I know I used the same method for js challenges like 9-14 and was hoping they get a little harder (as they did).

EDIT I recently started looking at other js 16 thread and saw that system_meltdown has stated:

Password format: wordNUMBERword. So that should make this sooo much easier.

although the original password was in the stated format, the php script to check the answer was updated to accept any password that will pass with the same checksum, as it was considered too hard due to large number of collisions (im almost certain that's not how you spell that)

Hi all!

A coworker just pointed me to this challenge. It was really fun to take. Thanks a lot!

I think it was a really good idea to change the task so that every password matching the checksum is accepted. It makes the challenge both more fun (because, IMHO, math and optimization are more fun than dictionary attacks) and more realistic (because real-world servers should only store hashed passwords anyway, so there is no point in having "one true" password in this challenge).

Some of the problems that people had with "false positives" before the change could have been avoided, though. For example, hts007 pointed out in one thread that he had lots of false positives with 9 characters. In that case, his generator cannot be correct, since there are no solutions with 9 characters, not even false positives.

Some people mentioned earlier that the password must have exactly 12 characters for mathematical reasons. This is not completely true. If you also allow passwords that contain spaces, the password can have either 12 or 18 characters. I know that there was a "no spaces" hint given, but that was before the change. After the change, passwords with spaces can be just as valid.

If you make some reasonable restrictions about the use of spaces to mimic human passphrase choices (namely no spaces at the beginning or at the end of the string, only one space beween every pair of "words"), the total count of correct solutions with 18 characters shrinks to an amyzingly small number: only 43206 combinations of 17 characters (the first character is ignored by the algorithm and can thus be anything) match the checksum. With 12 characters, however, the number is still far greater.

Regarding only passwords without spaces, I have written a mathematically optimized generator (using C) that produces approximately 100,000 correct solutions per second on my desktop PC (faster than my console can scroll). If anyone of you can do better, let me know :-). I randomly picked one of these solutions to complete the challenge. When I tried another one, a got a "wrong password" page (i.e. the JavaScript decided that the solution was correct, but the server didn't). I assume that this is only because I am not allowed to take the same challenge twice, which is a pity. Perhaps someone could at least implement an error message that is less misleading.

BTW: I found it a bit of a pain that I had to complete some more challenges just to be able to post here, because I was only interested in this particular challenge. OTOH, as a professional numericist, I shouldn't be doing these things anyway ;-)

Anyway, it was a nice challenge. Have fun, and greetings from Germany,

H.

I am pretty sure I used password with less then 12 characters, although I'm not certain because it's been a while since I completed this mission and the code for bruteforcing is gone. I do have one simple reason to think this though, I was linear bruteforcing(in perl, and by that time the code was lacking any optimisation what so ever, so it was pretty slow), starting on 8 character long passwords, and I was able to produce valid password within a day. And there is no way in hell it would be possible for my script to compare that many combinations… Otherwise I liked your post.

Hi clone4,

I am pretty sure I used password with less then 12 characters

It is pretty easy to show that all solutions have no less than 12 characters, and all solutions without spaces have no more than 12 characters (making 12 characters the only choice for passwords without spaces).

To calculate the checksum, every part of the sum is multiplied by the number of characters. This means that the password length must be a divisor of the whole sum (minus one, because it starts with 1 instead of 0). Therefore, the password length must be a divisor of 88692588.

The prime factors of 88692588 are: 2, 2, 3, 3, 2463683. Since we can obviously exclude passwords that are several megabytes large, we have only the factors 2, 2, 3, 3 left. The only numbers that can be built with these factors are 2, 3, 4, 6, 9, 12, 18, 36. Therefore the length of the password must be one of these eight numbers. All others in between (5, 7, 8, 10, 11, 13…) can be completely ignored, because they cannot provide a solution.

Now check the possible numbers around the magic 12, namely 9 and 18. If you take only 9 characters, the highest possible checksum that you can achieve (by choosing the password "@@@@@@@@@") is still smaller than the required sum. Thus, all password with 9 or less characters are too small. If you take 18 characters, the smallest checksum that you can achieve without spaces (by choosing the password "aaaaaaaaaaaaaaaaaa") is already too large. This leaves us with the only valid number between 9 and 18: All solutions without spaces have exactly 12 characters.

in perl, and by that time the code was lacking any optimisation what so ever, so it was pretty slow

I'm sure that you're aware of this, so just as a hint to everyone else: Choosing a faster language (say, C instead of PHP) and "tactical" optimizations (like clever memory management) can perhaps speed up your program by a factor of 10, or even 100. But choosing the right algorithm can easily yield a factor of 1000000. My generator's speed comes not from calculating a bazillion checksums per second, but from avoiding to calculate these.

1. "The password actually MAKES SENSE. It's not just random." : system_meltdown
2. "12~18 chars."
3. "wordNUMBERword" Reading these hints, i coded my cpp in 10 min, then found password in 51 seconds !

Hi NeoInDark,

1. "The password actually MAKES SENSE. It's not just random." : system_meltdown […]
2. "wordNUMBERword"

These two hints are no longer valid, since the rules for this challenge were changed (around the beginning of 2009, as pointed out earlier in this thread). There are countless valid solutions now, and most of these actually neither make sense nor conform to the named format.

2. "12~18 chars."

This hint stays true, because it follows mathematically from the generation of the checksum (see posts above), which was not changed. The range "12~18", however, is a somewhat misleading way to put it. To be more specific, the length of any solution is either 12 or 18 characters, not something in between. Most solutions have 12 characters. Some have 18 characters (but only if you include spaces). But there can be no solutions with 13, 14, 15, 16 or 17 characters.

Reading these hints, i coded my cpp in 10 min, then found password in 51 seconds !

Under the old version of this challenge, this would be quite an accomplishment. With the new rules, however, 51 seconds for one solution is pretty slow (compare my numbers above).

It can of course be fun to solve this challenge as if the rules didn't change, because the old version was harder and one can learn a lot about dictionary attacks when doing so. The problem is that the results of such a game can no longer be tested, because the old validator is no longer around. Noone can check if a proposed solution is "the one" that was originally intended by the old version of this challenge. Today there are numerous different passwords that conform to the wordNUMBERword format and make sense and are accepted as correct by the challenge. How would one know if he had really found "the" password?

Since this is no longer possible, there is simply no point in regarding hints 1 and 3 at all. They no longer apply.

That said, I really think that the new rules for this challenge are better. They are easier, but I guess that this challenge is still hard for a lot of people. You don't get to learn as much about dictionaries, but if you try to write a generator that is as fast as possible (as I did), you can still learn a lot. For examble about the effectiveness of "cutting trees" when implementing a tree search over an exponentially large space (implementers of chess programs can also tell a tale about that). Or about the golden rule: Don't invent your own hash function or encryption when you want something to be secure. These (especially the last one) are lessons that could not be learnt from the old version of this challenge.

Hi HawQmaster,

Thnx for ur points about solution,

but i was trying to pass the challenge by one acceptable password.

btw, i agree with u, we can solve it better and nice ;)

i did it with 'try and error the sum' then just find the right answer

I coded my program, and got a lot of positives/collisions ….and the surprise? None worked.

goluhaque wrote: I coded my program, and got a lot of positives/collisions ….and the surprise? None worked.

Then your program isn't calculating correctly.

spyware wrote: [quote]goluhaque wrote: I coded my program, and got a lot of positives/collisions ….and the surprise? None worked.

Then your program isn't calculating correctly.[/quote] It did. I checked the checksum and edited the script a little bit to make it alert something(like true) if the value of the password==checksum.