Javascript 16. bruteforce, really

So I finally reached javascript 16 and after reading through the javascript and learning about the algoritm I created my own bruteforce in python, but since the algorithm uses 65 characters brutforcing the password will take forever, I only reach about 100k checksums per second with my python script. Is there some clue I've missed on different characters I can filter or something? Or is it possible to create a bruteforce for 1kk+ checksums per second?

Also I've read though the articles and a lot of threads and most information I can find it that the password is 12 characters long, and may look like this '4LetterWord-4Digits-4LetterWord' without the '-'. 12 characters long with 65 possible characters mean about 6,831,675,453,247,426,400,256 total combinations and then 12 characters long are only rumors.

1. The password is 12 characters long

2. The password is in the format wordNUMBERword all lowercase chars.
3. The password 'makes sense'

All those hints referred to when the challenge originally only accepted one answer.

It was changed ages ago to also accept multiple solutions where those rules no longer apply.

However, since you already know the format of the original answer, a simple combined dictionary attack using a common 4 letter wordlist and a list of 4 digit numbers, should take no time at all to complete, in comparison to blindly bruteforcing 12 chars with a full charset.

ha,, to me.. in my opinion.. the password DOES not make sense. LOL :P

I never did crack the original pass..mmmh think i'll have a try using python. begin@19:37–> end @20:07–> got one but i does not look meaningful :(

edit Hmm got some more but still not meaningful, this could take a while.

@asdfgasdfg: keep your code flat. try psyco or pypy for speedup.

edit @20:54 got it, hehehe.

Yea I'm done with this challenge now, I have to say dictionary attack is the way to go. A medium dictionary and search "4-letter-word 4-digits 4-letter-word" combinding a 12 character long string

the idea of this 4letter word+4digit+4letter word combination has nothing to do with a specific word to be used as a password that makes sense. it is only there to make you think harder!

this challenge is all about getting the right checksum. the password itself must go through the iteration to the point where the position of the character that is given in a order , by using that position number makes a big difference so that is why I had to go through each line combined from 2 wordlists to compare with the checksum using my php script, I got a long list of passwords, and all of them worked…

that is why I said the password does not make sense lol.

That is basically how I solved it but word lists or dictionary attacks aren't really necessary. Just set a charset and it will spit out a working "password" in less than a second, at the time it seemed more like coding a keygen than anything else, but that was just my approach.

To those that might still be having trouble with this, check that your "tab" variable contains the right number of space characters (copy pasting from the site can cut off some of them, and they do matter for the reverse algorithm). If u need help just PM me it really isn't that hard :)

just made the Javascript 16.

Use Branch and Bound for the bruteforce.

My bound: stop doing sums when number is over the goal.