hi guys...
vpjtqwv showed me the site and asked me if i can get to the login process, coz this browser game starts with a small test to let you even register...
http://mod-x.co.uk/main.php
after you passed this test you have to hack passwords locked via different security mechanism and different programming languages or encodings...
I am stuck, too, coz i have to find out how java applications are working, but more to my problem later =)
Here we go... the login process...
try it by your own first, and don't read the hints and solutions first... you will never pass the upper levels when you don't try it by yourself... so i will only give hints here in this opening post...
Registration... you have to download a file... decompress it and take a look in it...
it's a text file with a strange content...
oh... looks like a code... or not?! is it hard to crack? erm... this would be too hard to crack... so there must be an easier way... erm... the solution is: rename the .txt file to... find it out =) perhaps the solution is already in the code field =)
Ok, now we can login...
LVL 1
you don't have to read the description... click on Break the challenge and you will find your answer
a java script window will open and ask you for a password. Erm... we don't know it.. lol
but... when it asks you for a password, it had to be checked somewhere... something like...
if password is right then proceed else exit
so we click on OK.. oh... we are redirected to the exit site... damn... next try... go back till you see the java script window... move your mouse cursor over the Stop button of your browser... push enter key and right after this click the Stop button... now we have a site called http://mod-x.co.uk/G!%23%23.php with no entry... right click on the blank page and select view source code... not that much code here...
ok, let's find a way to pass this...
you can now try to recalculate what the script is calculating... but that's to much work in my opinion... let's find an easier way... the important part is:
"if the password is the result of the term, go to the site xxxxx.php. If not, go to hahaha.php"
erm... why not change this to "Go always to xxxxx.php" no matter if the result is right or wrong =) so let's make the first condition equal to the second one...:
upload to any web space, open it and enter any password you want and after the msg box is closed you should see the solution =)
LVL2
Here the clue is important... read it =)
More information to understand how it works, here: http://en.wikipedia.org/wiki/Caesar_cipher
Ok, easy game... take the letters and figures, convert them one by one to the ascii code number, alter or lower the number of all this code numbers and convert it back to letters/figures... very easy... e.g. with Excel... with the =CODE(X) you can see the codenumber, with A1+x you can alter this number and you will surely find the opposite command
when you make this with the whole text at the same time (evry letter in an own cell) you will see a text that makes sense after some tries ;D (Hint: shift negative -x...).
LVL3
Here we go, this is where i am stuck. I would be able to make it, but i have problems recompiling the java files... perhaps someone can help...
i downloaded and decompiled the java file and got 5 files, the important one is the decompiled training.java... there you can do the same trick like with the java script... so your source code should look like this:
But i have problems with recompiling all the .class files... arggg
Who is the java expert here lol
Hope we find the way to the highest level together
vpjtqwv showed me the site and asked me if i can get to the login process, coz this browser game starts with a small test to let you even register...
http://mod-x.co.uk/main.php
after you passed this test you have to hack passwords locked via different security mechanism and different programming languages or encodings...
I am stuck, too, coz i have to find out how java applications are working, but more to my problem later =)
Here we go... the login process...
try it by your own first, and don't read the hints and solutions first... you will never pass the upper levels when you don't try it by yourself... so i will only give hints here in this opening post...
Registration... you have to download a file... decompress it and take a look in it...
it's a text file with a strange content...
Code: Select all
begin 666 Restricted.zip
M4$L#!!0````(`%T[="_]<LYX`P(``'0#```.````4F5S=')I8W1E9"YT>'1M
M4\MNVT`0NQOP/TSNM@PT0!/X4N16`RE0%.GC.I9&TE;2CKH/J_K[<E;IX]"+
M'UJ20W)6^]U3)SX=]KO][D*]SD(7XHD2CX/S'26EU`L%U_6)9@E1?46NQ4,7
MR?E6P\3)J:=%@ABZY7'$P2MO"0J1GGT3Z;B1YJ#?I4ZT:!X;N@KI34)%3Y%6
MS8#>A#I-&[;E`-H%'(EY@G[/(-I',=GI;XN"H49?''YXT#LE]BNU.<!&,*(W
M0&4Y7V#,F_&11NV<-TNU-!D!>HZP5"MF91^YE0-D&H2C5CAL\T&P:#/'A*<+
M#F6(!IEXW?Q?13Q=@P[XLBHJ>L[UX,;U8+`"X3I)0S^RJX=Q+3-28)@@+IK:
MEAD@AQRM7DY)ICG%BK[:(,\=L$C>20*EUCR/8BP'&'H+.OT5:+`V>,*NK$%9
MZ<;>Q1X"1WJOBZ#_8HQ+`3?K%(U<1U-:7.HI6A]_+/V[\RU,J]DW!SMV@<37
M89W+>5QCL6/"MDHTQPV&UT5-<R!=?%D)MG^AR&Y3^>]::JP0H2MZ4>3UR?F,
M[>18,L'"..I2K'.,BP8TF<K)YT_/IG1S#<@VZ^,KX$QO'[\\WC_<W;V[?_-P
MW>^`/%.?TGP^G99EJ29MCC^K6JL\G%H78CJQC[CGU=S/V_M2KEN<A0?;A5U`
M[AC.U2*6OUOE0<KD#Q#\MM_]`E!+`0(4`!0````(`%T[="_]<LYX`P(``'0#
M```.``````````$`(`"V@0````!297-T<FEC=&5D+G1X=%!+!08``````0`!
+`#P````O`@``````
`
end
oh... looks like a code... or not?! is it hard to crack? erm... this would be too hard to crack... so there must be an easier way... erm... the solution is: rename the .txt file to... find it out =) perhaps the solution is already in the code field =)
Ok, now we can login...
LVL 1
you don't have to read the description... click on Break the challenge and you will find your answer
a java script window will open and ask you for a password. Erm... we don't know it.. lol
but... when it asks you for a password, it had to be checked somewhere... something like... if password is right then proceed else exit
so we click on OK.. oh... we are redirected to the exit site... damn... next try... go back till you see the java script window... move your mouse cursor over the Stop button of your browser... push enter key and right after this click the Stop button... now we have a site called http://mod-x.co.uk/G!%23%23.php with no entry... right click on the blank page and select view source code... not that much code here...
Code: Select all
<HTML>
<HEAD>
<TITLE>Null</TITLE>
<SCRIPT>
var string = "3be315jfnbcv7323fx";
var enigma = "";
var whatisthis = "var myxor = prompt('Password:','');for (y=1; y<5; y++) {enigma += (string.indexOf(y)+1);}enigma += 5;if (myxor==enigma){enigma = enigma + '.php';location.href=enigma;}else{location.href='hahaha.php';}";
eval(whatisthis);
</SCRIPT>
</HEAD>
<BODY> </BODY>
</HTML>
ok, let's find a way to pass this...
you can now try to recalculate what the script is calculating... but that's to much work in my opinion... let's find an easier way... the important part is:
Code: Select all
if (myxor==enigma){enigma = enigma + '.php';location.href=enigma;}else{location.href='hahaha.php';}";
"if the password is the result of the term, go to the site xxxxx.php. If not, go to hahaha.php"
erm... why not change this to "Go always to xxxxx.php" no matter if the result is right or wrong =) so let's make the first condition equal to the second one...:
Code: Select all
if (myxor==enigma){enigma = enigma + '.php';location.href=enigma;}else{enigma = enigma + '.php';location.href=enigma;}";
upload to any web space, open it and enter any password you want and after the msg box is closed you should see the solution =)
LVL2
Here the clue is important... read it =)
Maybe research what ASCII is, and how shifts/shifting encryptions work...perhaps you could then write a program to help you
More information to understand how it works, here: http://en.wikipedia.org/wiki/Caesar_cipher
Code: Select all
7*,*).9
@-0*>D14(&1D2&(-.3*A84+9<&7*A2NHWTXTKYA<NSIT\XA(ZWWJSY;JWXNTSA7ZSB
(TSYWTQ"( AA<NSIT\XAA)JGZLAA(TSYWTQJ]JOk, easy game... take the letters and figures, convert them one by one to the ascii code number, alter or lower the number of all this code numbers and convert it back to letters/figures... very easy... e.g. with Excel... with the =CODE(X) you can see the codenumber, with A1+x you can alter this number and you will surely find the opposite command
when you make this with the whole text at the same time (evry letter in an own cell) you will see a text that makes sense after some tries ;D (Hint: shift negative -x...).LVL3
Here we go, this is where i am stuck. I would be able to make it, but i have problems recompiling the java files... perhaps someone can help...
i downloaded and decompiled the java file and got 5 files, the important one is the decompiled training.java... there you can do the same trick like with the java script... so your source code should look like this:
Code: Select all
if(s.equals(s1))
{
String s2 = Base64.encodeString(s1);
code.setText(s2 + ".php");
answer.setText("Go to: " + s2 + ".php");
} else
{
String s2 = Base64.encodeString(s1);
code.setText(s2 + ".php");
answer.setText("Go to: " + s2 + ".php");
}
But i have problems with recompiling all the .class files... arggg
Who is the java expert here
lolHope we find the way to the highest level together
