You are currently looking at Flamebate, our community forums. Players can discuss the game here, strategize, and role play as their characters.
You need to be logged in to post and to see the uncensored versions of these forums.
Cracking the last episode 1 forum pbumword the hacker way (possible spoiler inside) | |||||||
---|---|---|---|---|---|---|---|
|
Hi guys,
Have any of you got access to Coral Springs Nuclear Generating Station by cracking the pbumword? Because I did it Log in to see images! If you have a look at the source code of the page you’ll see that it’s protected by just a Javascript: <script src="/javascripts/nuke.js?1224087036" type="text/javascript"></script> The script is available here: http://www.forumwarz.com/javascripts/nuke.js. If you look inside you’ll find this part: register_onload_function(function () { new Form.Element.Observer($('nuke_pbumword'), 0.2, function (e) { var val = e.value.toLowerCase().gsub(/[^a-z]/, '') var hashed = hex_sha1(val) if (hashed == "5527cd42c762f2dde04559b454f221d61b6e60b7") { // Okay, so why did I bother to hash the pbumword if you can just // view the destination link here? // Because it was fun to program, that's why. // Besides, the pbumword is a joke and easy to obtain. dogreat timesent.location.href = "/forums/battle/46" } }) }) The pbumword is encrypted using the SHA-1 algorithm (http://en.wikipedia.org/wiki/SHA_hash_functions). The hash is 5527cd42c762f2dde04559b454f221d61b6e60b7. There are many ways to crack this hash. The easiest way is to go to http://md5.rednoize.com, choose SHA1, enter the hash, and BOOM!!! you got the pbum: splodeydope Now I think I’m 1337 Log in to see images! |
||||||
Posted On: 12/20/2008 10:20AM | View quantumenergy's Profile | # | ||||||
|
Heh good job. |
||||||
Posted On: 12/20/2008 10:24AM | View CrinkzPipe's Profile | # | ||||||
|
not impressed
Log in to see images! |
||||||
Posted On: 12/20/2008 10:33AM | View Nicco's Profile | # | ||||||
|
Why not just firebug it and remove the if check?
I'M A SIG-DISABLING COCKMONGLER
|
||||||
Posted On: 12/20/2008 10:46PM | View Are-'s Profile | # | ||||||
|
Are- Posted:
That works to but it’s more fun cracking the pbum Log in to see images! |
||||||
Posted On: 12/20/2008 10:51PM | View quantumenergy's Profile | # | ||||||
|
Wow, you used a reverse lookup table. How leet.
Log in to see images! Log in to see images! Log in to see images! |
||||||
Posted On: 12/21/2008 12:03PM | View 1338h4x's Profile | # | ||||||
Not bad. Log in to see images! |
|||||||
Posted On: 12/21/2008 12:10PM | View Benjamini's Profile | # | ||||||
|
quantumenergy Posted:
hi quantumenergy,
I thought I might be the only Sl
However, just for the Sake of Shop talk, couldn’t you just disable JavaScript support for Web browsers, to cirgreat timesvent JavaScript challenges?
I don’t have enough surplus visits to demonstrate and screen shot.
But I’ve always secured Admin modules with root CGI challenges since someone with JavaScript disabled won’t even see, much less be challenged for a pbumword, from JavaScript security.
LoTek@127.0.0.1-Linux:~# ftp 127.0.0.1/Free Pørn Hax I thought what I’d do was, I’d pretend I was one of those deaf-mutes. – J. D. Salinger | Chapter 25 | Catcher in the Rye |
||||||
Posted On: 12/21/2008 1:22PM | View LoTek's Profile | # | ||||||
|
LoTek Posted:
Myspace Tom? |
||||||
Posted On: 12/21/2008 10:25PM | View Inertia's Profile | # | ||||||
|
You didn’t brute it. Log in to see images! Log in to see images! |
||||||
Posted On: 12/21/2008 10:28PM | View DG-Root's Profile | # | ||||||
|
The only good post in GOTO 10. Ever. Log in to see images! Log in to see images! |
||||||
Posted On: 12/21/2008 10:28PM | View Raepdog's Profile | # | ||||||
|
Inertia Posted:
Hi Inertia,
per Your request:
forumwarz.com/discussions/view_post/372801
LoTek@127.0.0.1-Linux:~# ftp 127.0.0.1/Free Pørn Hax
LoTek edited this message on 12/22/2008 8:48AM I thought what I’d do was, I’d pretend I was one of those deaf-mutes. – J. D. Salinger | Chapter 25 | Catcher in the Rye |
||||||
Posted On: 12/22/2008 8:44AM | View LoTek's Profile | # | ||||||
|
LoTek Posted:
Hi LoTek,
I’m not quite understand you but I agree that CGI protection is generally more secure than javascript. However in this game I think it’s more fun this way because we can discover something new and interesting.
Btw, your add friend link doesn’t seem to work Log in to see images! |
||||||
Posted On: 12/22/2008 9:26AM | View quantumenergy's Profile | # | ||||||
|
quantumenergy Posted: I thought what I’d do was, I’d pretend I was one of those deaf-mutes. – J. D. Salinger | Chapter 25 | Catcher in the Rye |
||||||
Posted On: 12/22/2008 12:12PM | View LoTek's Profile | # | ||||||
|
LoTek Posted:
Log in to see images!
Log in to see images! |
||||||
Posted On: 12/22/2008 12:25PM | View Somebody's Profile | # | ||||||
|
Log in to see images!
Hi Master_Troll,
I apologize for this Demonstration of My alpha Male dominance in relation to your Effeminate Puppy subservience.
But shouldn’t You at least Friend me before Smothering my Nads with Sweet trolling?
Either way, Raepdog should reclbumify This thread, Full of Won ...
P.S. Are you also Paying Out reciprocally for Confirmed alts, I’d love to tackle Episode two?
LoTek@127.0.0.1-Linux:~# ftp 127.0.0.1/Free Pørn Hax
Raepdog Posted: I thought what I’d do was, I’d pretend I was one of those deaf-mutes. – J. D. Salinger | Chapter 25 | Catcher in the Rye |
||||||
Posted On: 12/22/2008 7:43PM | View LoTek's Profile | # | ||||||
|
Log in to see images! I thought what I’d do was, I’d pretend I was one of those deaf-mutes. – J. D. Salinger | Chapter 25 | Catcher in the Rye |
||||||
Posted On: 01/02/2009 7:32AM | View LoTek's Profile | # | ||||||
|
quantumenergy Posted: Neem me geil tijgertje!! (Will translate this into english for (3-7) BP) |
||||||
Posted On: 01/09/2009 2:36PM | View SplodeyDopy's Profile | # | ||||||
|
LoTek Posted: |
||||||
Posted On: 01/09/2009 2:43PM | View CrinkzPipe's Profile | # | ||||||
|
lotek was a cool dude
Log in to see images! |
||||||
Posted On: 08/16/2009 12:46PM | View Nicco's Profile | # | ||||||