"password" "protected"

trainbrain27

 Here's a sample of unaltered code from a website that will, if properly prodded, provide "protected" personal phone numbers.

 <script>

var pass=new Array()
var t3=""
var lim=8
pass[0]="U6VInhJlsnP6tBJ"
pass[1]="OqDAJvc7xhswD6T"
pass[2]="S4ZjU8P8vYVvpMe"
pass[3]="yNDDrzwS8PDwdkS"
pass[4]="878LlKGT1KRz9GOA"
pass[5]="5978LlKGT1KRz9GO"

//configure extension to reflect the extension type of the target web page (ie: .htm or .html)
var extension=".htm"
var enablelocking=0
var numletter="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
var temp3=''
var cur=0


function max(which){
return (pass[Math.ceil(which)+(3&15)].substring(0,1))
}

function testit(input){
temp=numletter.indexOf(input)
var temp2=temp^parseInt(pass[phase1-1+(1|3)].substring(0,2))
temp2=numletter.substring(temp2,temp2+1)
return (temp2)
}


function submitentry(){
t3=''
verification=document.password1.password2.value
phase1=Math.ceil(Math.random())-6+(2<<2)
var indicate=true
for (i=(1&2);i<window.max(Math.LOG10E);i++)
t3+=testit(verification.charAt(i))
for (i=(1&2);i<lim;i++){
if (t3.charAt(i)!=pass[phase1+Math.round(Math.sin(Math.PI/2)-1)].charAt(i))
indicate=false
}
if (verification.length!=window.max(Math.LOG10E))
indicate=false
if (indicate) {
document.write(verification+extension);
window.location=verification+extension;
}
else
alert("Invalid password. Please try again")
}
</script>

 The rest of the site is constructed off templates full of template code.  Image names have been changed around the way the code is written instead of the other way around.

Once you have guessed the password, the "protected" page contains, but does not run, this code.  The page doesn't offer and input at all.

<!-- Original:  Lefteris Haritou --> 
<!-- Web Site:  lef@writeme.com> www.geocities.com/~lef -->

<!-- This script and many more are available free online at -->
<!-- The JavaScript Source!! http://javascript.internet.com -->

<!-- Begin
var base= new Array("0", "1", "2", "3", "4", "5", "6", "7", "8", "9","A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z","a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z")
var pass=""
var z=23;
var y=28;
var f= new Array();
var K= new Array();
for (x=0; x<10; x++){
f[x]=x<<9
f[x]+=23
}
for (x=10; x<36; x++){
y=y<<1
v= Math.sqrt(y)
v = parseInt(v,16)
v+=5
f[x]=v
y++
}
for (x=36; x<62; x++){
z=z<<1
v= Math.sqrt(z)
v = parseInt(v,16)
v+=74
f[x]=v
z++
}
var iCounter = 3 //How many retries
function inc(){
iCounter--
if (iCounter > 0)
{
if (confirm("\nPassword is incorrect.\n\n\n\nRetry?"))
Check()
else
alert('Password incorrect.');
history.go(-1);

// You may use this element istead if you want.
// location.href='denied.html' //Cancel html file

}
else
alert('Your three tries are up.  Access Denied.');
history.go(-1);

// You may use this element istead if you want.
// location.href='denied.html' // 3 times incorrect html file

}
function Check(){
pass = prompt("Enter your password.","")
if(pass==null || pass==""){
history.go(-1)}
else{
var lpass=(pass.length)+1
for (l=1; l<lpass; l++){
K[l]=pass.charAt(l)
}
var code=0;
for (y=1; y<lpass; y++){
for(x=0; x<62; x++){
if (K[y]==base[x]){
code+=f[x]
code*=y
      }
   }
}

<!-- STEP TWO: Put access code here!  -->
if (code==174153441) 		// code==[your access code]

go()
else
inc()
   }
}
function go(){
location.href=pass+".html";
}
// End -->
</SCRIPT>

 

 

rohypnol

 I won't even bother reading all that. I feel SO sorry for you. WTF?!?1?/?!111?//

Good luck.

lanzz

oh! oh! here's an even greater WTF, i'm base64-encoding it for your convenience:

<font face="courier new,courier">iVBORw0KGgoAAAANSUhEUgAAALQAAAEOAQAAAAAIkAA4AAAACXBIWXMAAAsTAAALEwEAmpwY
AAAAIGNIUk0AAHolAACAgwAA+f8AAIDpAAB1MAAA6mAAADqYAAAXb5JfxUYAAA41SURBVHja
nJl/jBTnecc/886wu1cf7PmwAhjsXePzgZIYE2KB4xBusVCDK5y4P6RaStxcomvrP9DtSYkA
Jfh2zkR2rDjtOSSpa2i5NKnUSlXq2q25NlF2ACeBNI6pbanHD7NLjG2icndzHN0dbmfn2z9m
du+IL/90/pr97jPP+7zP+7zvPN/vWGLRy/D/xE9fXX/DH4qv64aO7oFTy0vJ7xZeTcxyv4Hn
E9zqkySFCR62/cYP+Mm4l9v4r26I5/x8HDfgXgt2KSyIMwIcAPpJL/B/FQiB+5hgboEfHwpW
vtBV4728ALKxHzd2QdZkXUoL4gTDyieWzQ1veQQPsGkNC9sKdso7eC85SeGCPFv3sX98bAIf
qBmAyJCxBy48YPrG7x8xAWAhSQEwEmTPW2+f/9iTGVvSjAMQQL7PWuG7tv+rNTu2XF3GMiTJ
g339u7MR16MPn0hZU5La474+F/47wgBvu2AJsLj5Q1s//kfBN//HX/faO/c//AO3lU//ibGv
heE9dH/xc1tLTpLFJuYLd6ScYfIjH4ugsMptZTc6vNqvylT/dstnjnz+Ewf+ghkDhOx6dvzH
c19gI52+h/fLZF18GMg+2Xks6tdHnZEDhZzkO3H2CQlkjQ5lmuCl5+2Xm1cOVuX3PjqSP+Yi
zdCqNStVLQV9OT5yABasiyUy41+98C36gQKWAaqACPft3Lrqg+6RbS5V0qZdPAIi4/qeix+v
Y+Jq3+r9q77DiIG0AqddeQR4dZ9Sct9adcgvfa7nF+QBW76BFl5Y9v3z/0r1ffturF6w4rsm
mLgwAfK1NdrZqjJn3r5KQJDcpwzte8yblgdmN7jBwn0dHRYQ/QI8kHzgZiDPKCdh5wuQU4K3
sudimd2Qa9XPguHvGgUfEy/X/ni7mYK7ZGdIpgukKhRGY1vbJa0AJ+vHePfA07H/bufQ0d18
IJ3grcvGkuboTM8YqMLOgz07AZQZFRZN0kjefDx2991S5HanZw14jtX92NPdAM07HgDcQVIG
CqE23/M3m0fz0HPrkKImJ8N67GDJ5bO3DgGXzoFl3KpzkwGPjncunnl94CT8/rhfDXxeJ3IA
6lHnZ6ZuewTO7qSLjJsJ5wwUWHvbh8zkrb+LvSMO6xYySC707a5o+gxLGpqW5HanhQQdH52W
JDs+C+Vi1w3A6vv/iSis//yzAjfyqp1kkICiFl5eyo7XpeMfhs6PF6Nx//y4Cz4bIbb/3ELz
RnXNgVkUwdqHVFOj3vqj2mH7SGDlSipL5Rienui2rsZ++hb6mfUte8YgyG9AURhMhW5ECci4
y2L70kL7yQljJXHe61fHixfGi2fHh6qBcFpxxvbTjboaw5r9Uqftx3EWpea8I3+NFcfZsaVU
0bCODp4rT1d0ZSJlXV8kzsa1TlsGQe+yMIjCvVPhPj8sgWsRLmI/PZGyknV5abBSHlZ5OsaD
Ft5TbNSbjb2Tjdr0D4fVuJaxGyiC3k83Fjryafk5OljR4Jny4FtHi5V6ccIkuPUb+czYDYPg
rm2Hg+hH+6IQKDEGOAYL3j7+dub4S48d/2J13P98cD4zFwVx3e77WRUrX32WPF1MBEZxnfQ+
1Kg1G7XJxp7JxnDz4FCnncT/+MJx075j1ZI6nKocHayUBytHVdGng5RVv6F+GiUpah70HTs+
V3unwnoUBlMAFi5hRDJfVcqDzfLguXKx8vLuCWPNIrl09KmycFwSP6s2hCujsD4VuoQuz/gZ
svF+Kd0YJ0n9nBovVj236g1VAQqkzMwi9gf9TtuP96MfErXPxY1+gGXAo3L6S9XjxXfHi9Vx
qsHaIIpuSvbpQj8nkjgLrF12eN3U4b1TP6pPHd7LaWdpq277XFYk/c0RvROk08k+2gz2oKTK
VazlF33biuuE/WBJaijA6Th4zbKEogL0t2qxCtaMDzJEr/P068D0hfFi1QPrK5dxkrrNtxol
F7g5hNCgXSP59YfyhEEU7vVIYVyW1+Jxu0oBWUmCLM4ETsNgdTNikybAA9PpR2EPzQaKsFiq
umfXJxt7Hjw03LT3sFwxnpU8S1KYLkkIu2awuu889dXS2at3XvCKb33Ir/LKGDuS/DwVxJvb
txolecPYPpLz7NqHnu0tjG5uqv+h0ZTe2Ea6joQzstx5+gVuK097m3aMlC8dIc5nz0j3Mr1A
VnIphn3v5ojPz1WpXatrj7m9kw0ePNT70OxmnhISXal+AFsRVsFKTx4h7Rvglqf+oIduJzU+
6FoeVJK+js5s1WYltgIykD24jfR1A3xjXWYNjivgurvs2vpC3IfQmXthm5WjQ5fctHPEvnKE
dMMQvwUNzNHprjyAm3LBMcDSQytHcoURe8ru6Q/Htlmfg7oBah3r3T+p9jW6ZwZ4vHq84w5Y
YsBd8fzx9zr4fiZ44g8pfNkFqCGxesv1/2LyOdOclUZ7Xm0Mk5YDIOeD9ZRlmU6q26cNx5K+
YvYfjXP55f8c9oZ481D/ZaufDEgslaR3s7YkT5K2kasZoHNLFNZTz9w5Fbodh13CAswh0VmR
9OKGEUkvFqWoQlYGRk3kuRfYBlCogpWP8+Ot3qxztR0/XNeUJg8OS8M7c0LyVm/RG3lLtqTQ
KkkiV0NyN7xWvnRq+f6ny0XVBs5J2pT1kbys5JOTLUn+PVKUifuQZ+7jpt5fhndGEN30MNCV
n0HyUpVy9FY5+nq5WFGxIlW6S0I6kapIUvT19s7u6pOB6NuPQEDz0FToEgL1cWpIx74evwCf
WmBfN7DpK3nAU6ZFMqr5gkE6dqAsSY20FJ9D0SN9MrA+E8yzkRY7MfA7+1cC3uyTXvF8QEh0
8fYCSLPp1yQpOtIed02fDFz96mUIaD6XNJChthMaCMONkMF+rNWbXbyIY6C7/CuAKbyhpIG0
wIDzibMA2bHCbhcgLOW5ZiDTamPpcQEc16PDwLVXegFmxryhcBzwL+YKNaRG+pgknWwf6tGa
kpCaBzaVpOahzZPn9jQlaTgjIYV2VZKckt6LzZtIBozzaw9m1/d7MA7A2wlfWOHBXPGPN1zZ
+wHAKq0h64DlTwJvPnqp23nyFUBWwgvqp8rSwYFzR3ef2VSUrlxP+OZsNScRlNQIH8tJc48n
vCBzeiPa9b0A3FsCqLX5nZdTeN9ARc2JzWnp0vU2bwr4X5cCZvzkHJx/stW35+9j+t6701H4
HY2WojfafLOa1okQS0FaaI6vSPH7+ted+uk0Ge+7ZnxHeN8OFwJLwMU7ovTZfOr6sT+fOPbj
6eWzz3DVAHi75vLAqwU47Z3HgTSSdNLenx2jYyPn6v2rNu2YlfwYpz/rApbkd8LeFg+aKHxk
nQeYfdHYyge/6bfidCEHkJaCjEFSPfZjBs4AZKUrHd07Xmvx9zzWnoSj/wc7R4ttnlXo+nFS
6TsI3HYevoYzAVBUfXBk00Al4Wty6exKbKK4y4j76r8rnFvigwVTf5868bPpmE9JLlvjA10v
0vHSQKU1bkfXppPALe7cpzBO1Wuto7uznAce0lronTzY117HfOE08GLzAqzqnmzHeWrj4ARY
fbvJc+7lHeWW//rlm3tAp2+hYH3vk1tdyBqAtfeu2Wf9NdfZstKg5YX2uq/sm7B1GUcvLKm8
7LR1j4u3b5iwpaOSn1ZEqRVPdsPkmm2wEzK3lNQ1zwc3OmHZBbjsjFg+rTxc37ThTFefJFE8
93KnpNlYH9iaC+N+gLLCVZKaMb7rUA1L0ruuhoNVSvg1/PTEdnM78I5xH527t60zhLnseUi/
7eVsKeiQFNguoPLgx3/Sf+LV5XctXfVX25dvbsUTdf5lBLnXFPZJwTpJ8XvQSj9XATbSDNxq
UCB5D6Jrn70V8vCJD7hHgo3z8011qcAlnvc3MRJ8rU00rdqb6YL3Zx+9+m8XfP+Nh4FERzrw
yViKycWbVor3C2aXClZ+16EVPsIFlsbz3frAbk+Xr955CixP8+MeHwCs7y7QjWL/PzkYQe/k
IUmRV57Xr6pvRLBusiFJ9M3rP/azF6D282tnvSFMYV4vmrkYtiWwGIntZ4NrdKXdw+tA21s6
BTADXdB315/WCtjN+XiCAY8COKfKatoL/DjfrloF+MajP8BKLYg/FJYX/wptSZpJ8lPCjGW6
e06ND73lLNTHhkn7YK2T/OwCfSz6MqkxCs/rly1BIH7K7GPZm3g9L10g0wUkupOUZwUd5aIk
P7cgTobYPHLbhg/vnWKoneemJI9PxYKcqn0t+1qs/PW8Pj50gZZOQosi72eLJGmsFFMt1dWU
LHaPbJ5slNpCI3pvJlSE9SJvlYtSNBLjlk7/S2g/7lj//HCs3ziJzKIyYV+A2T1Sm2xIjTtb
frYR5nzwk8zG6ZfR/Rb4Tsdx56zngt+ZxBkGVpD1SPVbe6RWOuUbKyAIPNY4TwAkaQNUtatZ
6Bh13iqXpIFE/6TuZb0UFIgH9BJqYkKvy4ORsV3ulimITscy5wyzbgmwql0plaVaf0JFzbXt
JTBmlYkutNqQeL+/FwK2X7D3SLoyMq/TBi7YPtYeSZftFv6eroJJB93OmaPFxovpBHdC7oYo
40xxe2/G/kGmpUFFRx92octw4J5PnV//WGu6jn6vbzvkLR7PXFnxvf/Oz6tZfVUoyXUym5yO
NqPDJ+sRqz07n+1tycjzeDXZPsllwMljwa03ymuJTgVL3Bt1rIC0H5OyzYUFggkBtp/k3p93
L8cBP3k8e+WleckqxPJjjnXD9Vt1dYNx6fpNeIYI/Bt5aOzHwsq0NO0bdHgsn/eZRwZ3saEt
AxHWojq/FvkIMGMoMOQs4klVFpmub+ji/dMCQyamre/DHRabliUZK1osHmvRbxUGvJ7FJqyk
T3yfn8Wy8Nu/g/zfADTzT00omBTHAAAAAElFTkSuQmCC</font>

DOA

 If I weren't analysing magento right now I'd sit down and read that. But as it stands now I'll only get an out of memory error if I try to fit that in my head. Summary anyone?

rohypnol

@DOA said:

 If I weren't analysing magento right now I'd sit down and read that. But as it stands now I'll only get an out of memory error if I try to fit that in my head. Summary anyone?

 

It's so scarry that I doubt anyone but the original poster would try to understand what's happening there.

Guest

Well, a quick look and you can tell that:

<font face="courier new,courier" size="2">verification=document.password1.password2.value</font>

We're missing a form called 'password1' with an input called 'password2' here.

 

And, after all that crap, you have:

<font face="courier new,courier" size="2">else
    alert('Your three tries are up.  Access Denied.');
    history.go(-1);</font>

So, the WTF here is JavaScript-based security.

lolwtf

<!-- STEP TWO: Put access code here! --> if (code==174153441) // code==[your access code]

Guest

@lolwtf said:

<!-- STEP TWO: Put access code here! --> if (code==174153441) // code==[your access code]

...if it passes, it will call go(), which is this:

function go(){
    location.href=pass+".html";
}

pass contains a value that was prompt'ed from the user, mind you.

DaveK1

@lanzz said:

oh! oh! here's an even greater WTF, i'm base64-encoding it for your convenience:

<font face="courier new,courier">iVBORw0KGgoAAAANSUhEUgAAALQAAAEOAQAAAAAIkAA4AAAACXBIWXMAAAsTAAALEwEAmpwY
</font>

 

�PNG [ ... ]

<groan>  It's the WTF-meter, isn't it? 

Guest

@DaveK said:

It's the WTF-meter, isn't it? 

Thanks for suggestion. It isn't the WTF-meter, just some guy with a smoking pipe:

trainbrain27

I half hoped someone would crack it, but the password to the first one is "password" and it sends you to [site]/password.htm. 

One guess if you even need to enter the password.

 

The second part is never (to my knowledge) called.  The page that contains it doesn't take text input.

 

Here is the bit that gets the password (with the old way commented out):

    <td width="100%" bgcolor="#333333">
	

     <!--
	<form name="password1"><div align="center"><center>
      <p><input
      type="text" name="password2" size="20"> 
        <span class="style8">x</span>
        <input type="submit" value="go" onClick="submitentry()"></p>
      </center></div>
	  <INPUT type="text" style="DISPLAY:none">
    </form>
	-->

	<form action="password.php" method="post" name="password1"><div align="center"><center>
      <p><input
      type="text" name="password2" size="20">
        <input type="submit" value="go"></p>
      </center></div>
	  <INPUT type="text" style="DISPLAY:none">
    </form>

 It shows up later in the page.

 The Base64 encoding is a picture of J. R. "Bob" Dobbs, from the Church of the SubGenius.

                </div>
                
                </div>

Guest

@Zecc said:

It isn't the WTF-meter, just some guy with a smoking pipe

That's not "some guy", but [url=http://en.wikipedia.org/wiki/J.R.%22Bob%22_Dobbs]J. R. "Bob" Dobbs[/url].

zzo38

@DaveK said:

�PNG [ ... ]

<groan>  It's the WTF-meter, isn't it? 

The WTF-meter is animated, I think ,so I doubt it would be if it was PNG format

Guest

 I lol'ed at the GeoCities reference.  This code must be over 10 years old.

(Not that it would have been any good 10 years ago either)

Eternal_Density

@lanzz said:

oh! oh! here's an even greater WTF, i'm base64-encoding it for your convenience:

tl;dr

Zemm

@Aaron said:

I lol'ed at the GeoCities reference.  This code must be over 10 years old.

 

So is his site. You need IE4 or Netscape 4 running at 800x600 in 64k colours to view it, apparently. Go get the "Javascript's" [sic]!

DaveK1

@Zecc said:

@DaveK said:

It's the WTF-meter, isn't it? 

Thanks for suggestion. It isn't the WTF-meter, just some guy with a smoking pipe:

Oh, well that's a good deal better.

But he's still not getting my 3 bucks.