Hyperpro cracking
Simple cryptanalysis
student
Hyper Javascript
03 June 1999
by bajunny
Courtesy of Fravia's page of reverse engineering
slightly edited
by fravia+
fra_00xx
98xxxx
handle
1100
NA
PC
Yeah, it was very easy indeed. But it was MEANT to be easy, dear bajunny, because I aim to use this section (starting from HERE) as the real hyper laboratory, and I am sure that many readers that will join us here (either trough the BabaYaga image, or through the reversing, or through noticing that the only inverted letters are A, B, Y and G) will be able to help us to go FURTHER.
And further we will go, starting from the essays that are beginning to rain in right now...
There is a crack, a crack in everything That's how the light gets in
Rating
(x)Beginner ( )Intermediate ( )Advanced ( )Expert


Hyperpro cracking
Simple cryptanalysis
Written by bajunny


Introduction
Cracking and cryptanalysis are alike. Maybe the same.
I like it.



Tools required
Trained eyes. JS-enabled browser.

Target's URL/FTP
fravia+'s puzzle

Program History
Your_target's_history (if any)

Essay
OK, lets crack super-pooper JavaScript hyperprotection..

In effect, fravia+ gives us so many hints counting them can trouble password search. Zero'th level observation: usual cherished filename-encrypted technology. But let's see the text:

1) Figure it out... looking at this Bilibin's picture
2) and at the Javascript code :-)

Well, in fact hint (1) is all we need but we are reversers so let's start instead from (2). It's a very simple Vigenere-like cipher. It would be true Vigenere if the alphabet were ABCDE....XYZ. Cracking such ciphers even with unknown alphabets IS possible (and quite easy - see LANAKI lessons) - but it requires a fair amount of ciphertext (at least 80-150 chars).
Here we know the alphabet and are ready to feed in some possible plaintext. It generates a filename, so ".htm" is an obvious candidate in place of ".fzn" inside the encrypted filename "ihp11pey.fzn".
More observations: fravia+ ciphers preserves letter case, so uppercase chars are crypted to uppercase ones. More possible plaintext: "Bu ru" -- maybe "Go to". Quite probable. So it's time to check passwords. I was so lazy so I only put some dumping code to decode() routine to see chars dump in the process of decrypting:
(I just reformat the original code a little)
......
                var lowercase = input_char_value >= 26
? true : false;
//XXX
document.write(
  alphabet.charAt(input_char_value) +
'('+input_char_value+ ')__' +
  key.charAt(key_index) +'('+
alphabet.indexOf(key.charAt(key_index))+ ')__'
  );

                input_char_value -=
alphabet.indexOf(key.charAt(key_index));

//XXX
document.write( '(' + input_char_value + ')');

                input_char_value += 26;

                if (lowercase)
                        input_char_value =
input_char_value % 26 + 26;
                else   input_char_value %= 26;
//XXX
document.write(
  alphabet.charAt(input_char_value) + '<' + '/p>' );
......
For more comfort, let's place it horizontally and forget the numbers, I will present some steps on the right, later comment them, password will be in uppercase below plaintext guesses
B u  r u  i h p p e y  f z n  B e k  z u s  z i k r k 
       < ciphertext

G o  t o  ? ? ? ? ? ?  h t m  ? ? ?  ? ? ?  ? ? ? ? ? 
       < [1] 
B A



G o  t o  ? ? ? j a v  h t ?  ? ? ?  y o u  ? ? ? ? ? 
       < [2]
B A  B A        A B A  B A ?         B A B 
                           Y
|                 |                  |

G o  t o  h ? ? j a v  h t m  ? ? e  y o u  t h ? ? e 
       < [3]
B A  B A  Y x y A B A  B A Y  x y A  B A B  A Y x y A




G o  t o  h y p j a v  h t m  S e e  y o u  t h e r e 
       < [4]
B A  B A  Y A G A B A  B A Y  A G A  B A B  A Y A G A 
[1] "BA" starts pretty well, we immediately see the match on "Go to" and supporting match "you", very inspiring

[2] we see no match for "m", so passwd here must contain "Y", note also a magic "jav" in filename!

[3] it's time to decide on passwd length; main problem with Vigeneres is cycling; it can be easily spotted in the real world; we still do not know two passwd characters (denoted as "x" and "y")

[4] easily spotted "there" and expecting something like "hyp" in filename cause we already saw "javfurther" and lot of other fravia+'s filenaming habits

Hey presto - password is "BABAYAGA". Or "Baba Yaga" - a mythical personage of many russian fairy tales.
Nasty old witch. Means something like "babay aga" - "old man" in Turkish.
Crearly you could also have just had a look at Bilibin's picture and then you will have to admit the "plentity" of hints left by fravia+.

Russian is my native language so I spotted the answer somewhere between stages [2] and [3]. See: my browser doesn't show pictures by default...

Final Notes
Remark: actually I cannot take JavaScript tricks to the heart.
JS is lousy. It is quick&dirty fix appeared in browser war between M$ and NS.
Of course one can employ very complex crypto even with JavaScript. And I'm sure we will learn some nice advanced tricks here, together. But teh same level of protection (or better) can be achieved in much more reliable - and comfortable way on the server side. Also beware JavaScript's number representation if you dare to use it for protection, he-he.

Ob Duh
"Ob Duh" section is great, but now it's 3 am and I don't want to type anymore still my eyes can't stand default text so I feverishly delete it!

You are deep inside fravia's page of reverse engineering, choose your way out:


vao_hype
Hyper javascript

redhomepage redlinks redsearch_forms red+ORC redhow to protect redacademy database
redreality cracking redhow to search redjavascript wars
redtools redanonymity academy redcocktails redantismut CGI-scripts redmail_fravia+
redIs reverse engineering legal?