-
Notifications
You must be signed in to change notification settings - Fork 1
/
template.html
154 lines (139 loc) · 4.78 KB
/
template.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
<html>
<title>NORCPU hackme challenge, Version 2</title>
<!--
NORCPU hackme challenge
Copyright (c) 2011 by Alexander Demin
Based on the original NORCPU by Alexander Peslyak
Version 2.1
-->
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<script type="text/javascript">
var mem = []
var mem_0 = [
$mem_js
];
function nor(a, b) {
var r = a | b
r = r ^ 0xFFFF;
return r & 0xFFFF
}
function norcpu() {
ip = $ip;
while (true) {
i = mem[ip];
a = mem[i + 0]
b = mem[i + 1]
r = mem[i + 2]
mem[ip] = i + 3
f = nor(mem[a], mem[b])
mem[r] = f
mem[$shift_reg] = ((f >> 15) & 1) | ((f & 0x7FFF) << 1)
if (r == $exit_reg) break;
}
}
function calc(password) {
mem = null;
mem = mem_0.slice(0);
for (i = 0; i < password.length; ++i)
mem[$exchange + i] = password.charCodeAt(i);
mem[$exchange_sz] = password.length
norcpu();
var result = "";
for (i = 0; i < mem[$exchange_sz]; ++i)
result += String.fromCharCode(mem[$exchange + i]);
if (result.length == 0)
result = "Wrong password!";
return result;
}
function check() {
var password = document.getElementById('password').value;
if (password.length < 1 || password.length > 16) {
alert("Password length must be from 1 to 16 characters.")
return;
}
var check = document.getElementById('check');
check.disabled = true;
var result = document.getElementById('result');
result.value = calc(password);
check.disabled = false;
}
</script>
<script type="text/javascript">
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-3017739-17']);
_gaq.push(['_trackPageview']);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>
</head>
<body>
<h1>NORCPU hackme challenge, Version 2</h1>
<p>
<b>Problem statement</b>
<p>
This is a hackme puzzle. When you enter a password into the "Password" field
and click on "Check" the value is checked by a special JavaScript program
embedded into this page.
<p>
If the password is wrong you'll see "Wrong password!" message in the "Result"
field. If the password is correct a special magic message will be printed there.
<p>
You have to find out that magic message.
<p>
Deadline is <b>31st of March 2011</b>.
After that date I will publish all the sources.
<p>
<b>Notes</b>
<p>
The hackme is written such way that knowing the algorithm it's possible to
restore the password, and as the consequence - to find out the magic message.
<p>
This page was tested on Google Chrome 10+ only and may work slow on other
browsers.
<p>
<b>Prize</b>
<p>
There is no prize this time. The <a href="http://demin.ws/norcpu/norcpu.html">previous challenge</a> has been solved quite quickly. This one is harder to solve and dedicated for the real geeks.
But I will be happy to publish a name of the first person who submits the correct magic message. Please send your submissions to
<a href="mailto:alexander@demin.ws?subject=norcpu2">alexander@demin.ws</a>.
<p>
<b>References</b>
<p>
Last year I wrote a few posts about this approach
(<a href="http://meta-coding.blogspot.com/2010/04/cpu-executing-just-one-operation.html">English</a>,
<a href="http://easy-coding.blogspot.com/2010/03/blog-post_26.html">Русский</a>),
described everything in details and gave the references to the original
author of this idea.
<hr />
Password:<br />
<input id="password" type="text" />
<input id="check" type="button" onclick="check()" value="Check"/>
<br />
Result:<br />
<input id="result" type="text" />
<hr />
<p>
<b>** 2011.02.16 **</b> <small>The updates are listed in the chronological order.</small>
<p>
<b>UPDATE 7</b>: The best submissions and the original problem sources are now available (<a href="http://meta-coding.blogspot.com/2011/02/one-command-norcpu-program-hacking.html">English</a>, <a href="http://easy-coding.blogspot.com/2011/02/norcpu.html">Русский</a>).
<p>
<b>** 2011.02.11 **</b>
<p>
<b>UPDATE 3</b>: The second submission received from Max Filippov contains the full solution of the problem: analisys traces and algorithms of the password and the magic message encryption.
<p>
<b>UPDATE 2</b>: The first submission received from "a5b" contains the correct password, its encryption algorithm details and the correct magic message.
<p>
<b>** 2011.02.09 **</b>
<p>
<p>
<b>UPDATE</b>: The first right submission is received from Antov Bukov. Congratulations to the winner!
Despite the right submission already received there is no evidence that the
algorihm is cracked. So you still have all chances to be first in cracking
the algorithm. Good luck!
<p>
</body>
</html>