Mon Apr 29, 2013 4:27 pm
If I'm correct password.php will send the correct URL if the correct password has been entered
- Code:
window.location = data.url;
Mon Apr 29, 2013 4:28 pm
Guido wrote:If I'm correct password.php will send the correct URL if the correct password has been entered
- Code:
window.location = data.url;
Yeah that's right. Provided by this page that is generating JSON based on whether the password is correct:
http://cosecha-transmisiones.com/passwo ... XXX/519225
You can use that if you want it to be a bit easier to try out passwords
Mon Apr 29, 2013 4:29 pm
Hmmm wonder if this is the code 22 Aug 1996? so 220896?
Mon Apr 29, 2013 4:30 pm
It is not certain they want us to enter the 36 digts. The fact that the source code of the HTML indicates something is up with the 5th slot might as well indicate that we have to find some password after which the fifth slot will be revealed to us. Just an idea. And as some others have noted, the date of the login console is the date that the Hare virus becomes active. There is something up with the Hare virus, that is why I posted a link to the source code of Hare.
Mon Apr 29, 2013 4:30 pm
Were any singles release by boc on 22/08/96 white label or anything. Two track lengths = 6 numbers and could be p/w
Mon Apr 29, 2013 4:31 pm
Shit gotta do shopping, bbl.
Mon Apr 29, 2013 4:31 pm
did somebody try any injections? SQL Injections?
Mon Apr 29, 2013 4:31 pm
I don't think it will be as simple as entering a string of numbers....
Mon Apr 29, 2013 4:33 pm
Guido wrote:It is not certain they want us to enter the 36 digts. The fact that the source code of the HTML indicates something is up with the 5th slot might as well indicate that we have to find some password after which the fifth slot will be revealed to us. Just an idea. And as some others have noted, the date of the login console is the date that the Hare virus becomes active. There is something up with the Hare virus, that is why I posted a link to the source code of Hare.
I think this sound logical. Entering a correct password could reveal the 5th code
Mon Apr 29, 2013 4:33 pm
xpahos wrote:did somebody try any injections? SQL Injections?
LOL how hilarious would it be if we hacked our way in versus figuring it out the legit way. talk about spoiling the fun haha
Mon Apr 29, 2013 4:33 pm
This makes the random "Markus Boc" Hare Krishna virus video on the hex-to-text page observation far more eerie. Were we onto this all along?
Mon Apr 29, 2013 4:34 pm
It's probably been mentioned already, but I find it very odd that there aren't any zeros in any of the sequences. Also, I think 30 digits is a very small sample to many any statistical conclusions, but the distribution of digits could still be useful:
Digit - Occurrances
0 - 0
1 - 3
2 - 6
3 - 2
4 - 1
5 - 5
6 - 3
7 - 4
8 - 2
9 - 4
Digit - Occurrances
0 - 0
1 - 3
2 - 6
3 - 2
4 - 1
5 - 5
6 - 3
7 - 4
8 - 2
9 - 4
Mon Apr 29, 2013 4:34 pm
am i going mad or is that website changing what I type?
edit: try typing harvest in a password then deleting it inline then typing again
what is going on there?
edit: try typing harvest in a password then deleting it inline then typing again
what is going on there?
Last edited by chishkebab on Mon Apr 29, 2013 4:37 pm, edited 1 time in total.
Mon Apr 29, 2013 4:34 pm
vballs wrote:Guido wrote:It is not certain they want us to enter the 36 digts. The fact that the source code of the HTML indicates something is up with the 5th slot might as well indicate that we have to find some password after which the fifth slot will be revealed to us. Just an idea. And as some others have noted, the date of the login console is the date that the Hare virus becomes active. There is something up with the Hare virus, that is why I posted a link to the source code of Hare.
I think this sound logical. Entering a correct password could reveal the 5th code
using the existing numbers to figure out the 5th code and then enter the 5th code at password prompt is also logical i would think. hmm
Mon Apr 29, 2013 4:34 pm
Guys, i gotta run. Have fun cracking this. Hopefully be checking back soon!
Mon Apr 29, 2013 4:34 pm
Impossible Geometry wrote:xpahos wrote:did somebody try any injections? SQL Injections?
LOL how hilarious would it be if we hacked our way in versus figuring it out the legit way. talk about spoiling the fun haha
I dont think it uses SQL by the looks of things...
Mon Apr 29, 2013 4:35 pm
Impossible Geometry wrote:xpahos wrote:did somebody try any injections? SQL Injections?
LOL how hilarious would it be if we hacked our way in versus figuring it out the legit way. talk about spoiling the fun haha
Not necessarily, I think it will be just another way of playing their game.
Mon Apr 29, 2013 4:35 pm
globochem wrote:This makes the random "Markus Boc" Hare Krishna virus video on the hex-to-text page observation far more eerie. Were we onto this all along?
Oh, right.. That wasn't even a part of a clue or anything.. We just kinda "found" that, didn't we?
Oi, I can't think of anything that would be the password..
Notable attempts:
guest
password
admin
sysadmin
TO NO AVAIL
Mon Apr 29, 2013 4:36 pm
I think we dont need ///// signs
