Hacking Javascript

I came across a website recently with the following Javascript code to password protect the site
function submitentry(){
password = document.password1.password2.value.toLowerCase()
username = document.password1.username2.value.toLowerCase()
passcode = 1
usercode = 1
for(i = 0; i < password.length; i++) {
passcode *= password.charCodeAt(i);
}
for(x = 0; x < username.length; x++) {
usercode *= username.charCodeAt(x);
}

if(usercode==160891453245600&&passcode==120622737064212)

{
window.location=password+”.htm”}
else{
alert(passcode)}
}

I thought it might be possible to find the username and password, so I put together the following JavaScript

do{
passcode = 0
var j = Math.ceil((Math.random()*26) + 96);
var k = Math.ceil((Math.random()*26) + 96);
var l = Math.ceil((Math.random()*26) + 96);
var m = Math.ceil((Math.random()*26) + 96);
var o = Math.ceil((Math.random()*26) + 96);
var p = Math.ceil((Math.random()*26) + 96);
var q = Math.ceil((Math.random()*26) + 96);
passcode = (j*k*l*m*o*p*q);
}while (passcode!=120622737064212);
alert (j + " " + k + " " + l + " " + m + " " + o + " " + p + " " + q);

Unfortunately the JavaScript interpreter of my browser couldn’t cope with this, but the principle of the script was basically OK. You can see this by running the following script

do{
passcode = 0
var j = Math.ceil((Math.random()*26) + 96);
var k = Math.ceil((Math.random()*26) + 96);
var l = Math.ceil((Math.random()*26) + 96);
var m = Math.ceil((Math.random()*26) + 96);
//var o = Math.ceil((Math.random()*26) + 96);
//var p = Math.ceil((Math.random()*26) + 96);
//var q = Math.ceil((Math.random()*26) + 96);
passcode = (j*k*l*m);
}while (passcode!=132825000);
alert (j + ” ” + k + ” ” + l + ” ” + m );
This should give you an alert message with 110 105 115 and 100, when you set up a web-page with this script. From the length of the numbers 160891453245600 and 120622737064212 I guessed there were 2 seven letter sequences to be found. To break the original problem I had to resort to a bash script:

#!/bin/bash
RANDOM=$$

PIPS=26
MAXTHROWS=1
throw=0
passcode=0

zeroes=0
ones=0
twos=0
threes=0
fours=0
fives=0
sixes=0
sevens=0
eights=0
nines=0
tens=0
elevens=0
twelves=0
thirteens=0
fourteens=0
fifteens=0
sixteens=0
seventeens=0
eighteens=0
nineteens=0
twenties=0
twentyones=0
twentytwos=0
twentythrees=0
twentyfours=0
twentyfives=0
twentysixes=0

print_result ()
{
echo
echo “as = $ones”
echo “bs = $twos”
echo “cs = $threes”
echo “ds = $fours”
echo “es = $fives”
echo “fs = $sixes”
echo “gs = $sevens”
echo “hs = $eights”
echo “is = $nines”
echo “js = $tens”
echo “ks = $elevens”
echo “ls = $twelves”
echo “ms = $thirteens”
echo “ns = $fourteens”
echo “os = $fifteens”
echo “ps = $sixteens”
echo “qs = $seventeens”
echo “rs = $eighteens”
echo “ss = $nineteens”
echo “ts = $twenties”
echo “us = $twentyones”
echo “vs = $twentytwos”
echo “ws = $twentythrees”
echo “xs = $twentyfours”
echo “ys = $twentyfives”
echo “zs = $twentysixes”
echo “Passcode = $passcode”
echo
}

update_count()
{
case “$1″ in
0) let “ones += 1″;; # Since a is not “zero”, this corresponds to 1.
1) let “twos += 1″;; # And b to 2, etc.
2) let “threes += 1″;;
3) let “fours += 1″;;
4) let “fives += 1″;;
5) let “sixes += 1″;;
6) let “sevens += 1″;;
7) let “eights += 1″;;
8) let “nines += 1″;;
9) let “tens += 1″;;
10) let “elevens += 1″;;
11) let “twelves += 1″;;
12) let “thirteens += 1″;;
13) let “fourteens += 1″;;
14) let “fifteens += 1″;;
15) let “sixteens += 1″;;
16) let “seventeens += 1″;;
17) let “eighteens += 1″;;
18) let “nineteens += 1″;;
19) let “twenties += 1″;;
20) let “twentyones += 1″;;
21) let “twentytwos += 1″;;
22) let “twentythrees += 1″;;
23) let “twentyfours += 1″;;
24) let “twentyfives += 1″;;
25) let “twentysixes += 1″;;
esac
}

while [ “$throw” -lt “$MAXTHROWS” ]
do
let “die1 = RANDOM % $PIPS”
let “die2 = RANDOM % $PIPS”
let “die3 = RANDOM % $PIPS”
let “die4 = RANDOM % $PIPS”
let “die5 = RANDOM % $PIPS”
let “die6 = RANDOM % $PIPS”
let “die7 = RANDOM % $PIPS”
let “passcode = (die1+97)*(die2+97)*(die3+97)*(die4+97)*(die5+97)*(die6+97)*(die7+97)”
if test $passcode = 120622737064212 ; then
let “throw += 1″
update_count $die1
update_count $die2
update_count $die3
update_count $die4
update_count $die5
update_count $die6
update_count $die7
print_result
fi

done

exit 0
This was a modification of a lottery script I got off the internet. Unlike the JavaScript interpreter the bash script just keeps running until it produces a result.

Eventually, after a day or so I returned to my computer to find the following output:

as = 3
bs = 0
cs = 0
ds = 0
es = 0
fs = 0
gs = 1
hs = 0
is = 0
js = 0
ks = 0
ls = 1
ms = 2
ns = 0
os = 0
ps = 0
qs = 0
rs = 0
ss = 0
ts = 0
us = 0
vs = 0
ws = 0
xs = 0
ys = 0
zs = 0
Passcode = 120622737064212
This revealed the passcode to be a commonly used word in dentistry. I ran
through the same code again to get the username and was able to login.
To improve the security of the website
I would leave out the ".toLowerCase()" bits in the JavaScript below.

function submitentry(){
password = document.password1.password2.value.toLowerCase()
username = document.password1.username2.value.toLowerCase()
passcode = 1
usercode = 1
for(i = 0; i < password.length; i++) {
passcode *= password.charCodeAt(i);
}
for(x = 0; x < username.length; x++) {
usercode *= username.charCodeAt(x);
}

if(usercode==160891453245600&&passcode==120622737064212)

{
window.location=password+".htm"}
else{
alert("password/username combination wrong")}
}

This would mean the potential cracker would have to work their computer
much harder to break the passcodes. If you introduced other characters
or numbers it would become very difficult or nearly impossible to break
down.

5 Responses to “Hacking Javascript”

  1. mark Says:

    Test response

  2. indianstudentyut Says:

    Hello all.
    I am a flag-waving American citizen who somehow landed in the Middle East and I
    am looking for a way out. :(
    (its a long story with lots of sordid details: cheating spouse, dysfunctional inlaws,
    deceipt and underhandedness...it might make a very interesting movie). :)
    Anyway, hello to everyone and I look forward to sharing my international experiences with all of you
    in the coming months.

  3. Mark Mouse Says:

  4. Daniel Craig Says:

    Hi there, I was looking around for a while searching for hacking computer and I happened upon this site and your post regarding Hacking Javascript, I will definitely this to my hacking computer bookmarks!

  5. Kalve Says:

    It was very useful!

Leave a Reply