I hope Xenu isn't checking these pages sequentially, and is instead choosing a random order...and I hope even more that if they aren't, our ISPs aren't watching this. We're not doing anything wrong, but it'll still look suspicious.
I hope Xenu isn't checking these pages sequentially, and is instead choosing a random order...and I hope even more that if they aren't, our ISPs aren't watching this. We're not doing anything wrong, but it'll still look suspicious.
Away.
well i have generated the pages in a some what random order.. but still you can say that they are sequential.. Any way it is not illegal.. It is like a contest and the full permision has been given by the site owner...Originally posted by blackrat364
I hope Xenu isn't checking these pages sequentially, and is instead choosing a random order...and I hope even more that if they aren't, our ISPs aren't watching this. We're not doing anything wrong, but it'll still look suspicious.
ISP's if they have an hawk eye may suspect sometrhing... think about checking 1.5 million web pages in a day from a single connection ..
so any whats the progress.. which file are you processing now.. and any luck?????
I've run (to be updated as I progress):
50-62
I'm running
63
No results yet
Last edited by confuted; 05-24-2003 at 05:42 PM.
Away.
ok this is how the distribution has taken place
Code:XSquared 1.rar 0-24 Sang-drax 2.rar,4.rar 25-49,75-99 blackrat364 3.rar 50-74
got feedback from blackrat364 and Sang-drax
have two more files 5.rar and 6.rar each containing 25 files...
there has to be an easier way for 9
Hey guys...is this function in the java for #9 going to be a problem?
Edit: the explitives in the code were replaced with $$$$, decompile the .class if you don't get it.Code:public void run() { do try { do { xxoooxo.getthread(); xxxooo.getthread(); Thread.sleep(50L); } while(!warefuc); if(warez$$$$er == 5) { repaint(); warefuc = false; } else { warez$$$$er = warez$$$$er + 1; } } catch(InterruptedException interruptedexception) { } while(true); }
Away.
In an attempt to figure out if there is, as the wookie suggests, an easier way to do this, I'm going through the code doing a search and replace on the variable names with more descriptive names. Anyone interested in the modified code should PM me.
Away.
yeah brute force can't be the only way, because that would also strain his server. can someone send me the class file or the url for level 9? i dont feel like going all through the other 8..lol..too tired and dont have time and im too lazy
Here are the two decompiled class files. They're text files, so you can open them in notepad.
I've looked over the source, and the only way to do it is through brute force. As long as 'Ab' is in the password somewhere, it will redirect you.
Naturally I didn't feel inspired enough to read all the links for you, since I already slaved away for long hours under a blistering sun pressing the search button after typing four whole words! - Quzah
You. Fetch me my copy of the Wall Street Journal. You two, fight to the death - Stewie
vasanth, you've made a mistake!
The files you've generated has upper-case B and C, but it should be lower-case (the server is case-sensitive).
Hehe, two hours of scanning in vain...
Last edited by Sang-drax : Tomorrow at 02:21 AM. Reason: Time travelling
Vasanth! Gah, you make me sad. Are you going to fix that, or are we aborting?
Away.
those variable names are a pain in the ass
Never mind, I found the code for level 9!
If you'd like it, PM me... I don't want to spoil anything if you want to try yourselves.
Last edited by Sang-drax : Tomorrow at 02:21 AM. Reason: Time travelling
yeah, they sure are. I didn't finish renaming them...mostly because I don't know Java, but also because I got bored. I think I may have only done two or three names, but it should be helpful, because I got some of the important ones (I think...they could be bad names, but they're still easier to read)
Change the extension on that file to .java
Away.
guys brute force is the only way.. since the pasword in no way stored in the applet.. it just redirects you to an HTML file based on the password.. and it will do it if there is an Ab in the pass..
any way Sang-drax has finished it.. i have PMed the other two with the password as they were a part of the crackin group.. and sorry guys for generating the URL with upper case.. i did not know the server was case sensitive..
now at level 10.. In level 10 the checking seems to be made at the client side itself.. But uses some complex algorithm to check and does not give away the pass as it is.. but should be easy since no server attack is needed.. any way workin on it.. will PM you if i get the result..
Last edited by vasanth; 05-24-2003 at 08:31 PM.