The missing link

Moderator: BarsMonster

Post Reply [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable
User avatar
LordMike
Posts: 184
Joined: Tue Feb 10, 2009 8:34 am
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

The missing link

Post by LordMike » Tue Mar 16, 2010 4:36 pm

Hello,

I've recently been banging my head against a wall, where I need to find the algorithm used in a specific flash game. They use some form of authentication value, which I believe is an MD5 of the values being sent to the server.. So the server can tell if the data has been tampered in any way, assuming the hash is untampered (Most people won't tamper with it :P).

I am therefore in a situation, where I know all the data involved - even my own password if that should be it. Could be awesome if bars - or other - could take a list I provide, and then mess around with it.. Adding texts and such, to find perhaps a salt, or the method data was put together with.. I have values for my 'characters' stats, some values for what I did since last update.. And a hash...

Simple can't figure it out..

Any suggestions?
(Yes, it's a question as well as feature request :P)

-Mike

User avatar
schwarzwaldhacker
Posts: 170
Joined: Tue Apr 07, 2009 7:18 am
Location: Россия
Contact:

Re: The missing link

Post by schwarzwaldhacker » Tue Mar 16, 2010 7:45 pm

Glad to see that you are still alive!(And not jailed or something!) :D

Never did something like that before. But I would be very interested to have a look!

User avatar
LordMike
Posts: 184
Joined: Tue Feb 10, 2009 8:34 am
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Re: The missing link

Post by LordMike » Wed Mar 17, 2010 6:27 am

Oh, I'm actively following allright :P
Not to worry :P

User avatar
schwarzwaldhacker
Posts: 170
Joined: Tue Apr 07, 2009 7:18 am
Location: Россия
Contact:

Re: The missing link

Post by schwarzwaldhacker » Wed Mar 17, 2010 7:31 am

LordMike, is this about finding a pattern?

Do you need us to "fuzz values"?

User avatar
LordMike
Posts: 184
Joined: Tue Feb 10, 2009 8:34 am
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Re: The missing link

Post by LordMike » Wed Mar 17, 2010 6:23 pm

schwarzwaldhacker wrote:LordMike, is this about finding a pattern?

Do you need us to "fuzz values"?
Yea.. But not you.. :P
A program :P

EDIT:
Basically.. I don't know the pattern it's encoded after. But I know the details about before and after. So it'd be easier to use my information, than just bruteforcing.. :P

User avatar
schwarzwaldhacker
Posts: 170
Joined: Tue Apr 07, 2009 7:18 am
Location: Россия
Contact:

Re: The missing link

Post by schwarzwaldhacker » Wed Mar 17, 2010 6:30 pm

As long as I know nothing about your values, it is very difficult to write a program???

User avatar
LordMike
Posts: 184
Joined: Tue Feb 10, 2009 8:34 am
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Re: The missing link

Post by LordMike » Thu Mar 18, 2010 5:14 pm

schwarzwaldhacker wrote:As long as I know nothing about your values, it is very difficult to write a program???
Hmm.. Just imagine a list of strings :P

Like:
"mike"
"password"
"randomsalt_in_htmlpage_i_found"

:P

User avatar
schwarzwaldhacker
Posts: 170
Joined: Tue Apr 07, 2009 7:18 am
Location: Россия
Contact:

Re: The missing link

Post by schwarzwaldhacker » Thu Mar 18, 2010 6:45 pm

Could you please give us 3 examples? So we could see if this is linear?

Sc00bz
Posts: 136
Joined: Fri Oct 03, 2008 8:28 am
Contact:

Re: The missing link

Post by Sc00bz » Fri Mar 19, 2010 1:00 am

Wouldn't it be easier to just tell us what site it is? So someone can decompile the swf to see what it is doing.

User avatar
LordMike
Posts: 184
Joined: Tue Feb 10, 2009 8:34 am
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Re: The missing link

Post by LordMike » Sat Mar 20, 2010 1:34 pm

I actually considered that. So I hacked my way to the original .swf and tried 'disassembling' it.. No alas..
My teacher / flash 'expert' told me that it's prob. due to flash's build-up. Which is complicated.

The site is:
gallejessen.dk

The flash loader is:
http://toms.verticportals.com/Cocoa/Fla ... ersion=1.3

The flash is:
http://toms.verticportals.com/Cocoa/Flash/Main.swf

Crappy game.. But perfect for making a bot, due to its standard XML data-format :P

User avatar
schwarzwaldhacker
Posts: 170
Joined: Tue Apr 07, 2009 7:18 am
Location: Россия
Contact:

Re: The missing link

Post by schwarzwaldhacker » Sun Mar 21, 2010 7:09 pm

LordMike, I am not sure if this will help you, but

1. I downloaded "SwfScan.msi" from HP. Which helps you disassemble SWF-Files
2. I downloaded their SWF-Files(mainLoader.swf, main.swf, tree.swf and so on)
3. I disassembled the SWF-Files
4. And I looked for "md5", which I found in "main.swf - Global.as".

Because indeed, they are using MD5! But I guess, you should have a look at it for yourself?

I also found a log/debug file in a similar Website, http://toms.verticportals.com/Anthonberg/log, Possibly this might help you as well?
Attachments
main.swf-Global.as.zip
SWF with MD5
(10.56 KiB) Downloaded 319 times

User avatar
LordMike
Posts: 184
Joined: Tue Feb 10, 2009 8:34 am
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Re: The missing link

Post by LordMike » Tue Mar 23, 2010 9:29 am

MD5_auth = MD5.encrypt(String(Ref.vars.ticket + status.water + status.sun + status.weed + status.age + Ref.vars.userId + this.SERIAL_FOR_QUAKE2));


WTF?!?!?!
QUAKE2?!?!?!

lol?

"QCK7-H2K9-5667-A4C4-1337"

loooll... :P
1337 :)

EDIT:
Cool, I got it now :P
Thanks :)

Post Reply
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Who is online

Users browsing this forum: No registered users and 1 guest