Friday, April 22, 2011

Fravia+ Javascript Password Systems

Most javascript pages ARE ELSEWHERE!

This is a 'living' workshop on Javascript site protection.
You'll find the real javascript section of my site on the "other side" of these entrances... lamers should not and will not understand what's going on, yet the ones capable to study and to experiment a little, will not only go further, but will also be able to use this same kind of tricks (implementing and ameliorating them of course) in order to protect some 'delicate' parts of their sites... or to deprotect some other sites :-)


Entrances to the advanced page
easy
impossible
redjavpassp.htm
redjavpass1.htm
Some help for the easy entrance
redjavhelp1.htm
Entrances to the 'devious' page
easy
hard
redmyown511.htm
redjavdevio.htm
Entrance to the "hyperprotections"
redvao_hype.htm

Easy solutions provided by tsehp

Devious entrance

Hyperprotections


Javascript protection reversing
Fravia's living workshop on Javascript site protection

An incredible interesting matter. I have prepared these pages as a 'strainer' in order to keep lamers out, and to 'seed' a little the guys that will be able to work on more advanced matters. There are now THREE advanced javascript pages, completely indipendent, since the methods to reverse their respective entrances are quite different.

1) THE ADVANCED JAVASCRIPT PAGE (ADVANCED), which has at the moment two entrances, an 'easy' one (which is not so terribly easy after all, but which you'll be able to reverse/brute-force if you work a little) and an 'impossible' entrance (which is not so terribly impossible after all if you know your stalking/searching/ combing abc)
On this advanced page you'll find many interesting 'advanced' essays. From this advanced page you'll be able to access (this sommer) the 'wizard' stalking javascript page.

2) THE TARGETED JAVASCRIPT PAGE (DEVIOUS), or 'devious' page. So called because it uses a 'targeted' URL access system. At the moment has an easy, and an 'hard' entrance. I'll give help in a later moment if needs be... I hope not...
On this page you won't find much at the moment (because I'm setting it up right now), but, similarly to the 'advanced' one, you'll get (at least) the essays of all people that have reached it as soon as they start coming. Anyway from this targeted page you'll be able to access (this sommer) the 'wizard' stalking javascript page as well.

3) THE 'HYPERPROTECTIONS' JAVASCRIPT PAGE (HYPER), where you will be able to develop, with me and many others, a serie of simple, yet effective encrypted javascript protections for sites that do not want to (or cannot :-) use CGI server-side scripts. The hyper page has at the moment only one entrance.

4) IS THERE ANYTHING ELSE?
Well, yes: I have also prepared a small easy javascript tricks page to give you something to enjoy...


Man, I can't get not even through the easy advanced entrance... whatd'I do?

Read the help page. If after having read all that help you still cannot access the 'easy' entrance, leave this stuff, go reverse something else and come back when you have gathered a little more reversing stamina. Just to give you a (very pale and feeble) feeling of what you'll get on this path, here is some stuff to feed you happy until you discover how to access the above entrances to my advanced Javascript pages:


A ridicolous cookie-related javascript protection
(for newbyes at Javascript protection reversing)
reddark1.htm
(Guard Duty, Version 3 ~ Lancelot Security edition)
26 January 1998 by Fravia+
Quite easy


A most ridicolous yet still very common javascript protection
(for newbyes at Javascript protection reversing)
redj_ridcul.htm
(Useless yet widespread "anti-lamers" password protection)
19 February 1998 by Fravia+
Dead easy

The essays

(that you'll find only on the 'advanced' pages)


As introduction and "starter": PHASE 1, by Fravia+, 07 December 1997
SURPRISES INSIDE SURPRISES
(You probably did not know that you had these functions inside your browser)

As first possible little essay: PHASE 2, by Fravia+, 08 December 1997
Elementary tricks 1.1
(Popup pages galore and some stalking elements)

As 'quicky' small reward for having reached this page: PHASE 3, by Fravia+, 18 January 1998
Nasty antiMSIE tricks
(and some stalking elements)

From the "how people have reached this page" series: PHASE 4, by Syko, 01 February 1998
Password finder for Fravia's excellent JavaScript Protection
(applying english rules to a password cracker)

From the "how people have reached this page" series: PHASE 4bis, by Epic Lord+, 01 February 1998
How to use aids from your target :=)
(seems so easy now yet it was not so easy after all)

From the "how people have reached this page" series: PHASE 5, by Tomba, 10 February 1998
A deductive & recursive way into Fravia's java-pages
(importance of deduction in all reversing matters)

From the "how people have reached this page" series: PHASE 6, by Chris, 11 February 1998
Getting into Fravia's Javascript page
(a short java program: class CrackPass2)

From the "how people have reached this page" series: PHASE 7, by WeLuv, 18 February 1998
Thru the Java Door
(Shut the computer off and THINK through the problem)

From the "how people have reached this page" series: PHASE 7, by SPLiCE, 19 February 1998
The 'easy' javascript entrance: A recursive approach
(Using recursivity and deduction to overcome 'simple' protections)

From the "how people have reached this page" series: PHASE 8, by Jack of shadows, 24 February 1998
Know Thy Language!
The importance of knowing (your enemy's) language

From the "tools that people have written in order to reach this page" series: PHASE 9, by Ken (KenZone), 01 March 1998
How to check passwords!
A 'graphical' approach

From the "how people have reached this page" series: PHASE A, by Roady, 05 March 1998
javascript password brutecracker
Just needed a bit of luck

From the "how people have reached this page" series: PHASE B, by Tom, 26 March 1998
A "ponderated" vocabulary approach to advanced javascript
Each good triplet found increases the current score by one

Fravia's "sticky page" trick
by Fravia+, 18 May 1998
A "sticky" never ending page
This can be seriously annoying, btw...

+mISu's C++ program
by +mISu, 23 September 1998
a real solution using backtracking

Gattman's Java approach
by Gattman, 02 December 1998
A little java for you, ssir!

Gattman's FREE FOR ALL javascript can be accessed from here.
The 'dedicated' javascript for my advanced page is on the 'other side'.


The 'WHEEL OF FORTUNE' solution
by Pr!Me5, 20 January 1999
A little java for you, ssir!


A recursive procedure to generate the possibilities
by sepulcrum of revolution, 26 May 1999
A little java code for you, ssir!


Coasting Along On A Wave
by +Sandman, 26 May 1999
(on the "devious" javascript page)


Protection schemes: How to encrypt with Javascript
by Fravia+, 30 May 1999
(on the new "hyperprotections" javascript page)


Protection schemes: User input and javascript
by Fravia+, 30 May 1999
(on the new "hyperprotections" javascript page)


Protections schemes: Printing directly to frames without a CGI
by Fravia+, 30 May 1999
(on the new "hyperprotections" javascript page)



redhomepage redlinks redsearch engines red+ORC redstudents' essays redacademy database
redtools redcocktails redbots wars redanonimity academy redantismut CGI-scripts
redcounter measures redmail_Fravia
redIs reverse engineering legal?

red(c) Fravia 1995, 1996, 1997, 1998, 1999. All rights reserved

Posted via email from Whistleblower

No comments:

Post a Comment