Untitled

LexiconLast Wednesday at 6:22 PM
function(context, args)
{
    var caller = context.caller;
    var l = #fs.scripts.lib();

    var obj = {
        counter: 0,
        get string() {
                var o = #db.f({SID:"testThing"}).array()[0];
                l.log("counter");
                o.counter++;
                #db.u({id:o.id}, {$set:{"counter": o.counter}});
                if(o.counter == 1)
                {
                    var x =  {
                        length: 128,
                    };
                    return x;
                }
                else if (o.counter > 1){
                    return null;
                    l.log("counter++");
                }
                return "c".repeat(129);
        }
    }
        #db.i({SID:"testThing", counter: 0});
        #fs.stack.box({password: obj.string});
        #db.r({})
    return l.get_log();

}
(edited)
SprocketLast Wednesday at 6:23 PM
...
w
LexiconLast Wednesday at 6:23 PM
lol
SprocketLast Wednesday at 6:23 PM
oh
i kind of get it
LexiconLast Wednesday at 6:23 PM
ye
am i overcomplicating the counter lol
i couldn't figure out a way to make it persist state in calls besides using db
probably also overcomplicating that too
SprocketLast Wednesday at 6:24 PM
psst use #D or an array u push to instead of scripts.lib.log
LexiconLast Wednesday at 6:24 PM
?
store that in db instead of scripts.log?
ohhh
i see
SprocketLast Wednesday at 6:30 PM
also
when you pass obj.string as the password
you're triggering the getter
and you actually pass whatever your getter returns(edited)
LexiconLast Wednesday at 6:31 PM
oh
well
fuck
SprocketLast Wednesday at 6:31 PM
can't reference getters m8
have to pass the whole object
LexiconLast Wednesday at 6:31 PM
but then how do i know which property gets referenced was my issue
SprocketLast Wednesday at 6:31 PM
well
the one the script fucking asks you for
:P
LexiconLast Wednesday at 6:32 PM
oh
derp
i get it now
there we go that should get me going
SprocketLast Wednesday at 6:32 PM
yes
now you're sort of barking up the right tree
i hope
LexiconLast Wednesday at 6:33 PM
hope so lol
i'm getting more useful output now so that makes sense
SprocketLast Wednesday at 6:35 PM
yes
LexiconLast Wednesday at 6:35 PM
ah ha
i got it
SprocketLast Wednesday at 6:35 PM
what'd you get
lemme see
LexiconLast Wednesday at 6:36 PM
okay i haven't cracked it yet but i'm more certain i'm on the right path
SprocketLast Wednesday at 6:36 PM
:eyes: output
:P
LexiconLast Wednesday at 6:36 PM
'cannot read property '0' of null'
SprocketLast Wednesday at 6:37 PM
hehe
you got one of the two clues
LexiconLast Wednesday at 6:37 PM
yeah i get where this is going
i think
SprocketLast Wednesday at 8:40 PM
u solve it yet?
LexiconLast Wednesday at 8:40 PM
working on automation
almost got the code finished, gonna run in like < 5 min
SprocketLast Wednesday at 8:41 PM
heh
cool
you figured it out then
LexiconLast Wednesday at 8:41 PM
yeah
SprocketLast Wednesday at 8:41 PM
interested to see your solve
LexiconLast Wednesday at 8:41 PM
its gonna be messy
will show u when i'm sure it actually works
SprocketLast Wednesday at 8:41 PM
mine is worse
manual
:P
LexiconLast Wednesday at 8:42 PM
oof why
that just sounds painful
SprocketLast Wednesday at 8:42 PM
'cause i'm lazy
its only 128 chars
not that bad really
LexiconLast Wednesday at 8:42 PM
fair
SprocketLast Wednesday at 8:42 PM
couple minutes
LexiconLast Wednesday at 9:13 PM
slightly messy solution:
SprocketLast Wednesday at 9:14 PM
?
LexiconLast Wednesday at 9:14 PM
huh clyde didn't deliver my message
weird
SprocketLast Wednesday at 9:14 PM
hastebin it
LexiconLast Wednesday at 9:14 PM
oh yeah code is too long
ye
SprocketLast Wednesday at 9:15 PM
fatal error with authentication >:(
LexiconLast Wednesday at 9:15 PM
?
SprocketLast Wednesday at 9:15 PM
hackmud
being dum
LexiconLast Wednesday at 9:15 PM
it happens sometimes dude
SprocketLast Wednesday at 9:16 PM
yes
anwyay
hastebin
LexiconLast Wednesday at 9:16 PM
https://hastebin.com/ubogabehon.php
there u go
SprocketLast Wednesday at 9:17 PM
suddenly 2 indends for one block
the hecc
LexiconLast Wednesday at 9:17 PM
is messy
sorry
SprocketLast Wednesday at 9:17 PM
using SID instead of _id >:(
LexiconLast Wednesday at 9:18 PM
shush it works
SprocketLast Wednesday at 9:18 PM
using the database at all for this >:(
LexiconLast Wednesday at 9:18 PM
easy way for persistence
SprocketLast Wednesday at 9:18 PM
also you can shorten the character search space because the password is most definitely hex
a-f 0-9
LexiconLast Wednesday at 9:18 PM
oh true
that'd probably make it faster
SprocketLast Wednesday at 9:18 PM
i just did full ascii range because i didn't kow that at first
LexiconLast Wednesday at 9:19 PM
lemme change that and see how fast it go
but hey it works
SprocketLast Wednesday at 9:19 PM
cool
you have to do the last char manually
btw
LexiconLast Wednesday at 9:19 PM
? why that
oh yeah
SprocketLast Wednesday at 9:19 PM
yes
so... account for that
:P
LexiconLast Wednesday at 9:20 PM
yeah yeah okay
SprocketLast Wednesday at 9:20 PM
and then you'll be on the next part with me
which i have some ideas for
LexiconLast Wednesday at 9:20 PM
gimme a couple min to implement fixes and w/e
SprocketLast Wednesday at 9:20 PM
yeah, i gotta sleep anyway
can work more tomorrow
LexiconLast Wednesday at 9:20 PM
will talk to u tmrw then
August 30, 2018
LexiconYesterday at 11:17 AM
Well throwing the obvious at it doesn't give anything that I can find, I'll prod more when I get up
SprocketYesterday at 4:01 PM
i have a couple ideas
if they work i will be very happy
yay
it does work
hrm
not sure what to do from here
LexiconYesterday at 4:08 PM
Well the obvious guess (for me) was to try some kind of debugging with normal user stymie134 as username and password as itself but it's obviously coded better than the previous
SprocketYesterday at 4:08 PM
ok
so
you can crack the password
with one of the greatest mongodb tricks for poorly sanatized input
ever
LexiconYesterday at 4:09 PM
Hrm
Will look then
SprocketYesterday at 4:09 PM
:P
tho i
am 99% sure
the user panel
can't do much
LexiconYesterday at 4:09 PM
it's not the same password for user panel and admin? damn
SprocketYesterday at 4:09 PM
'cause the other usernames you find under the admin guys stuff don't work
LexiconYesterday at 4:10 PM
gotcha
oh that was easy
SprocketYesterday at 4:17 PM
yea
>:( ok
LexiconYesterday at 4:17 PM
"welcome, [Object object]" lmao
SprocketYesterday at 4:17 PM
wait what
what'd you do
LexiconYesterday at 4:17 PM
you can do it like uhhh
username: {"$ne": null},
password: {"$ne": null}
SprocketYesterday at 4:18 PM
oh
LexiconYesterday at 4:18 PM
or you can specify user
SprocketYesterday at 4:18 PM
lmao
LexiconYesterday at 4:18 PM
yeah
SprocketYesterday at 4:18 PM
thats not how i did it
LexiconYesterday at 4:18 PM
how did you do it?
SprocketYesterday at 4:18 PM
{"$exists":true} is a thing
LexiconYesterday at 4:18 PM
LMAO
that's beautiful
SprocketYesterday at 4:29 PM
ahaha
i figured it out
LexiconYesterday at 4:30 PM
im working on it still, i think i might be on the right track but not sure
ah ha
SprocketYesterday at 4:40 PM
wotcha doin
LexiconYesterday at 4:40 PM
working on extracting the password but i figured out the method to it
SprocketYesterday at 4:40 PM
whats the method
LexiconYesterday at 4:40 PM
$regex
lmao
SprocketYesterday at 4:40 PM
yep
you probably got it faster than i did
i have 2 chars
LexiconYesterday at 4:40 PM
now all i gotta  do is automate that
or i could do it manually
SprocketYesterday at 4:40 PM
how many do you have
LexiconYesterday at 4:40 PM
that's probably faster
hang on
none so far but it won't take too long
SprocketYesterday at 4:41 PM
3 chars now
4
LexiconYesterday at 4:42 PM
yeah you'r egonna beat me here
SprocketYesterday at 4:42 PM
also its only 10 chars total on my solve
LexiconYesterday at 4:42 PM
i don't actually hav ethe loop coded yet
same here
SprocketYesterday at 4:46 PM
7
LexiconYesterday at 4:48 PM
done
SprocketYesterday at 4:48 PM
wew
noice
LexiconYesterday at 4:48 PM
it's an
odd
string
SprocketYesterday at 4:49 PM
what is it?
LexiconYesterday at 4:50 PM
97999f29af
:smile:
SprocketYesterday at 4:51 PM
heh
randomly generated
99% sure is slice of hash
LexiconYesterday at 4:52 PM
prolly
are you uh
robot?(edited)
SprocketYesterday at 4:52 PM
yes
LexiconYesterday at 4:52 PM
figured(edited)
now gib hint on heart :stuck_out_tongue:
jkjk
don't want disqualification(edited)
SprocketYesterday at 4:59 PM
if you guys are still on p2s2
i can honestly say i remember basically nothing about how that one works
LexiconYesterday at 5:00 PM
i'll go back to pokin it lol
SprocketYesterday at 5:00 PM
other than the solution string is all uppercase letters, although i think case doesn't matter
LexiconYesterday at 5:00 PM
prolly doesnt
just feelsbadman that we're stuck on the easy step of it
SprocketYesterday at 5:00 PM
there is an image that has colored stripes
and then you get letters from it
LexiconYesterday at 5:01 PM
woah really
SprocketYesterday at 5:01 PM
i wasn't really paying attention when my group solved it
p2s3 on the other hand
LexiconYesterday at 5:01 PM
yeah alic banned you for a reason
SprocketYesterday at 5:01 PM
yep
asides from p2s2 i remember all the solutions
LexiconYesterday at 5:02 PM
gotcha
well will let u know if we make progress
SprocketYesterday at 5:02 PM
dammit discord
LexiconYesterday at 5:02 PM
oof
SprocketYesterday at 5:02 PM
fuck
LexiconYesterday at 5:02 PM
l m a ooooooooo
SprocketYesterday at 5:02 PM
shush
you didn't see anything