Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- LexiconLast Wednesday at 6:22 PM
- function(context, args)
- {
- var caller = context.caller;
- var l = #fs.scripts.lib();
- var obj = {
- counter: 0,
- get string() {
- var o = #db.f({SID:"testThing"}).array()[0];
- l.log("counter");
- o.counter++;
- #db.u({id:o.id}, {$set:{"counter": o.counter}});
- if(o.counter == 1)
- {
- var x = {
- length: 128,
- };
- return x;
- }
- else if (o.counter > 1){
- return null;
- l.log("counter++");
- }
- return "c".repeat(129);
- }
- }
- #db.i({SID:"testThing", counter: 0});
- #fs.stack.box({password: obj.string});
- #db.r({})
- return l.get_log();
- }
- (edited)
- SprocketLast Wednesday at 6:23 PM
- ...
- w
- LexiconLast Wednesday at 6:23 PM
- lol
- SprocketLast Wednesday at 6:23 PM
- oh
- i kind of get it
- LexiconLast Wednesday at 6:23 PM
- ye
- am i overcomplicating the counter lol
- i couldn't figure out a way to make it persist state in calls besides using db
- probably also overcomplicating that too
- SprocketLast Wednesday at 6:24 PM
- psst use #D or an array u push to instead of scripts.lib.log
- LexiconLast Wednesday at 6:24 PM
- ?
- store that in db instead of scripts.log?
- ohhh
- i see
- SprocketLast Wednesday at 6:30 PM
- also
- when you pass obj.string as the password
- you're triggering the getter
- and you actually pass whatever your getter returns(edited)
- LexiconLast Wednesday at 6:31 PM
- oh
- well
- fuck
- SprocketLast Wednesday at 6:31 PM
- can't reference getters m8
- have to pass the whole object
- LexiconLast Wednesday at 6:31 PM
- but then how do i know which property gets referenced was my issue
- SprocketLast Wednesday at 6:31 PM
- well
- the one the script fucking asks you for
- :P
- LexiconLast Wednesday at 6:32 PM
- oh
- derp
- i get it now
- there we go that should get me going
- SprocketLast Wednesday at 6:32 PM
- yes
- now you're sort of barking up the right tree
- i hope
- LexiconLast Wednesday at 6:33 PM
- hope so lol
- i'm getting more useful output now so that makes sense
- SprocketLast Wednesday at 6:35 PM
- yes
- LexiconLast Wednesday at 6:35 PM
- ah ha
- i got it
- SprocketLast Wednesday at 6:35 PM
- what'd you get
- lemme see
- LexiconLast Wednesday at 6:36 PM
- okay i haven't cracked it yet but i'm more certain i'm on the right path
- SprocketLast Wednesday at 6:36 PM
- :eyes: output
- :P
- LexiconLast Wednesday at 6:36 PM
- 'cannot read property '0' of null'
- SprocketLast Wednesday at 6:37 PM
- hehe
- you got one of the two clues
- LexiconLast Wednesday at 6:37 PM
- yeah i get where this is going
- i think
- SprocketLast Wednesday at 8:40 PM
- u solve it yet?
- LexiconLast Wednesday at 8:40 PM
- working on automation
- almost got the code finished, gonna run in like < 5 min
- SprocketLast Wednesday at 8:41 PM
- heh
- cool
- you figured it out then
- LexiconLast Wednesday at 8:41 PM
- yeah
- SprocketLast Wednesday at 8:41 PM
- interested to see your solve
- LexiconLast Wednesday at 8:41 PM
- its gonna be messy
- will show u when i'm sure it actually works
- SprocketLast Wednesday at 8:41 PM
- mine is worse
- manual
- :P
- LexiconLast Wednesday at 8:42 PM
- oof why
- that just sounds painful
- SprocketLast Wednesday at 8:42 PM
- 'cause i'm lazy
- its only 128 chars
- not that bad really
- LexiconLast Wednesday at 8:42 PM
- fair
- SprocketLast Wednesday at 8:42 PM
- couple minutes
- LexiconLast Wednesday at 9:13 PM
- slightly messy solution:
- SprocketLast Wednesday at 9:14 PM
- ?
- LexiconLast Wednesday at 9:14 PM
- huh clyde didn't deliver my message
- weird
- SprocketLast Wednesday at 9:14 PM
- hastebin it
- LexiconLast Wednesday at 9:14 PM
- oh yeah code is too long
- ye
- SprocketLast Wednesday at 9:15 PM
- fatal error with authentication >:(
- LexiconLast Wednesday at 9:15 PM
- ?
- SprocketLast Wednesday at 9:15 PM
- hackmud
- being dum
- LexiconLast Wednesday at 9:15 PM
- it happens sometimes dude
- SprocketLast Wednesday at 9:16 PM
- yes
- anwyay
- hastebin
- LexiconLast Wednesday at 9:16 PM
- https://hastebin.com/ubogabehon.php
- there u go
- SprocketLast Wednesday at 9:17 PM
- suddenly 2 indends for one block
- the hecc
- LexiconLast Wednesday at 9:17 PM
- is messy
- sorry
- SprocketLast Wednesday at 9:17 PM
- using SID instead of _id >:(
- LexiconLast Wednesday at 9:18 PM
- shush it works
- SprocketLast Wednesday at 9:18 PM
- using the database at all for this >:(
- LexiconLast Wednesday at 9:18 PM
- easy way for persistence
- SprocketLast Wednesday at 9:18 PM
- also you can shorten the character search space because the password is most definitely hex
- a-f 0-9
- LexiconLast Wednesday at 9:18 PM
- oh true
- that'd probably make it faster
- SprocketLast Wednesday at 9:18 PM
- i just did full ascii range because i didn't kow that at first
- LexiconLast Wednesday at 9:19 PM
- lemme change that and see how fast it go
- but hey it works
- SprocketLast Wednesday at 9:19 PM
- cool
- you have to do the last char manually
- btw
- LexiconLast Wednesday at 9:19 PM
- ? why that
- oh yeah
- SprocketLast Wednesday at 9:19 PM
- yes
- so... account for that
- :P
- LexiconLast Wednesday at 9:20 PM
- yeah yeah okay
- SprocketLast Wednesday at 9:20 PM
- and then you'll be on the next part with me
- which i have some ideas for
- LexiconLast Wednesday at 9:20 PM
- gimme a couple min to implement fixes and w/e
- SprocketLast Wednesday at 9:20 PM
- yeah, i gotta sleep anyway
- can work more tomorrow
- LexiconLast Wednesday at 9:20 PM
- will talk to u tmrw then
- August 30, 2018
- LexiconYesterday at 11:17 AM
- Well throwing the obvious at it doesn't give anything that I can find, I'll prod more when I get up
- SprocketYesterday at 4:01 PM
- i have a couple ideas
- if they work i will be very happy
- yay
- it does work
- hrm
- not sure what to do from here
- LexiconYesterday at 4:08 PM
- Well the obvious guess (for me) was to try some kind of debugging with normal user stymie134 as username and password as itself but it's obviously coded better than the previous
- SprocketYesterday at 4:08 PM
- ok
- so
- you can crack the password
- with one of the greatest mongodb tricks for poorly sanatized input
- ever
- LexiconYesterday at 4:09 PM
- Hrm
- Will look then
- SprocketYesterday at 4:09 PM
- :P
- tho i
- am 99% sure
- the user panel
- can't do much
- LexiconYesterday at 4:09 PM
- it's not the same password for user panel and admin? damn
- SprocketYesterday at 4:09 PM
- 'cause the other usernames you find under the admin guys stuff don't work
- LexiconYesterday at 4:10 PM
- gotcha
- oh that was easy
- SprocketYesterday at 4:17 PM
- yea
- >:( ok
- LexiconYesterday at 4:17 PM
- "welcome, [Object object]" lmao
- SprocketYesterday at 4:17 PM
- wait what
- what'd you do
- LexiconYesterday at 4:17 PM
- you can do it like uhhh
- username: {"$ne": null},
- password: {"$ne": null}
- SprocketYesterday at 4:18 PM
- oh
- LexiconYesterday at 4:18 PM
- or you can specify user
- SprocketYesterday at 4:18 PM
- lmao
- LexiconYesterday at 4:18 PM
- yeah
- SprocketYesterday at 4:18 PM
- thats not how i did it
- LexiconYesterday at 4:18 PM
- how did you do it?
- SprocketYesterday at 4:18 PM
- {"$exists":true} is a thing
- LexiconYesterday at 4:18 PM
- LMAO
- that's beautiful
- SprocketYesterday at 4:29 PM
- ahaha
- i figured it out
- LexiconYesterday at 4:30 PM
- im working on it still, i think i might be on the right track but not sure
- ah ha
- SprocketYesterday at 4:40 PM
- wotcha doin
- LexiconYesterday at 4:40 PM
- working on extracting the password but i figured out the method to it
- SprocketYesterday at 4:40 PM
- whats the method
- LexiconYesterday at 4:40 PM
- $regex
- lmao
- SprocketYesterday at 4:40 PM
- yep
- you probably got it faster than i did
- i have 2 chars
- LexiconYesterday at 4:40 PM
- now all i gotta do is automate that
- or i could do it manually
- SprocketYesterday at 4:40 PM
- how many do you have
- LexiconYesterday at 4:40 PM
- that's probably faster
- hang on
- none so far but it won't take too long
- SprocketYesterday at 4:41 PM
- 3 chars now
- 4
- LexiconYesterday at 4:42 PM
- yeah you'r egonna beat me here
- SprocketYesterday at 4:42 PM
- also its only 10 chars total on my solve
- LexiconYesterday at 4:42 PM
- i don't actually hav ethe loop coded yet
- same here
- SprocketYesterday at 4:46 PM
- 7
- LexiconYesterday at 4:48 PM
- done
- SprocketYesterday at 4:48 PM
- wew
- noice
- LexiconYesterday at 4:48 PM
- it's an
- odd
- string
- SprocketYesterday at 4:49 PM
- what is it?
- LexiconYesterday at 4:50 PM
- 97999f29af
- :smile:
- SprocketYesterday at 4:51 PM
- heh
- randomly generated
- 99% sure is slice of hash
- LexiconYesterday at 4:52 PM
- prolly
- are you uh
- robot?(edited)
- SprocketYesterday at 4:52 PM
- yes
- LexiconYesterday at 4:52 PM
- figured(edited)
- now gib hint on heart :stuck_out_tongue:
- jkjk
- don't want disqualification(edited)
- SprocketYesterday at 4:59 PM
- if you guys are still on p2s2
- i can honestly say i remember basically nothing about how that one works
- LexiconYesterday at 5:00 PM
- i'll go back to pokin it lol
- SprocketYesterday at 5:00 PM
- other than the solution string is all uppercase letters, although i think case doesn't matter
- LexiconYesterday at 5:00 PM
- prolly doesnt
- just feelsbadman that we're stuck on the easy step of it
- SprocketYesterday at 5:00 PM
- there is an image that has colored stripes
- and then you get letters from it
- LexiconYesterday at 5:01 PM
- woah really
- SprocketYesterday at 5:01 PM
- i wasn't really paying attention when my group solved it
- p2s3 on the other hand
- LexiconYesterday at 5:01 PM
- yeah alic banned you for a reason
- SprocketYesterday at 5:01 PM
- yep
- asides from p2s2 i remember all the solutions
- LexiconYesterday at 5:02 PM
- gotcha
- well will let u know if we make progress
- SprocketYesterday at 5:02 PM
- dammit discord
- LexiconYesterday at 5:02 PM
- oof
- SprocketYesterday at 5:02 PM
- fuck
- LexiconYesterday at 5:02 PM
- l m a ooooooooo
- SprocketYesterday at 5:02 PM
- shush
- you didn't see anything
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement