On Thursday 08 November 2007 17:11, Inventor wrote:
>
> On Nov 8, 1:57 pm, [EMAIL PROTECTED] (Yitzle) wrote:
> >
> > Is there a website with anything released?
>
> Great, thanks for asking, I have just completed Mission 2 and updated
> the web site accordingly. You will find the Missions trivially easy
> since you are very good at Perl, but it should be fun anyway. It
> took my program about four or five hours to find the Mission 2
> password, maybe yours will be faster? Anyway, the web page is:
>
> http://www.freedomodds.com/hstechspy/
Well, let's have a look at some code. :-)
>From your Mission_1 rot13_decoder.pl file:
> #!/usr/bin/env perl
> # -*- Cperl -*-
> #
> # Copyright 2007 Les hall
> # decoder for rot13
> #
>
#-----------------------------------------------------------------------
> # Copyright (C) 2000 Julian Fondren
> #-- A simple program demonstrating the use of Crypt::Rot13
Except for your copyright notice this file is a verbatim copy of the
rot13.perl file from the Crypt::Rot13 module so you can't just copy
someone else's file and slap your own copyright notice on it. Mr.
Fondren could sue your butt off for doing this!
So let's have a look at some code that you wrote.
>From Mission_2_guard.pl:
> #!/usr/bin/env perl
Are you using env because the module author used it? Do you not know
where your perl executable is located?
> # Copyright 2007 Les hall
> # Mission 2 guardian program
> # This program is protected by the GNU General Public License
Which version of the GPL?
> use strict;
And don't forget:
use warnings;
> use lib 'blib/lib';
> use Crypt::Rot13;
The blib/lib directory is only valid inside the Crypt-Rot13 directory
for testing and installation. If the module has been installed
properly (by root) it will be available in one of the default paths in
@INC.
> my $crypt = new Crypt::Rot13;
> my @code = qw(a b c d e f g h i j);
> my $i = 0;
> my $approved = 0;
> foreach (@ARGV) {
> chomp ();
Unless the user trys *really* hard there is very little chance that
there will be newlines in any element of @ARGV.
> $crypt->charge ($_);
> my @s1 = $crypt->rot13 ($#code);
Is that your attempt at obfuscating the number 9? How about binary:
0b01001? Or using an obsure variable: $= - 51?
> if ($i == 0) {
> if (@s1[0] eq "QBCnlq57Byh") {
If you had warnings enabled perl would have warned you about using an
array slice where you should be using a scalar.
> $approved = 1;
> } else {
> $approved = 0;
> }
> } else {
> if (($approved == 1) & (@s1[0] eq "nhnbyh")) {
And again as above.
> print "good password\n";
> } else {
> print "bad password\n";
> }
> }
> $i++;
> if ($i == 2) {
> last;
If you are only accessing $ARGV[0] and $ARGV[1] why not just access
them directly instead of using a loop?
> }
> }
>From the README_4.txt file:
> HS Tech Spy
> Copyright 2007 Les Hall
> README_3.txt file
The name on the outside says README_4.txt.
> Mission 4: MD5 Encryption
> Your mission will be to write an MD5 encryption program that unlocks
> a password file. One of your fellow agents was able to infiltrate
> the work force of a sinister anti-government society by posing as a
> computer systems operator. She was able to obtain the secret password
> file and found that it is protected by the MD5 encryption algorithm.
> To complete the mission, you must decrypt the passwords in the file.
The MD5 digest is a one-way hash so there is no way you can "decrypt"
it, just like you can't turn an omelet back into eggs or hamburger back
into a cow.
Examples of algorithms that can encrypt *and* decrypt are DES,
Blowfish, Rijndael and RC6.
John
--
use Perl;
program
fulfillment
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/
