{"id":400,"date":"2013-04-28T13:11:44","date_gmt":"2013-04-28T20:11:44","guid":{"rendered":"http:\/\/seanmurphree.com\/blog\/?p=400"},"modified":"2013-04-28T15:02:24","modified_gmt":"2013-04-28T22:02:24","slug":"damo-brute-the-pin","status":"publish","type":"post","link":"https:\/\/seanmurphree.com\/blog\/?p=400","title":{"rendered":"Damo Brute the PIN"},"content":{"rendered":"<p><a href=\"http:\/\/damo.clanteam.com\/pin\/\">Page<\/a> takes a &#8220;pin&#8221; and sees if it matches what&#8217;s expected via hash functions, if so, we can add our name to Hall of Fame.<\/p>\n<p>Page does checking in javascript, so let&#8217;s take advantage. \u00a0Copy top of page, and wrap in a brute force function, to check through all values. \u00a0Put new code in new, local, .html file and brute force the PIN.<\/p>\n<p>Brute force function:<\/p>\n<p>function brute() {<br \/>\nvar str;<br \/>\nfor(var i = 1000000; i &lt; 10000000; i++) {<br \/>\nstr=i.toString();<br \/>\n\/\/alert(&#8216;converted&#8217;+str.length);<br \/>\nverifypin(str);<br \/>\n}<br \/>\nalert(&#8216;Reached the end ;c&#8217;);<br \/>\n}<\/p>\n<p>Put brute() on an onLoad for a new page, and load that page. \u00a0About 3\/4 of the way through, we get our answer and we have brute forced the PIN by barely writing any new code. \u00a0YAY!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Page takes a &#8220;pin&#8221; and sees if it matches what&#8217;s expected via hash functions, if so, we can add our name to Hall of Fame. Page does checking in javascript, so let&#8217;s take advantage. \u00a0Copy top of page, and wrap &hellip; <a href=\"https:\/\/seanmurphree.com\/blog\/?p=400\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/seanmurphree.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/400"}],"collection":[{"href":"https:\/\/seanmurphree.com\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/seanmurphree.com\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/seanmurphree.com\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/seanmurphree.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=400"}],"version-history":[{"count":6,"href":"https:\/\/seanmurphree.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/400\/revisions"}],"predecessor-version":[{"id":405,"href":"https:\/\/seanmurphree.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/400\/revisions\/405"}],"wp:attachment":[{"href":"https:\/\/seanmurphree.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=400"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/seanmurphree.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=400"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/seanmurphree.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=400"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}