Return to Unfiction unforum
 a.r.g.b.b 
FAQ FAQ   Search Search 
 
Welcome!
New users, PLEASE read these forum guidelines. New posters, SEARCH before posting and read these rules before posting your killer new campaign. New players may also wish to peruse the ARG Player Tutorial.

All users must abide by the Terms of Service.
Website Restoration Project
This archiving project is a collaboration between Unfiction and Sean Stacey (SpaceBass), Brian Enigma (BrianEnigma), and Laura E. Hall (lehall) with
the Center for Immersive Arts.
Announcements
This is a static snapshot of the
Unfiction forums, as of
July 23, 2017.
This site is intended as an archive to chronicle the history of Alternate Reality Games.
  

The time now is Sun Nov 24, 2024 3:06 pm
All times are UTC - 4 (DST in action)		 View posts in this forum since last visit
View unanswered posts in this forum
Calendar
 Forum index » Archive » Archive: Perplex City » PXC: General/Updates
[NEW SITE] www.hesh-intranet.com Internal Files
View previous topicView next topic
Page 12 of 20 [287 Posts]   Goto page: Previous 1, 2, 3, ..., 10, 11, 12, 13, 14, ..., 18, 19, 20  Next
Author Message
judderman
Boot


Joined: 06 Jun 2005
Posts: 30

 		Not exactly what I was getting at Al - more a targetted brute force. I see people posting lists of things they have tried, and there tend to be recurring themes (eg hesh, heshrecords, hesh_records, viard, viard_cd etc).

If a list had been compiled, it would be a potentially trivial matter to chuck this at any new password - and probably discount them as being useless. Could save a lot of headbanging & frustration.

However, after a night's sleep, I may have a mechanism that would stop this approach working. I'm not familiar with PHP tech, but if I get a spare hour or so I'll have a little play.

Regards, Stew

PostPosted: Thu Jan 26, 2006 4:31 am
 View user's profile MSN Messenger
 Back to top 
noodrez
Boot

Joined: 22 Jan 2006
Posts: 30

 		A look at the source code shows that the password form isn't php, its Flash, so not sure how much a php attack/workaround will work. Your welcome to try anything though Smile

PostPosted: Thu Jan 26, 2006 4:35 am
 View user's profile
 Back to top 
judderman
Boot


Joined: 06 Jun 2005
Posts: 30

 		Ah, but the Flash sends the text entered in the box to the aforementioned PHPs & deals with the reply to decide whether you get access/see the file or show the failure message.

PostPosted: Thu Jan 26, 2006 5:12 am
 View user's profile MSN Messenger
 Back to top 
Al Green
Boot

Joined: 17 Jan 2006
Posts: 29

 		New article on the path of least time. There's not really anything we haven't already figured out, but the following statement is in the text.

The Path of Least Time wrote:
I haven't been able to get into their internal filesystem, where I might be able to find some hard evidence implicating whoever made the hidden message; the encryption is tricky, so we'll have to work out the password through the old social engineering route. I don't have a lot of time to work on this because, well, I have a job at the Academy, so you guys will have to do this for me.


A pointer that it's definitly not a brute force puzzle. I do wonder whether any password would work until we figure it out - make sure that a brute force wouldn't work.

As we are supposed to use social engineering I guess that only something really obvious would cause problems. (I imagine that people will initially assume more joke posts - cover their embarassment of getting things wrong!) As the posts are moderated, I guess MC will strip out any stupid ones that would really give the game away.

Text of post in this discussion: http://forums.unfiction.com/forums/viewtopic.php?t=13907

PostPosted: Thu Jan 26, 2006 5:56 am
 View user's profile
 Back to top 
Guin
Unfettered


Joined: 11 Jan 2006
Posts: 400
Location: Antartica

 		Have posted to Kevin under Sanjay and in Daemons memorabilia for sale thread asking if he has a fave player.
_________________
So long and thanks for all the fish! Trout

PostPosted: Thu Jan 26, 2006 8:53 am
 View user's profile Visit poster's website AIM Address Yahoo Messenger MSN Messenger
 Back to top 
Al Green
Boot

Joined: 17 Jan 2006
Posts: 29

 		Thinking outside the box, I've noticed that the senitel 'views from earth' articles often get replies in the letters page. Maybe if we wrote an article about sports teams we may get some info that way.

What do people think about this?

PostPosted: Thu Jan 26, 2006 9:14 am
 View user's profile
 Back to top 
maevey
Veteran

Joined: 21 Dec 2005
Posts: 106

 		More updates:

On Viard CD:

Quote:
Anastasia Hotaling
24th Jan 269 / 17:47

Does anyone know how the CD is selling on Earth?

Has there been any evidence of Viard's experiment being a success or a failure?

Bobby Giacomo
25th Jan 269 / 14:49

Everyone knows I hate using the lost and found, you never find anything there and I dont wanna be responsible for losing this person's stuff...


On Wedding plans:

Quote:
Heather Mou
25th Jan 269 / 15:49

That sounds lovely, I agree that its always nice for people to get to know each other outside of work. We girls need to stick toget her Wink

I'm not much for finding my way around the city, so have you got any suggestions on where to go? Maybe you could drop a couple of pointers on a map for me too, to save me getting lost!

You could probably try sending it to my office account, its probably working by now. Failing that post a link up here and I'll work the rest out.

H

On sound engineers:

Quote:
Bridget Lilja
24th Jan 269 / 22:37

Company Resources? Oh, I didn't mean here. I know a place we can record for cheap. Just wondered if anyone knew any sound engineers who'd like to make some money in their spare time?

Heather Mou
25th Jan 269 / 17:11

That must have been before my time. Anyone care to fill me in. Don't fancy getting into any trouble myself. Or is it the sort of thing that no-one mentions? :s


Daemon's swag:
Quote:
Charlie Specht
24th Jan 269 / 18:58

Alright, alright. Don't take things so seriously next time! I mean, what are you going to do, lock me out? Now that wouldn't be very nice!



Sanjay Chandler
26th Jan 269 / 12:38

Who's your favourite player Kevin?


PostPosted: Thu Jan 26, 2006 10:25 am
 View user's profile
 Back to top 
GasparLewis
Unfettered


Joined: 19 Nov 2005
Posts: 474
Location: vicinty of NYC

 		Charlie in "Daemons Swag" would be me; sadly, the second half of the plan didn't quite work its way through, so now I'm left with Charlie just getting defensive.

But, yay, I gots a post on the interweb! Very Happy

Otherwise, I guess we still have some social engineering to do, no? Confused

PostPosted: Thu Jan 26, 2006 12:15 pm
 View user's profile AIM Address
 Back to top 
Juxta
Unfettered

Joined: 28 Aug 2005
Posts: 675
Al Green wrote:
A pointer that it's definitly not a brute force puzzle.


Ahem...META WARNING

Spoiler (Rollover to View):
That isn't a pointer. That's a ten foot tall neon sign, flashing hot pink saying "Sod off with the brute force discussion and do it the *proper* way". Brute forcing ANYthing should always be considered a "bad thing", unless the PM's give you serious pointers that you should - not the other way around, which is where we've reached on this one.


We now return you to your previous broadcast...

J
_________________
zzzshusoharuxpfrp

PostPosted: Thu Jan 26, 2006 12:35 pm
 View user's profile MSN Messenger
 Back to top 
GuyP
Unfettered


Joined: 15 Sep 2004
Posts: 584
Location: London, UK

 		Yes, but in fairness, that's not really what judderman was suggesting - more that you could push a *select* set of words at the PHP script to try out a bunch of combinations relatively quickly.

Real brute force, such as a dictionary attack, is inelegant and takes the fun out of things, but also puts a massive strain on the server. Trying out a selection of likely keywords isn't quite so heinous.

That said, I'd agree Kurt's post indicates this isn't going to work. Also, if you can get so far as compiling a list of possible passwords, why not just enter them directly into the password box and save yourself the trouble of messing with PHP?

PostPosted: Thu Jan 26, 2006 1:06 pm
 View user's profile Visit poster's website AIM Address MSN Messenger
 Back to top 
travelling performer?
Veteran

Joined: 01 Jan 2006
Posts: 77

 		I've got an idea, but i haven't tried it yet....
Spoiler (Rollover to View):


Stephanie Mou
12th Jan 269 / 08:53

You know mkting hosts poker up on the 7th every Thurs, right?


They play poker. We need social engineering. Perhaps we aren't supposed to do the engineering. I know shes busy-ish but maybe Violet could help?

I think either poker or pyramid meetings could be essential to this. She could just show up and get herself invited to play.

Good idea? Bad idea?

PostPosted: Thu Jan 26, 2006 1:19 pm
 View user's profile
 Back to top 
Juxta
Unfettered

Joined: 28 Aug 2005
Posts: 675

 		Sorry, again, META...(if the discussion continues from here on out, can we just lift the relevant posts and plonk them over in the Meta forum?)

Spoiler (Rollover to View):
Guy - I wasn't intending that to be a dig at Judderman's suggestion alone - as you say, it wasn't a "true" brute force that he was suggesting. It's simply that, as we've had in the past, any time there is a password or website based puzzle of this nature, we get a whole butt-load of java, php, teletubby-on-toast, etc experts who come out and start having a dick-waving contest about who could hack this or decompile that or...er...toast the other.

This isn't just on the boards, it's also in the chat too and really I was just re-iterating what most of us know to be the case already. The fact that Kurt posted it too just points it out clearly, that unless we get told otherwise, the PM's are utilising the technology to tell us a story, not for us to test our teletubby-fricasee recipes. No offense intended to anyone, least of all those who do posess skills in these technical areas - I just think it's important in order to keep the suspension of disbelief intact. It's akin to picking up a book and flicking to the last page to find out the ending - sure you *can* do it, because you are able to physically manipulate the medium, turn the pages and read the text - but it's not what you should do. Smile


J
_________________
zzzshusoharuxpfrp

PostPosted: Thu Jan 26, 2006 1:44 pm
 View user's profile MSN Messenger
 Back to top 
noodrez
Boot

Joined: 22 Jan 2006
Posts: 30

 		hmm... thats an idea... the next question is how can we get violet into the building? its meant to be a staff poker night and violet isnt staff Sad

PostPosted: Thu Jan 26, 2006 1:44 pm
 View user's profile
 Back to top 
travelling performer?
Veteran

Joined: 01 Jan 2006
Posts: 77
noodrez wrote:
hmm... thats an idea... the next question is how can we get violet into the building? its meant to be a staff poker night and violet isnt staff Sad


Yeah but the building they play these game nights in is just a local venue. All she'd have to do is play well, chat up the men and get herself an invite. IMO sending violet to a poker night could work. The worse that could happen is she wastes a night watching other people play.

Kurt said he couldnt do the social engineering, but he didnt say we had to. When i posted on their forum about arranging a get together i got the response "what arent poker nights enough?" or something. I think its a hint personally.

PostPosted: Thu Jan 26, 2006 1:47 pm
 View user's profile
 Back to top 
Guin
Unfettered


Joined: 11 Jan 2006
Posts: 400
Location: Antartica

 		Well what ever we are going to do we need to do it by tomorrow as Kevin and Brigdit are having a meeting

Quote:
Brigdit Lilja


26th Jan 269 / 17:09

Well, I see what Kevin has been talking about. Word to the wise: if you're planning on doing some impersonation, you could at least spell my name right.


Quote:
Kevin Allbright


26th Jan 269 / 17:07

OK, this is just getting out of hand. I'm going to have a meeting with Bridgit about this on Friday morning.


I suppose one thing to take from this is that this could indicate that the futres do have some significance as suggested under other threads (which I cant find at the monent sorry) llok at this weeks dragon

Quote:
The Dragon (August 11 - September 10)
Friday afternoon you'll finally find that file you spent all last week looking for, and practically right under your nose. Too bad it's too late now, huh? Better luck next time, sweet pea.


So they have a meeting tomorrow am and tomorrow pm we get locked out.

So its Thusday night and its poker night this gives us an opportunity if Violet goes along and then we need to get in tomorrow morning.

Have we asked Violet?
_________________
So long and thanks for all the fish! Trout

PostPosted: Thu Jan 26, 2006 2:28 pm
 View user's profile Visit poster's website AIM Address Yahoo Messenger MSN Messenger
 Back to top 
Display posts from previous:   Sort by:   
Page 12 of 20 [287 Posts]   Goto page: Previous 1, 2, 3, ..., 10, 11, 12, 13, 14, ..., 18, 19, 20  Next
View previous topicView next topic
 Forum index » Archive » Archive: Perplex City » PXC: General/Updates
Jump to:  


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
You cannot post calendar events in this forum



Powered by phpBB © 2001, 2005 phpBB Group