Return to Unfiction unforum
 a.r.g.b.b 
FAQ FAQ   Search Search 
 
Welcome!
New users, PLEASE read these forum guidelines. New posters, SEARCH before posting and read these rules before posting your killer new campaign. New players may also wish to peruse the ARG Player Tutorial.

All users must abide by the Terms of Service.
Website Restoration Project
This archiving project is a collaboration between Unfiction and Sean Stacey (SpaceBass), Brian Enigma (BrianEnigma), and Laura E. Hall (lehall) with
the Center for Immersive Arts.
Announcements
This is a static snapshot of the
Unfiction forums, as of
July 23, 2017.
This site is intended as an archive to chronicle the history of Alternate Reality Games.
  

The time now is Thu Nov 21, 2024 7:09 am
All times are UTC - 4 (DST in action)		 View posts in this forum since last visit
View unanswered posts in this forum
Calendar
 Forum index » Archive » Archive: General » Low-Volume Games
[LOCKED] [RI][PREGAME] Email from The Composer (Renata Isle)
View previous topicView next topic
Page 10 of 17 [243 Posts]   Goto page: Previous 1, 2, 3, ..., 8, 9, 10, 11, 12, ..., 15, 16, 17  Next
Author Message
Metlagirl
Boot


Joined: 08 Apr 2005
Posts: 30
Location: England

 		5.jpg didn't need a password to be uncamoflaged, but the access code in the document hidden in the picture could be the pass. I don't know what the username is. I've tried every combination I can think of.

PostPosted: Mon Jan 23, 2006 5:05 pm
 View user's profile Visit poster's website AIM Address Yahoo Messenger
 ICQ Number 
 Back to top 
Ethernull
Boot

Joined: 23 Jan 2006
Posts: 47
Metlagirl wrote:
I got an IM from TheComposer I wasn't at the computer at the time and they signed off. I'll try and keep an eye on my PC more from now on.

ThComposer [13:04]: Hello Are you there?
ThComposer [13:04]: http://www.serversecurity.tk/
ThComposer [13:05]: I have to go
ThComposer [13:26]: composer_aSPLATyahoo.com

There's a login box on the website I haven't had a chance to look at it properly yet.

Edit: ANother IM I feel I rather screwed up this conversation. Not one pertinent question sprang to mind. I'll try and write down some questions if The Composer doesn't already think I'm completely incompetent.

ThComposer [15:34]: my email is private.
ThComposer [15:36]: if you help the ones who seek to free me, its only right i have contact with you too.
Mbrblog [15:36]: I'm here sorry I wasn't at my computer earlier
ThComposer [15:37]: my e-mail was a gift to you. you seem to have broken the second and you don't even realise.
Mbrblog [15:38]: I'm very new to this so you'll have to forgive me if I don't figure things out all that quickly.
ThComposer [15:38]: But you broke the second.
Mbrblog [15:38]: The second key?
ThComposer [15:38]: mhmm.
ThComposer [15:38]: the second is mine.
ThComposer [15:39]: although until you enter the first, i cannot access the lock.
ThComposer [15:39]: Table - Keers - Eye - Village - Thistle - Crow - Saevitia - Table - Rin9 - Eye - Village - Eye
Mbrblog [15:39]: Where is the first?
ThComposer [15:40]: I gave you the lock earlier. And that, is the key.
ThComposer [15:40]: But i hear something. adeus.
ThComposer signed off at 15:40

Edit: A third IM

ThComposer signed on at 15:55
Mbrblog [15:57]: Hello you sent me the address of a website earlier. Who does the site belong to?
ThComposer [15:57]: the noise seems to be a rat. They have gone to the village. The eyes, that is. Not the rat.
Mbrblog [15:57]: Whose eyes?
ThComposer [15:58]: I have more time than i've ever had. So i thought i would seek out to finally talk with one of you.
ThComposer [15:58]: YOU are the one who broke the second. Although you have just given me the key. The lock is still secure.
Mbrblog [15:59]: I broke the key, what did I pick up on, strange text in the pictures?
ThComposer [16:00]: the text? haha no. i added that myself, to aid you.
ThComposer [16:01]: it simply says that it seems to be the 2nd key, that it belongs to me but i don't know where or what it was. But it is surely Lisbon, Portugal. We shall see when the lock is unveiled.
Mbrblog [16:02]: Lisbon is the key I get what I found. Realisation can take a while to dawn on me. What is the incasion mentioned in the document hidden in one of the pictures?
Mbrblog [16:02]: *invasion
ThComposer [16:02]: invasion? i know of no such thing?
ThComposer [16:02]: pictures? the cache? you found something in the cache?
Mbrblog [16:03]: Camoflaged in picture 5 there was a document didn't you know?
ThComposer [16:03]: no.
ThComposer [16:04]: The cache doesnt belong to me.
Mbrblog [16:04]: The message says:

"We have the outsider. Do not worry. Those in the village who saw the incident have been restrained. We believe the other ran into the wilderness. He won't last long out there. Our invasion shall go ahead as planned.

We have trebled the power of the aura. This incident will not be repeated. Renata is secure.

Our new access code is D784. We trust in you."
ThComposer [16:04]: Evan......
Mbrblog [16:04]: Who's Evan?
ThComposer [16:05]: .... oh no...
Mbrblog [16:05]: Is he the "outsider" referred to in the text?
Mbrblog [16:05]: What is it?
ThComposer [16:06]: the cache is from their computer. I saw them access the third lock on that system. I saw the inside of this place. And i took the cache and sent it to you. It has nothing to do with me. But you must find Evan. At least i have food.
Mbrblog [16:06]: Who's computer system did you take it from?
ThComposer [16:07]: ... evan......
Mbrblog [16:07]: How can we find Evan?
ThComposer [16:07]: ..... we must hurry. we must break the locks. you must find this place.
Mbrblog [16:07]: What place? How can we help find Evan?
ThComposer [16:08]: the villagers can help evan surely. break the locks.
ThComposer [16:08]: adeus.
ThComposer signed off at 16:08

Okay Lisbon is evidently the second key which I found and completely didn't realise. I've no idea who Evan is but we have to break the locks to find him.

(Thank you to the kindly, patient PM who had to spell things out for me Laughing ).


Bold and Italics mine..

I think the lock that he gave you earlier is the security login site, and the key is

ThComposer [15:39]: Table - Keers - Eye - Village - Thistle - Crow - Saevitia - Table - Rin9 - Eye - Village - Eye

just my thoughts

PostPosted: Mon Jan 23, 2006 5:11 pm
 View user's profile
 Back to top 
Metlagirl
Boot


Joined: 08 Apr 2005
Posts: 30
Location: England

 		I hadn't thought of that, that's a good thought. I'd mostly been trying to rack my brains as to what the username and password for the login box are and I'm still not entirely sure what the Table, Eye, Village bit means. That said I'm not getting all that much time to think about it, I have annoying coursework to finish, and then I have to prevent my cat from eating it.

PostPosted: Mon Jan 23, 2006 5:31 pm
 View user's profile Visit poster's website AIM Address Yahoo Messenger
 ICQ Number 
 Back to top 
Ethernull
Boot

Joined: 23 Jan 2006
Posts: 47

 		ok, I cant figure out how to output the raw code, but I'll explain what I've done so you all can replicate on your end.

Upon viewing the sourcecode of the security login page, I found javascript encoded document.write commands, which means the entire security script is clientside, suggesting the username and password are as well?

so I copied the source, pasted into a new blank local .htm, and changed "document.write" to "alert"

viewed in IE

that showed me the security login script with place holder usernames and passwords, succesful login will forward us to <password>.htm

can someone find a way to output as postable text? My "alert" technique is not selectable text, try it and you'll see what I mean.

In the mean time, I'll dig out my javascript reference...

PostPosted: Mon Jan 23, 2006 5:36 pm
 View user's profile
 Back to top 
Ethernull
Boot

Joined: 23 Jan 2006
Posts: 47

 		Got it, for those interested, the source code of the security login script is:

Spoiler (Rollover to View):

//Encrypted Password script- By Rob Heslop //Script featured on Dynamic Drive //Visit http://www.dynamicdrive.com function submitentry(){ password = document.password1.password2.value.toLowerCase() username = document.password1.username2.value.toLowerCase() passcode = 1 usercode = 1 for(i = 0; i < password.length; i++) { passcode *= password.charCodeAt(i); } for(x = 0; x < username.length; x++) { usercode *= username.charCodeAt(x); } //CHANGE THE NUMBERS BELOW TO REFLECT YOUR USERNAME/PASSWORD if(usercode==1382357483760&&passcode==2.6570175905748832e+22) //CHANGE THE NUMBERS ABOVE TO REFLECT YOUR USERNAME/PASSWORD { window.location=password+".htm"} else{ alert("password/username combination wrong")} } Enter username: Enter password: Untitled /* Cross browser Marquee script- © Dynamic Drive (www.dynamicdrive.com) For full source code, 100's more DHTML scripts, and Terms Of Use, visit http://www.dynamicdrive.com Credit MUST stay intact */ //Specify the marquee's width (in pixels) var marqueewidth="300px" //Specify the marquee's height var marqueeheight="25px" //Specify the marquee's marquee speed (larger is faster 1-10) var marqueespeed=2 //configure background color: var marqueebgcolor="#DEFDD9" //Pause marquee onMousever (0=no. 1=yes)? var pauseit=1 //Specify the marquee's content (don't delete tag) //Keep all content on ONE line, and backslash any single quotations (ie: that\'s great): var marqueecontent='Immersion Security level one. Current Status : Secure.' ////NO NEED TO EDIT BELOW THIS LINE//////////// marqueespeed=(document.all)? marqueespeed : Math.max(1, marqueespeed-1) //slow speed down by 1 for NS var copyspeed=marqueespeed var pausespeed=(pauseit==0)? copyspeed: 0 var iedom=document.all||document.getElementById if (iedom) document.write(''+marqueecontent+'') var actualwidth='' var cross_marquee, ns_marquee function populate(){ if (iedom){ cross_marquee=document.getElementById? document.getElementById("iemarquee") : document.all.iemarquee cross_marquee.style.left=parseInt(marqueewidth)+8+"px" cross_marquee.innerHTML=marqueecontent actualwidth=document.all? temp.offsetWidth : document.getElementById("temp").offsetWidth } else if (document.layers){ ns_marquee=document.ns_marquee.document.ns_marquee2 ns_marquee.left=parseInt(marqueewidth)+8 ns_marquee.document.write(marqueecontent) ns_marquee.document.close() actualwidth=ns_marquee.document.width } lefttime=setInterval("scrollmarquee()",20) } window.onload=populate function scrollmarquee(){ if (iedom){ if (parseInt(cross_marquee.style.left)>(actualwidth*(-1)+8)) cross_marquee.style.left=parseInt(cross_marquee.style.left)-copyspeed+"px" else cross_marquee.style.left=parseInt(marqueewidth)+8+"px" } else if (document.layers){ if (ns_marquee.left>(actualwidth*(-1)+8)) ns_marquee.left-=copyspeed else ns_marquee.left=parseInt(marqueewidth)+8 } } if (iedom||document.layers){ with (document){ document.write('') if (iedom){ write('') write('') write('') write('') } else if (document.layers){ write('') write('') write('') } document.write('') } }


PostPosted: Mon Jan 23, 2006 5:56 pm
 View user's profile
 Back to top 
Ethernull
Boot

Joined: 23 Jan 2006
Posts: 47

 		okay, here is the tool that encrypts the password and username listed in the source on the spoiler above...
http://www.dynamicdrive.com/dynamicindex9/password.htm

From this page we can test known clues and codes against the username field till we find a match, and the password field as well, if we want.

Someone care to figure out how to reverse the algorythm?

Also, is this considered cheating? I'm totaly new to this.

PostPosted: Mon Jan 23, 2006 6:05 pm
 View user's profile
 Back to top 
Metlagirl
Boot


Joined: 08 Apr 2005
Posts: 30
Location: England

 		Looking at the encryption program a password of four symbols becomes 7 numbers, a pass of 5 symbols becomes 9 etc. So by that reasoning the username has to 7 symbols long and the pass appears to be 11. Brilliant work Ethernull, I wouldn't have the first idea what to do with javascript. Smile I saw it in the source code but I frankly didn't pay much attention to it.

PostPosted: Mon Jan 23, 2006 6:22 pm
 View user's profile Visit poster's website AIM Address Yahoo Messenger
 ICQ Number 
 Back to top 
Ethernull
Boot

Joined: 23 Jan 2006
Posts: 47

 		Thanks Smile

Okay, the encryption works like this:

1 * (char value of first character) * (char value of second character) * (char val of 3rd) etc..

PostPosted: Mon Jan 23, 2006 6:27 pm
 View user's profile
 Back to top 
Ethernull
Boot

Joined: 23 Jan 2006
Posts: 47

 		uhm...

Just a deduction here, but we dont actually need a username. This script takes a password phrase, multiplies it recursively by char values, and if it matches, forwards the browser to <password phrase>.htm

So if we think we have the passphrase, add it with a .htm to the url and see if its right.

PostPosted: Mon Jan 23, 2006 6:31 pm
 View user's profile
 Back to top 
oliverkeers13
Entrenched


Joined: 23 May 2005
Posts: 917
Location: London, UK

 		Thou Shalt Not Brute Force
_________________
"You're talking last ditch, I need top drawer" V
"To be in opposition is not to be a nihilist" CH
"im iver an idiot or a genus" Dekuprince
Perplex City Video

PostPosted: Mon Jan 23, 2006 6:36 pm
 View user's profile Visit poster's website AIM Address MSN Messenger
 Back to top 
Ethernull
Boot

Joined: 23 Jan 2006
Posts: 47
oliverkeers13 wrote:
Thou Shalt Not Brute Force


I wouldnt try to brute force his login with a script, thats just uncool. I'm trying to defeat their security by understanding it to narrow the possible options though. For example, we now know (from encrypting them using the same algorythm) that the pass revealed in the stegged image is not used as the username or pass for the site login, nor is abc, airlockboatcomputer, or any variation of the 8 character codes that have been posted so far.

Though I may have taken the "defeat their server security" thing to far by omiting the username all together and focusing on the password.

Unless I misunderstood you entirely, in wich case I appologize, and please elaborate?

PostPosted: Mon Jan 23, 2006 6:55 pm
 View user's profile
 Back to top 
travelling performer?
Veteran

Joined: 01 Jan 2006
Posts: 77
Metlagirl wrote:


1,1,2,3,5,7,12,19,31,50,81,104,185,289,474,763,1006,1769,2775
It's the fibonacci numbers again but this time it's one out at 7, one number before the sequence on the yahoo profile.


1+1=2+1=3+2=5+3=8 So 7 is wrong and we have 8 or 7.

7+5=12+7=19+12=31+19=50+31=81+50=131 104 is wrong. so we have 131 or 104.

104+81=185+104=289+185=474+289=763+289=1052. So 1052 is wrong and we have 1052 or 1006.

1006+763=1769+1006=2775.

So we have... 8,131,1052 or, 7,104,1006 passwords?

PostPosted: Mon Jan 23, 2006 7:29 pm
 View user's profile
 Back to top 
massive
Veteran

Joined: 23 Dec 2005
Posts: 111
Location: Colorado Springs, CO
zeldafan8626 wrote:

New entry today,

Quote:
Jan 23rd - An accident led to us losing our way. Landed somewhere though, do not worry. Looking for a way home. There hasnt been opportunity to update my journal. However, we found a signal for Evan's laptop. Kindly he let me use it. Eventually. You must know i am well. Saved plenty of food. Although this land is barren, we know there is civilisation here. Reaching it is our goal. Evan says hello. Weather is good at least. I expect a few more days will result in us finding someone. Tomorrow could be the day. Hope you are all well. You must not worry. Only wrote to reassure you i am ok. Until next time i write, take care.


This Capsreads as "ALL THE KEYS ARE WITH YOU" ... for whatever that's worth. But he's obviously still trying to tell us that we have everything we need to figure this out.

PostPosted: Tue Jan 24, 2006 4:10 am
 View user's profile Visit poster's website
 Back to top 
ALISDAIRPARK
Unfictologist


Joined: 27 Nov 2005
Posts: 1646
Location: Everywhere else

 		Can't beleive we didn't pick try that before! I've tried getting into the site to check previous posts, and also the profile, but can't get into either at the moment
_________________
Absorb what is useful <> Reject what is not <> Add what is uniquely your own
Playing : http://cerebrumachine.com and http://www.westunfictionopia.info

My charity page: http://www.justgiving.com/alisdairpark3

PostPosted: Tue Jan 24, 2006 6:04 am
 View user's profile
 Back to top 
massive
Veteran

Joined: 23 Dec 2005
Posts: 111
Location: Colorado Springs, CO

 		From the source of the page itself:

Spoiler (Rollover to View):
<meta name="keywords" content="Renata, Security, Server">


Spoiler (Rollover to View):
Renata as the username yields 1382357483760, the number in the source code for the page, so we know the username now. Now ... the password!


Continuing on the composer_181 document:

Spoiler (Rollover to View):
The binary decodes into blocks of four letters, which I gotta figure out how to type so they don't lose their formatting. Smile

Y81M DKFV BSHA YDGX CVZZ W0XZ RVEA TEJ1
MXVC VOLS RV7V Z7ND LW27 KPMD JTV9 CMDJ
2R65 4IB4 0LFN PYNH LGQ0 6G07 7MA8 NPZT
7721 69Z9 ELYF RVGA D8WD J2LG DPNP A0GI
ZPKR CWYJ 77TZ JFN4 L5YA VGJT DJTI MC55
ARLW 27KP GHC9 F9DR 7REV 3SMD LNZM APDJ
9SRJ YPWV CB5E AJWM JLCL EFLT VQWX 0KVK
R706 H70P FMMQ Y75L MGRK 02KW QTP8 FQY0
8OQK VQIN 0UTV T27N RJ5R 8QWL 7WRC BN1Q
T1QC PNTR 06BB RJ5R WJ1F 3QQG 0J05 KL9Q
N0JL 50M5 RW7R 7AQJ L1N0 8NTV 7BJ2 BRP0
U4QZ VKRV 7JQM 5RQR BIZG KNVQ IN01 MI7K
PLKN N5CQ 79TK K1LJ 71K0 P8BQ B02K XFG5
7MUD B3H

I just don't know anything about what this might be just by looking at it. Playfair is my initial guess, but I see a "BB" (in 06BB) which rules it out to me. Vigenere?


PostPosted: Tue Jan 24, 2006 8:19 am
 View user's profile Visit poster's website
 Back to top 
Display posts from previous:   Sort by:   
Page 10 of 17 [243 Posts]   Goto page: Previous 1, 2, 3, ..., 8, 9, 10, 11, 12, ..., 15, 16, 17  Next
View previous topicView next topic
 Forum index » Archive » Archive: General » Low-Volume Games
Jump to:  


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
You cannot post calendar events in this forum



Powered by phpBB © 2001, 2005 phpBB Group