Return to Unfiction unforum
 a.r.g.b.b 
FAQ FAQ   Search Search 
 
Welcome!
New users, PLEASE read these forum guidelines. New posters, SEARCH before posting and read these rules before posting your killer new campaign. New players may also wish to peruse the ARG Player Tutorial.

All users must abide by the Terms of Service.
Website Restoration Project
This archiving project is a collaboration between Unfiction and Sean Stacey (SpaceBass), Brian Enigma (BrianEnigma), and Laura E. Hall (lehall) with
the Center for Immersive Arts.
Announcements
This is a static snapshot of the
Unfiction forums, as of
July 23, 2017.
This site is intended as an archive to chronicle the history of Alternate Reality Games.
  

The time now is Sat Nov 16, 2024 1:18 am
All times are UTC - 4 (DST in action)		 View posts in this forum since last visit
View unanswered posts in this forum
Calendar
 Forum index » Archive » Archive: General » ARG: Acheron
[SPEC] on Logon.html
View previous topicView next topic
Page 1 of 2 [17 Posts]   Goto page: 1, 2 Next
Author Message
ramiles
Unfettered

Joined: 28 Aug 2003
Posts: 362
Location: Chicago

 		[SPEC] on Logon.html
Has anyone tried to a see if the Password given is a really a Math Forumla?

And the answer to the forumal is the key to get in...

Thats something I think we have over looked or has someone already looked at it that way?
_________________
The TRUTH lies beneath the LIES
The Consparicy Theorist

Now Playing: BodyMindChange & Extrasolar XRI

PostPosted: Mon Sep 08, 2003 4:40 pm
 View user's profile Visit poster's website AIM Address Yahoo Messenger
 Back to top 
Guest
Guest


 		I've attached a list of things that were returned to me in the password field of the http://www.nru.us/physics/bd.php page. Here are the similarities I have noticed.

1 $
2 1
3 $
4-6 string 1(3 bits)
7 .
8-9 string 2(2 bits)
10 numbers . /
11 .
12 $
13-33 string 3(21 bits)
34 numbers / .

All of the blank ones seem to be able to be anything alphanumeric, a decimal, or a slash.

At first I thought the response from the server was just random, but if it isn't supposed to mean anything then why set up these conventions?

I'm kind of wondering if one(or both) of the first two strings are keys for the last string.
pass.txt
Description 
txt

 Download 
Filename  pass.txt 
Filesize  1.58KB 
Downloaded  119 Time(s) 

PostPosted: Mon Sep 08, 2003 8:03 pm
 Back to top 
Bryan
Boot


Joined: 08 Sep 2003
Posts: 14

 		dangit, forgot to login again

PostPosted: Mon Sep 08, 2003 8:05 pm
 View user's profile
 Back to top 
dishboy
Unfettered


Joined: 02 Sep 2003
Posts: 399
Location: Atlanta

 		Bryan kind of stole some of my thunder here, but that's cool. I've been working on logon.html for over 2 days now. Whether or not I'm "done" by tonight, I'm gonna post what I have. I have been analyzing both the "random" string that gets returned (which I also don't think is random), as well as the sites that get returned. Much more on this later...
_________________
-- dishboy

PostPosted: Mon Sep 08, 2003 8:10 pm
 View user's profile Visit poster's website AIM Address
 Back to top 
dishboy
Unfettered


Joined: 02 Sep 2003
Posts: 399
Location: Atlanta

 		More SPEC
OK, I'm kind of tired of looking at all of this, so I'm going to pass it on for other eyes to see, with the hopes that something new might surface.

I hadn't seen anyone mention this, but after playing with logon.html a few times, I realized how similar it was to one of Eliza's puzzles in the Beast. Try (futilely) to guess a password, get kicked out to one of many random websites, and then use those sites together to determine the password.

So what I started doing was documenting all the sites I came across, and what each one focuses on. To maintain some sort of consistency, I always input the same thing into logon.html - username "test", password blank. Each time I also recorded the "random" string that was sent back by the bd.php file. I've found some interesting things and wanted to report on those. Everything I comment on you can find in the attached file, which is essentially all my "research", and is a work in progress till I find all these sites. It should be pretty self-explanatory. Each line is the returned password string, followed by URL, and then description. Any time I reached a site more than once, I listed it below the original, with the new string. Some sites were inactive, which I listed as "404". Anyways, here we go:


1. About the format of the $1$..... string: Bryan pretty much said it all above, but I wanted to clarify one thing. The last character of the string is always either a 0, 1, period, or forward-slash. The other patterns are well documented. I agree with Bryan that the strings are way too consistent to be random. I've even played with a few encryption mechanisms, none of which returned me a string of that form, so I'm guessing it's being generated according to some algorithm. And as far as the patterns go, either the PMs put them there to confuse us and keep us busy (NOTE to PMs: this would be very cruel folks!), or there is more to this. At this point, however, it's only wild spec.

2. OK, about the kickout sites. There are at least 130. This many I found on my own, and I have seen several others posted by certain other members. My guess is somewhere in the range of 150-200 total, but it could very well be higher than that. However, there are definite patterns and peculiarities. With few exceptions, the sites break down into 3 main topics:

a. Conspiracy Theory
b. Disasters
c. Freedom of Information Act (FOIA)

The overwhelming majority of the sites (so far) have been conspiracy-based. Within each of the main topics appear to be some subtopics, but those are much more subjective, so I'll let you peruse them in the attached file at your leisure.

3. The one subtopic that does stick out is Freemasonry. There are several sites that talk about conspiracy theories involving freemasons, and several of these have a ton of information on the mysterious society. I say this one sticks out because there have been other references to Freemasonry in the game. The most notable of which is the symbol of the Freemasons in the NRU logo (top right).

4. Several sites are crossovers, dealing with more than one main topic - maybe these are more important than the rest?

5. Several other sites just simply stick out for one reason or another. I will briefly outline them here:

http://www.spiritual-endeavors.org/abilities/phila.htm - This site talks about time travel, and rewriting history!

http://www.eff.org/Activism/FOIA//aclu_cpsr_us_v_ray.brief
http://www.blm.gov/nhp/efoia/ca/Public/IMs/2000/034.htm - These two sites are documents that are in some indirect way related to FOIA. But are they provided for a reason? Are there clues in these documents?

http://www.sirbacon.org/links/fellows.html - Somewhat out of place, this site is about codes that poets such as Sir Francis Bacon used to hide messages in their poems. Perhaps this is a key for how to solve this, or some other, puzzle?

http://ken.slctech.org/miscdatacomm/MiscDataComm.html - This is a set of links to data communications pages. It seems completely out of place. But it does have links to certain codes, such as Morse and Baudot. Another nudge?


6. Perhaps the weirdest thing of all - almost every time I submitted a login attempt, I got a new unique string on the backdoor page. Except a few times, where I got the same string as I had before, and it sent me to the same site as before! This was very rare and very peculiar. Here are the sites and the string that I got back on more than one occasion:

http://www4.ncdc.noaa.gov/cgi-win/wwcgi.dll?wwEvent~Storms
$1$5s2.og..$LSbd1qgYao2awsLcP36Jz0

http://www.theconspiracynetwork.com/
$1$gB4.po4.$.GN35yzcepMbQxAEuyKKr1

http://www.joric.com/Conspiracy/Conspiracy.htm
$1$tP/.yM3.$Hc70VLg84i3JC7hDaWSkB.

Maybe these are special strings, and are the only ones that matter in solving something here?

7. I tracked the frequency that I was sent to each site. By far, the one I was sent to the most was CFRG - about double as much as the next most frequent. There are several sites, however, that I reached more than 5 or 6 times. Either all of this is random, or some of these sites were pre-determined to be returned more often than others. Maybe just CFRG was this way, and the others turned up more frequently by pure chance. It's hard to say. But it's possible that this was the method by which we were to discover CFRG, because the PMs made it the most dominant return page, essentially telling us "check this site out!"



OK, now those are just my observations. Here are my actual speculations:

1. There is something going on with the return password string we get. My guess, from looking at over 300 of those strings, is that there's a website buried in them. There are too many dots and forward slashes to be normal.

2. Most of the kickout websites are red herrings, or just time-wasters. I say this because I ran across a couple "Conspiracy Theory Links" pages, and noticed that almost every link on that page was one of the kickout sites. So my guess is that the PMs just visited those sites (google.com directories, about.com directories, etc.) and fetched all the related links there, to give them enough sites.

3. However - I think the topics they refer to, and some of the exceptional sites, are important. Conspiracy Theory, Disasters, and FOIA - and how they interact - are important. Maybe it's just a hint to the overall Acheron plot, which we already know about. Or maybe it's a guess to the password., like I mentioned with the old Eliza puzzle.

4. I think Freemasonry in particular is important, and that's just a pure hunch. Not only because it's tied in at NRU's logo, but because it's a cool subject and would be fun as part of an ARG. Smile


OK, that's enough for now. Thanks to all those who read those far, and for those of you that did, you get a little treat. Here are the craziest kickout websites I ran across so far. I'm not even going to tell you what they are. Visit at your own risk. Some of these people are just stark raving mad!

http://www.starlink.clarityconnect.com/
http://www.geocities.com/freeyourbrain/
http://www.saintaardvarkthecarpeted.com/index.html
login.txt
Description 
txt

 Download 
Filename  login.txt 
Filesize  21.22KB 
Downloaded  196 Time(s) 
_________________
-- dishboy

PostPosted: Mon Sep 08, 2003 11:37 pm
 View user's profile Visit poster's website AIM Address
 Back to top 
Bryan
Boot


Joined: 08 Sep 2003
Posts: 14

 		more thoughts...

64 character alphabet (upper and lowercase letters, 0-9, . and /)
The $ must be used as a seperator if it isn't part of the alphabet(my assumption)...
otherwise, a 128 char alphabet.

The $1$ code is pretty obviously not a cipher (ciphers would not be concerned about upper and lowercase).

PostPosted: Tue Sep 09, 2003 12:54 am
 View user's profile
 Back to top 
MageSteff
Pretty talky there aintcha, Talky?


Joined: 06 Jun 2003
Posts: 2716
Location: State of Denial

 		Dishboy... working it out....
Wow what a lot of time you spent on this DB. lots of information... Nice work!
_________________
Magesteff
A small group of thoughtful people could change the world. Indeed, it's the only thing that ever has. - Margaret Mead


PostPosted: Tue Sep 09, 2003 12:56 am
 View user's profile Visit poster's website AIM Address Yahoo Messenger MSN Messenger
 Back to top 
dishboy
Unfettered


Joined: 02 Sep 2003
Posts: 399
Location: Atlanta

 		site-list follow-up
OK, I can say with a reasonable degree of certainty that there are exactly 163 kickout sites. After spending many hours last night clicking back and forth on the backdoor page, I finally got smart and wrote a little script to fetch all the sites for me overnight. While I can't be 100% sure that there are no more sites that it didn't find, it ran for a considerable amount of time without finding any new ones. This period of time was long enough to assume that, barring some strange occurrence of random site selection, nothing else must be out there.

Anyways, I'll update my spreadsheet later (when I'm off-work) and post it back here. For now, I have attached the (hopefully) complete list of kickout sites, for your viewing enjoyment. In the meantime - why 163 total? Is that just how many that were gathered before the PMs stopped searching? Or maybe some significance to the number?


[Note: In case anyone is wondering, the script I wrote was not a "brute-force attempt". First, I added significant delay time between site hits so as not to overload the server. In addition, once it ran for a predetermined number of times without finding any new sites, it shut down automatically on its own. So in essence, it was just as if I was sitting there hitting the site itself, the only difference being that it did all the work and I got all the sleep Smile]
kickout_sites.txt
Description 
txt

 Download 
Filename  kickout_sites.txt 
Filesize  6.37KB 
Downloaded  187 Time(s) 
_________________
-- dishboy

PostPosted: Tue Sep 09, 2003 11:37 am
 View user's profile Visit poster's website AIM Address
 Back to top 
Bryan
Boot


Joined: 08 Sep 2003
Posts: 14

 		Re: More SPEC
dishboy wrote:
http://www.sirbacon.org/links/fellows.html - Somewhat out of place, this site is about codes that poets such as Sir Francis Bacon used to hide messages in their poems. Perhaps this is a key for how to solve this, or some other, puzzle?


Reggie
has the key.
You've seen his name before
But you've probably forgotten
He will lead you to, just as soon as he can stop playing Hexic or gets 3 black pearls.

Look like a poem to you? It does to me.

PostPosted: Tue Sep 09, 2003 1:48 pm
 View user's profile
 Back to top 
Bryan
Boot


Joined: 08 Sep 2003
Posts: 14

 		Also, Francis Bacon was apparently involved in freemasonry.

PostPosted: Tue Sep 09, 2003 2:05 pm
 View user's profile
 Back to top 
ramiles
Unfettered

Joined: 28 Aug 2003
Posts: 362
Location: Chicago

 		[Spec]
Guys I hate to say this, but I think the Login.html is a leftover from pregame...

it worked once from what I remeber reading in pregame notes..

I just think its a left over tidbit they they didnt remove..

Also if you look www.nru.us/purge is still out there too

I think the Login was part of the Failsafe which is no longer active...

Let me hear you all and if you think I am on the right track..

and has anyone done a Whois on all the sites and seen if they have any connection with the main site?
_________________
The TRUTH lies beneath the LIES
The Consparicy Theorist

Now Playing: BodyMindChange & Extrasolar XRI

PostPosted: Tue Sep 09, 2003 4:24 pm
 View user's profile Visit poster's website AIM Address Yahoo Messenger
 Back to top 
Wolf
Decorated


Joined: 26 Sep 2002
Posts: 292

 		The reggie key bit is a riff on the original Beast e-mail, reprinted below in slightly modified format for ease of reading.

Quote:
Jeanine
Once upon a time there was a young man who dreamed of the sea. The waves, he thought . . . the waves beat like the world's heart, crashing and hissing against the shore.
was the key.
Crash and hiss.
Crash and hiss.
You've seen her name before
He loved the sound of the swell as it slapped and gasped against the hull of his boat.

Slap and gasp.
Slap and gasp.
but you've probably forgotten.
And he was thinking about the rocking ocean, gentle as a mother's arms, at the very moment he was murdered.

A mother's arms.

A mother's arms.
She will lead you to Evan, just as she led them......


Bolded words were hidden in the message code.

Ah, memories.

PostPosted: Tue Sep 09, 2003 4:42 pm
 View user's profile
 Back to top 
dishboy
Unfettered


Joined: 02 Sep 2003
Posts: 399
Location: Atlanta

 		Re: [Spec]
ramiles wrote:
Guys I hate to say this, but I think the Login.html is a leftover from pregame...

it worked once from what I remeber reading in pregame notes..

I just think its a left over tidbit they they didnt remove..

Also if you look www.nru.us/purge is still out there too

I think the Login was part of the Failsafe which is no longer active...

Let me hear you all and if you think I am on the right track..

and has anyone done a Whois on all the sites and seen if they have any connection with the main site?


I disagree, mainly because the file has never been used. Everything else on the CD is a utility. They add to the theme of "hacking", and it makes sense that some may or may not be used. logon.html stands out, because it is not a utility, but a puzzle - one that, according to the trail, has still not been solved. While I admit it's possible that the whole thing is a red herring, to say that it has already served its purpose I think would be incorrect, because it has not served any purpose at all up to this point. logon.html and failsafe.html, from what I can tell, have nothing to do with each other. If I'm wrong on any of this, please let me know...
_________________
-- dishboy

PostPosted: Tue Sep 09, 2003 5:11 pm
 View user's profile Visit poster's website AIM Address
 Back to top 
MageSteff
Pretty talky there aintcha, Talky?


Joined: 06 Jun 2003
Posts: 2716
Location: State of Denial

 		Odd fish: Logon Kickout site ramblings
Did some wandering on one of the NRU physics bd kickout sites...
http://www.ctrl.org/
came across this little mention of the Sobig.f virus...
http://www.mail-archive.com/ctrl@listserv.aol.com/msg107725.html
_________________
Magesteff
A small group of thoughtful people could change the world. Indeed, it's the only thing that ever has. - Margaret Mead


PostPosted: Tue Sep 09, 2003 5:28 pm
 View user's profile Visit poster's website AIM Address Yahoo Messenger MSN Messenger
 Back to top 
Bryan
Boot


Joined: 08 Sep 2003
Posts: 14

 		So, I figured out what these $1$ things are...freebsd md5 shadow passwords. Sad

PostPosted: Tue Sep 09, 2003 5:29 pm
 View user's profile
 Back to top 
Display posts from previous:   Sort by:   
Page 1 of 2 [17 Posts]   Goto page: 1, 2 Next
View previous topicView next topic
 Forum index » Archive » Archive: General » ARG: Acheron
Jump to:  


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
You cannot post calendar events in this forum



Powered by phpBB © 2001, 2005 phpBB Group