Programming 3 luck

[Jimmy_xor]

I just finished programming 3 an hour ago, but I don't like my brute force method.
My running time varies from 3s to 500s depending on the given values, so I was lucky when I completed it.
I want to know how other people have done..
Does someone want to describe their method or perhaps show me some code?

[sharpskater69]

I'm too close to post what I'm trying, so I sent a pm. 36^45 (missing keyspace) is too much for brute-forcing. There's also a shortcut since the hash chars get reused.

Edit: Works fine, this took me a while to grasp the method, but it was fun.

[TheMindRapist]

If anybody has done this in Java, I could a bit of help.

[supr_k9]

i need help with this. i just aneed a simple question answered no spoilers or anything.

on the encryptstring function, there are two arguments, strString (which is what we are trying to figure out) and strPassword. to get strString though, dont we need to know what strPassword is? and to get strPassword, we would have to reverse Md5 encryption which is technically impossible. so am i missing something here? we know the output of the function, and we are trying to find out what strString is, but do we know what strPassword is?

sorry if the above is a "noob question"

[BhaaL]

Take a good look of what happens to strPassword.
Apart from that, brute-forcing is the only way to solve this - smart brute-forcing of course, you dont have much time.

FYI, my solution took rougly a second to complete.

[pescador]

My solution also takes between a few and a few hundred seconds. It is in an interpreted language, so I should be able to speed it up a some. I don't think I'm going to though. For some reason this one took me the longest of all programming challenges.

[Nines]

For some reason this one took me the longest of all programming challenges.

Me too. I've still got #6 to do though.

[MrRubix]

I don't like the name of this challenge because it isn't really something I think we "reverse" -- it deals with rolling totals and md5's which aren't really reversible (e.g. A total of "100" might be 50+50 or it could be 25+75, but we don't know which case we're dealing with, for instance) -- implying that brute forcing is really the only way we can go about it, but in a way that won't be inefficient and waste a lot of time and resources.

My issue though is still with the fact that you have both a serial string as well as a password string -- both are used as md5's. That is, it's not like we're ONLY using the total of the hex values derived from the password string -- we're actually using the password string itself as well as the serial string in our operations, for instance: ('0x0' . substr($strPasswordMD5, $i%32, 1)) is used in one operation, implying that in our calculations, we must find the full serial string and also know the full password string. This is puzzling me at the moment (would take eons to find all combinations of serials with all combinations of passwords, etc... there must be some shortcut but I'm not seeing it yet).

Will keep cracking at it though


EDIT: I think I just answered my own question, on a second look. We don't *technically* need to know the password, I think... we just need to be able to match the net output of that entire operation where the password just happens to be used.

[BhaaL]

EDIT: I think I just answered my own question, on a second look. We don't *technically* need to know the password, I think... we just need to be able to match the net output of that entire operation where the password just happens to be used.

I guess you dont need any others hints now anymore, do you?

[MrRubix]

Still working on it, but I think it'll be okay if I give it some more thought.

My main issue is speed. How fast have people gotten this down to?

I'm running it on a server and it times out after 30 seconds of processing, which is a bit annoying.