The challenge was a very easy one, I don’t even know if worth to write a writeup. Anyway the challenge was a basic javascript obfuscation authentication. Using the Javascript Deobfuscator to trace the function calling, it issues that it calls encrypt() then numerical_value() and ascii_one() as stand in this image: http://img268.imageshack.us/img268/8601/dx36.png . Now our input is passed trought these functions that basically sums the ASCII number of every char in our string each other summing up the “i” variable on the for loop in numerical_value() every time it rounds. At the end the output goes trought this:

res=res*17;
res=res>>>6;
res=res/4;
res=res^4153;

And then “res” compared to 0. If it is 0 it return success else wrong key. So our aim is to get “ris” 0 at the end of this process but how? Easy just reverse those lines I pasted up starting from the bottom:

  • res must be 0 so just have to XOR it for 4153. So res=4153
  • res must be 4153 so just multiply it for 4. So res=16612
  • res must be 16612 and it is zero fill right shifted.

//100000011100100              16612

Now just add the 6 bits that has been shifted:

//100000011100100000000 1063168 min

//100000011100111111111   1063423 max

//100000011100100001100 1063180 <– right one obtained bruting numbers till a number % 17 returned 0. So res=1063180

  • res must be 1063180 so just div it for 17. So res=62540

No the sum must return 62540. For this one just add character to the key till you get close to it then just adjust with the first chars in the string that has been less influenced by the sum of “i”.

The string I submitted was “vzzzzzzzzzzzzzzzzzzzzzzzzzzzzzD8:”

Output: Congrats! you passed the level! Here is the key: 23f8d1cea8d60c5816700892284809a94bd00fe7347645b96a99559749c7b7b8

Razor4x