NORCPU hackme challenge

Problem statement

This is a hackme puzzle. When you enter a password into the "Password" field and click on "Check" the value is checked by a special JavaScript program embedded into this page.

If the password is wrong you'll see "Wrong password!" message in the "Result" field. If the password is correct a special magic message will be printed there.

You have to find out that magic message.

Deadline is 31st of March 2011. After that date I will publish all the sources.

Notes

The hackme is written such way that knowing the algorithm it's possible to restore the password, and as the consequence - to find out the magic message.

This page was tested on Google Chrome 10+ only and may work slow on other browsers.

Prize

I will be happy to send a check for symbolic amount of 100.00 USD to the first person whom I receive the correct magic message from. Please send your submissions to alexander@demin.ws.

References

Last year I wrote a few posts about this approach (English, Русский), described everything in details and gave the references to the original author of this idea.


Password:

Result:


** 2011.02.16 ** The updates are listed in the chronological order.

UPDATE 7: The best submissions and the original problem sources are now available (English, Русский).

** 2011.02.12 **

UPDATE 6: Another complete solution is received from Salo Kril. This solution is the full reconstruction of the password checking algorithm (originally implemented on the NOR macro assembler) on C.

** 2011.02.11 **

UPDATE 5: The second submission for this challenge (version 1) is received from Max Filippov. This submission contains the full solution of the problem: an algorithm of the password checking.

** 2011.02.09 **

UPDATE 4: There is the next challenge available - NORCPU hackme, Version 2. This one is harder to solve and has no prize anymore.

UPDATE 3: The winner, Vasiliy Artemev (vasart@gmail.com), has proposed to sponsor the second round. Now the 100$ prize goes to Vasiliy but he decided to pay 50$ back to the first person who figures out the algorithms how the password is checked and the text strings are encrypted. Please send your submissions to alexander@demin.ws.

UPDATE 2: Now when the problem is solved, I'm proposing the second round, for free, to investigate the algorithms used to check the password and encrypt the text strings. Good luck!

UPDATE (00:30 GMT): The problem is solved less then in 2 hours! The first correct submission is received from Vasiliy Artemev. Congratulations to the winner!