03 June 1999
||Courtesy of Fravia's page
Yeah, it was very easy indeed. But it was MEANT to be easy, dear bajunny, because I aim to use
this section (starting from HERE) as the real hyper laboratory, and I am sure that many readers
that will join us here (either trough the BabaYaga image, or through the reversing, or through noticing
that the only inverted letters are A, B, Y and G) will be able to help us to go FURTHER.|
And further we will go, starting from the essays that are beginning to rain in right now...
||There is a crack,
a crack in everything
That's how the light gets in
(x)Beginner ( )Intermediate (
Cracking and cryptanalysis are alike. Maybe the same.
I like it.
Trained eyes. JS-enabled browser.
Your_target's_history (if any)
In effect, Fravia+ gives us so many hints counting
trouble password search. Zero'th level observation:
cherished filename-encrypted technology. But let's see
1) Figure it out... looking at this
Well, in fact hint (1) is all we need but we are
Fravias so let's start instead
from (2). It's a very simple Vigenere-like cipher. It would
be true Vigenere
if the alphabet were ABCDE....XYZ. Cracking such
ciphers even with
unknown alphabets IS possible (and quite easy - see
LANAKI lessons) -
but it requires a fair amount of ciphertext (at least
Here we know the alphabet and are ready to feed in
plaintext. It generates a filename, so ".htm" is an
in place of ".fzn" inside the encrypted filename
observations: Fravia+ ciphers preserves letter case,
chars are crypted to uppercase ones. More possible
"Bu ru" -- maybe "Go to". Quite probable. So it's time
passwords. I was so lazy so I only put some dumping
code to decode()
routine to see chars dump in the process of
(I just reformat the original code a little)
var lowercase = input_char_value >= 26
? true : false;
'('+input_char_value+ ')__' +
document.write( '(' + input_char_value + ')');
input_char_value += 26;
input_char_value % 26 + 26;
else input_char_value %= 26;
alphabet.charAt(input_char_value) + '<' + '/p>' );
For more comfort, let's place it horizontally and
forget the numbers,
I will present some steps on the right, later comment
will be in uppercase below plaintext guesses
B u r u i h p p e y f z n B e k z u s z i k r k
G o t o ? ? ? ? ? ? h t m ? ? ? ? ? ? ? ? ? ? ?
G o t o ? ? ? j a v h t ? ? ? ? y o u ? ? ? ? ?
B A B A A B A B A ? B A B
| | |
G o t o h ? ? j a v h t m ? ? e y o u t h ? ? e
B A B A Y x y A B A B A Y x y A B A B A Y x y A
G o t o h y p j a v h t m S e e y o u t h e r e
B A B A Y A G A B A B A Y A G A B A B A Y A G A
 "BA" starts pretty well, we immediately see the
match on "Go to"
and supporting match "you", very inspiring
 we see no match for "m", so passwd here must
contain "Y", note
also a magic "jav" in filename!
 it's time to decide on passwd length; main problem
is cycling; it can be easily spotted in the real
world; we still
do not know two passwd characters (denoted as "x"
 easily spotted "there" and expecting something
like "hyp" in
filename cause we already saw "javfurther" and lot
Fravia+'s filenaming habits
Hey presto - password is "BABAYAGA". Or "Baba Yaga" -
personage of many russian fairy tales.
something like "babay aga" - "old man" in Turkish.
could also have just had a look at Bilibin's picture and then you will
have to admit the "plentity" of
hints left by Fravia+.
Russian is my native language so I spotted the answer
stages  and . See: my browser doesn't show pictures
JS is lousy. It is quick&dirty fix appeared in browser
M$ and NS.
Of course one can employ very complex
crypto even with
But teh same level of protection (or better) can be achieved in much more
reliable - and
if you dare to use it for protection, he-he.
"Ob Duh" section
is great, but now
it's 3 am and I don't want to type anymore
still my eyes can't stand default text so I feverishly
You are deep inside Fravia's page of
choose your way out: