Reply to comment

bypass javascript authentication

Some year ago I have come across a site that had a private section accessible only through an authentication form.

I don't like register myself!

So I look at the html source and I find a code like this:
"uhmmm... javascript... g00d" I thought (-:

In html source page that use this type of autentication you can find a tag like: <option value="John Smith|42691|NGLOQEMM">.
The goal is to find 42691 as password result and, in combination with NGLOQEMM, the page that permits you to bypass authentication.

The makehash function generates the linear diophantine equation:

 \    x_i * c^(7-i) = <goal>

with  0 < x < 27 and c = 3 | 10; x € N )

I write jsauthsux to solve it (-:

I added also dictionary attack.

To use:

./jsauthsux -g <goal> -p <page> [-d <wordlist>]

in our example:
<goal> = 42691
<page> = NGLOQEMM
<wordlist> = filename of wordlist for dictionary attack

This output shows the couple password - page.

If you don't find a significant result inside _all_ possible solution displayed, use:

$ ./jsauthsux -g 42691 -p NGLOQEMM > log.txt
$ sed -e 's/^.\{11\}\(.\+\)$/http:\/\/yoursite\/\1.html/g' \
  log.txt > log.url
$ wget -i log.url


  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Enter the characters shown in the image.