Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Clever recruiting

08 May 2010   #1

Microsoft Community Contributor Award Recipient

Clever recruiting

Nixu Ltd is an information security consulting company from Finland. When searching a specialist to work as a penetration tester some weeks ago, they got an idea. The company told about the opening in their blog: a certain webpage contains a password, everyone finding that password is going to be invited to round 2, the interviews.

To company's surprise, there was over 200,000 tries to hack the page, from 66 countries. A total of 19 people succeeded to find the password, 12 of them are now going to be invited to be interviewed (7 declined).

The whole recruiting campaign was only in Finnish because the new penetration tester has to be a native Finnish speaker. However, due to extensive international interest, the company published the solution also in English in their blog.

The solution, for those interested:
The browser starts by fetching a simple JavaScript from r.php without parameters. Typing the script URL in the location bar causes the user’s IP to be banned as the script contains a JavaScript comment that also can be interpreted as an HTML meta redirect. The ban can be removed by visiting the base64 encoded address hidden in the source code of the “403 Forbidden” page. The first script does a few simple loops and calculations to fetch the next script.

Every script except the first one can be fetched only once and this needs to be done within a short timeframe. The scripts are dynamically generated and different every time.

The next script contains xor-encrypted code to get the script of the next phase. This script sends the browser local time in the rand-parameter to the server.

The first two scripts can be bypassed e.g. by using a proxy tool (Burp etc.) in order to directly fetch the last phase script. This script implements an obfuscated stack-based virtual machine processing the byte-code which in turn does the actual validation of the password.

The virtual machine contains an embedded time-check comparing the local time into the timestamp sent to the server during the second phase. In case the local time differs too much from the expected time, the bytecode execution is disrupted. The password is converted into a base-63 number system and the resulting number is compared to a known value.

During the first week the password was aeIrfYh and then it was changed to dEys56_.

Congratulations to all who were able to solve the puzzle!
(Nšin Nixun haaste ratkesi - TigerTeam - suomalainen tietoturvablogi)


My System SpecsSystem Spec
09 May 2010   #2

Windows 7 Home Premium x64 SP1

I didn't understand anything of the solution... no wonder why so few people was able to get the passwords!
My System SpecsSystem Spec

 Clever recruiting

Thread Tools

Similar help and support threads
Thread Forum
Clever with letters.
In an email today PRESBYTERIAN : When you rearrange the letters: BEST IN PRAYER ASTRONOMER: When you rearrange the letters: MOON STARER
Chillout Room
people look so clever..
When I am browsing this good forum I Always feel: boy, these people know alot about computers; more than I do. I do not understand every question. Are there more out there who feel the same? Have a nice day, Lowie1
Chillout Room
Want to work with James Bond? M5 recruiting IT gurus.
Check if you could pass the first round in M5 recruiting process: Full story and the test: Kari
Chillout Room
Yes, I am so clever. -_-
Sup, just re-installed Windows7 after cleaning the disc so many times because I kept getting the corrupt file error in the installation. Anyway, whilst installing Ubuntu, the mouse senesitivity was higher then Windows7 (anyone noticed?) So I accidently deleted the Windows 7 partition. FML.
General Discussion

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 20:00.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App