I-Appliance BBS The Official Source for Internet Appliance Upgrades and Mods BBS Main List | Sign In | Sign Up | Search | Help | Linux-Hacker.net Reply to Thread | Printer |

Home / Other I-Appliances / Virgin Webplayer Webplayer setup password crack? Webplayer setup password crack?

Webplayer setup password crack? (modified 0 times) M_firmature Profile Anyone have any ideas on how to crack the rotating passwords to get to the setup screen? 11-09-2000 23:06:59

RE:Webplayer setup password crack? (modified 0 times) Dag2000 Profile | Email Okay, here's my list of known key - password combinations: Key -Pswd ____ ____ 9917-7516 9035-6534 9033-6536 3102-699 2928-401 2914-415 2304-9936 981-8451 I stumbled onto the 2914-415 combo as I was repeatedly trying to get one of the known keys to come up. 2914 came up and it was close to 2928. Having noticed that the passwords for 9035 and 9033 had the relationship that as the key went down numerically by two, the password went up numerically by the same amount, I tried this with 2914, adding 14 to the password for 2938. It worked! unfortunately the power cord was loose and while I was trying to change the dialup values, it came out. I found that this trick did not work later on a similarly close pair so I can't promise it will work for you. What I have generally observed is that the password is generally a value 2400 or 2500 and change less than the key. My supposition is that the key is arrived at by a formula invovling taking the key, substacting a standard value, like 2000 or 2200 or something and then further subtracting a value using an operation on the key, like dividing by 4, dividing by pi. I have not discerned what the exact operations or values are but maybe a bigger brain than mine can detect something in the numbers above. Note that when the key values are below 2400 or so, the password seems to loose its 2400/2500+change relationship. If you treat the password numbers as having a cap of 9999, and imagine a rollover from 9999 to 0000, then they still keep this relationship. Till we get the formula worked out, my suggestion is to keep cycling through till you get one of the known numbers or a close pair that works with the trick above Anyone have any thoughts on this? -Dag. P.S. anyone try calling and saying " I need to get my emails before the service ends but my machine doesn't detect a dialtone even though I know there is one? " This problem actually happenned to me and is how I got the key-password combo i did get. Anyone wanna try? I'll do it if I find some time. 11-09-2000 23:44:03

RE:Webplayer setup password crack? (modified 0 times) wiggles Profile Here's my theory on this. It would be relatively easy to implement on both ends, but helluva difficult to hack. It also seems to concur with all challenge-response pairs discovered so far. The first two digits of every challenge corresponds to a different set of first two digits in the response. These assignments are handled by a database. There need be no mathematical rule governing the assignments. It would look something like this: 29 <-> 04 90 <-> 65 99 <-> 75 and so forth. There is also a constant k associated with this assignment of tuples. When the last two digits of the response is 00, the last two digits of the challenge is k. As the challenge decreases, the response increases. In order to fully "hack" this scheme, one would have to guess all 99 tuple assignments, plus the k's associated with each tuple assignment. For instance, for the 29 <-> 04 assignment, it looks like k would be 29. For the 90 <-> 65 assignment, k would be 69. And so forth. If we assume 0 <= k <= 99, there are (99!)^2 possible databases. Work it out if you like, but that's a helluva lot of trial and error! 11-10-2000 00:15:23

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile Here is one more: 9912 -> 7512 11-10-2000 00:47:25

RE:Webplayer setup password crack? (modified 0 times) jwolfx Profile One more for you crackers... 977-8447. It's based on the 981 pair. 11-10-2000 01:01:36

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile Once you get in there are eight(8) tabs: PPP Files Settings Dialup Settings LogManager Settings MiniTuner Settings Browser Settings Network Settings User Settings System Settings 11-10-2000 01:09:41

RE:Webplayer setup password crack? (modified 0 times) Dag2000 Profile | Email great job all, especially wiggles. Interesting thought. I think the main thing here would be to try and build a substantial list of key-pswd pairs so that we can make changes and comfortably know that if they don't work out we can get back in, reset factory defaults and try again. I think 50 - 100 would probably do it. that way, although it might take a little while, eventually a know key would come up. Or if wiggles is right, just figuring out parts of the system would allow the same comfort. 11-10-2000 02:42:57

RE:Webplayer setup password crack? (modified 0 times) wiggles Profile From the data so far gathered, I can pretty confidently say that the first part of my theory is correct. Namely, the assignment of first two digits of the challenge to first two digits of the response. We've had four pairs of challenge-reponse pairs conform to this theory, and no pairs whatsoever contradict this theory, and that's pretty unlikely to be coincidental. There seems to be some irregularity concerning my constant k theory (where the last two digits of the challenge, plus the last two digits of the response, must equal k). I'm going to try and come up with some way to account for that. 11-10-2000 08:21:00

RE:Webplayer setup password crack? (modified 0 times) jwolfx Profile Something else to to think about... While I was playing around last night, I was writing down the keys and what didn't work it. I came across this key: 9059. Based on the known 9035, I tried 6510. It failed. I also tried 6509-6511 just for the heck of it. Is my math right, it should have worked right? 11-10-2000 08:53:54

RE:Webplayer setup password crack? (modified 0 times) DoS4WhO Profile | Email Bios password: schwasck Thanks go to an anonymous coward on Slashdot! His full message: Re:You can keep your Webplayer (Score:2, Informative) by Anonymous Coward on Thursday November 09, @10:47AM PST (#67) The BIOS password is "schwasck". It's QNX, not Linux. You're welcome. By QNX he means the OS! PS - My good deed was posting this info here... Anyone want to return the favour and sell me a WebPlayer? PLEASE! top_mcse@hotmail.com ~mw Using Napster, Scour, imesh and hacked WSP <- Going in my Civic! LET'S HACK !!! :} 11-10-2000 13:44:08

RE:Webplayer setup password crack? (modified 0 times) jwolfx Profile Uhmm... The BIOS password HAS been posted here. This thread is about the secondary password thing in the software. 11-10-2000 14:03:05

RE:Webplayer setup password crack? (modified 0 times) wiggles Profile jfolfx, I'll tell you what I know for a fact. (Or can pretty confidently assume.) Any challenge in the form of 90xx requires a response in the form of 65xx. This has been established beyond reasonable doubt. However, the rule or rules governing the last two digits is not clear. Initially, it seemed that for a given pair (such as 90 <-> 65) the sum of the last two tuples would equal a constant k. Watch. 9035 <-> 6534 34 + 35 = 69 9033 <-> 6536 33 + 36 = 69 According to this theory, 9059 would require a response of 6510. You're right in your assumption. But if that doesn't work, that means there's something wrong with the assumption regarding constant k. There must be some other rule governing the last two digits. Obviously, 9059 requires a response in the form of 65xx. But it requires a lucky guess, or more insight, to figure out what xx should be. I'm working on it. 11-10-2000 16:53:20

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile One more 568 -> 8168 11-10-2000 17:32:56

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile One more 1358 -> 8858 11-10-2000 17:53:34

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile One more 273 -> 7871 11-10-2000 18:07:15

RE:Webplayer setup password crack? (modified 0 times) Wuss912 Profile and another one 2915 - 414 11-10-2000 22:37:48

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile Actually that one is a reconfirmation from the first list at the top. (2914-415) 11-10-2000 22:50:39

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile More 336 -> 7808 More 570 -> 8166 11-11-2000 00:36:48

RE:Webplayer setup password crack? (modified 0 times) Dag2000 Profile | Email Okay, here's the list so far: Key -Pswd ____ ____ 9917-7516 9912-7512 9035-6534 9033-6536 3102-699 2928-401 2914-415 2304-9936 1358-8858 981-8451 977-8447 570-8166 568-8168 336-7808 273-7871 -Dag 11-11-2000 01:14:48

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile 2929 -> 400 11-11-2000 01:31:28

RE:Webplayer setup password crack? (modified 0 times) Randy Profile Question about this... Once you've inserted a matching pair and get to the setup screen, can you put in your own dialup phone number, login name, password, DNS numbers, etc.?? In other words, if I bust in there successfully, can I make it work with my Mindspring ISP??? Randy 11-11-2000 05:08:20

RE:Webplayer setup password crack? (modified 0 times) Quagmire Profile Isn't using any ISP the WHOLE point of this exercise to access the Virginconnect Software? If not, then what is the point? The "other" route is to just reconfigure the Bios, install another OS, and then use any ISP! 11-11-2000 10:59:39

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile Once we have a password generator we can play with all the variables and see if that can be done. I need a little help here in testing for passwords. I have generated lists for small sequences of keys and need to verify how much of the table is correct. If you get a key in the range listed then subtract it from the magic number to get the password. Let us know what works and what does not. 245 through 344 password = 8144 minus KEY Currently know working keys 273 & 336 537 through 636 password = 8736 minus KEY Currently know working keys 568 & 570 2882 through 2929 password = 3329 minus KEY Currently know working keys 2914,2928,2929 This one is not quit right in that it does not cover the complete one hundred range it should. At Keys 2880 and 2881 the generated passwords did not work. You can see what I am doing here and generate a formula around the other known key/password pairs. But the formula might also be password = magic_number PLUS KEY. So try that too. For the ones I am currently testing we have two keys in the same 100 range so I know it is MINUS. (Fn+Ctrl+F1 at the sign on screen) If I don't get a key in one of the ranges I am testing I just enter nothing until it gives me a key I want to test. Ok now, everyone start testing. 11-11-2000 11:01:37

RE:Webplayer setup password crack? (modified 0 times) wiggles Profile Turbo3's explanation is a little confusing, but on the right track. I will try and give a less mathematically challenging theory which I believe is also on the right track. For any given challenge ABxx, there is one and only one response CDxx. For all challenges in the form of ABxx, the response is in the form of CDxx. We have had all examples confirm this theory so far. I believe this theory to be true. The AB <-> CD tuple assignments may be based on an internal database. I see no pattern to it. Now the challenge is figuring out the last two digits. Earlier, I thought that the sum of the latter tuples from the challenge and the response equals some constant k. For some groups, this seems to be the case. 9035 6534 9033 6536 sum = 69 2928 0401 2914 0415 2915 0414 2929 0400 sum = 29 0568 8168 0570 8166 sum = 156 For some groups, this seems not to be the case. 9917 7516 9912 7512 0981 8451 0977 8447 For some instances, this is unknown. 3102 0699 2304 9936 1358 8858 0273 7871 0336 7808 So if you get a challenge in the form of 31xx, 23xx, 13xx, 02xx or 03xx, try to see if the last two tuples add up to a constant k. You can figure out k from the single instances above. Report back when you get results. I'm forming the opinion that this password system is just a convoluted piecewise function, with a different rule for the last tuples applying to each entry in the database. However, it appears that there is a finite (hopefully small) ruleset from which the rules are drawn, so as we figure out more instances, the rest will just fall in place. P.S. When I say 02xx or such, I mean 2xx. The leading zero is put in place for notational convenience. 11-11-2000 12:06:54

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile You see no pattern in AB <-> CD???? They always differ by 24 or 25 (if AB is less than CD then add 100) 90xx 65xx differ by 25 29xx 04xx differ by 25 105xx 81xx differ by 24 99xx 75xx differ by 24 109xx 84xx differ by 25 31xx 06xx differ by 25 123xx 99xx differ by 24 113xx 88xx differ by 25 102xx 78xx differ by 24 103xx 78xx differ by 25 This looks like a pattern to me. There are no examples that violate this rule. The reason it is either a difference of 24 or 25 is probably due to the value of xx. I was not giving any explaination. Just a list of key/password pairs (a way to generate them) to test. If you get a key in the range I list you subtract the key from the magic number and try it. Simple. We still need a lot more pairs to break the code. 11-11-2000 12:37:41

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile One more 9657 -> 7256 (ABxx-CDxx = 24xx) Bad news is key 2917 does not generate a good password using my above formula. I get these new passwords by subtracting 2400 from the key and if that does not work try 2401,2402,2403. But you can try subtracting any value in the 2400 to 2599 range. I am not trying to explain why this works. It just seems to based on the number of key/password pairs I have found in the last few days. We should not spend too much time on the final crack until we get more data. I want to see a lot more pairs listed here. Come on, get those webplayers out and start subtracting 2400 from every key you get. Let's crack this before the final count is in (should be easy given how that is going) wiggles: Do you have a webplayer? Can you help out here testing key/password pairs? 11-11-2000 12:53:10

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile One more 9246 -> 6843 (ABxx - CDxx = 24xx) 11-11-2000 13:27:36

RE:Webplayer setup password crack? (modified 0 times) Cespool Profile | Email Another key... 3003<->598 Boy, there are a lot of things to change in there. I was half tempted to change one of the directories to see if it would crash... but didn't. I'm still playing with it and don't want to risk not being able to change it back. Granted, I only have a few more days to play. 11-11-2000 13:29:06

RE:Webplayer setup password crack? (modified 0 times) Cespool Profile | Email One more key... 9050<->6519 11-11-2000 14:06:55

RE:Webplayer setup password crack? (modified 0 times) Cespool Profile | Email 2344<->9976 11-11-2000 14:36:03

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile Thanks Cespool: 9050 -> 6519 fits the magic number pattern for the three key/password pairs we have in this range: 9033 -> 6536 Sum to 15569 9035 -> 6534 Sum to 15569 9050 -> 6519 Sum to 15569 So if you get a key in the 90xx range try subtracting it from 15569 to get the password. 11-11-2000 14:59:11

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile One more 3477 -> 1076 11-11-2000 15:14:50

RE:Webplayer setup password crack? (modified 0 times) mwheeler Profile Another: 1329 -> 8927 11-11-2000 15:31:18

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile One more 1973 -> 9571 Thanks for joining in mwheeler. I am seeing a slight pattern in the magic numbers. Some seem to change by 40 or multiples of 40. Don't know what it all means. Just looking for patterns. Keep those numbers coming. 11-11-2000 15:47:01

RE:Webplayer setup password crack? (modified 0 times) mwheeler Profile Another: 8857 -> 6456 Turbo3's rule of subtracting 2400, then 2401, then 2402, then 2403 from the key seems to work pretty well. By my count this rule covers 11 of the 24 known pairs. 11-11-2000 15:53:57

RE:Webplayer setup password crack? (modified 0 times) mwheeler Profile Another: 8898 -> 6495 11-11-2000 16:18:26

RE:Webplayer setup password crack? (modified 0 times) mwheeler Profile Another: 2890 -> 391 (difference of 2501) 11-11-2000 16:27:11

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile Actually a difference of 2499. But a good find. Thanks. 2890 -> 391 11-11-2000 16:44:29

RE:Webplayer setup password crack? (modified 0 times) aetherion Profile Here are some, if you want em... 8988 -> 6589 24 -> 7624 11-11-2000 17:35:32

RE:Webplayer setup password crack? (modified 0 times) jayfive Profile 1357 -> 8859 works 11-11-2000 17:45:39

Rotating Code Crack - First half of the conversion !!! (modified 0 times) XenTriC Profile make a table starting from: 00-76 01-77 02-78 .. 23-99 24-00 <- Note: offset is always 24 !!! 25-01 .. 99-75 This row will be used to define the main value of the password. For example key is 90xx then pass will become 6600 but the number 3 and 4 or all numbers of the key will alter 6600 either up or downwards ! I am 100% sure that this is the first part of getting the conversion. I'm currently working on this alteration which has to depend on either the whole key size or a part of it... Right now I can't figure out the method it's using, it looks like it's randomly altered but I'll keep you guys posted ! As soon as I've figured it out I'll write a program that will convert for you ! XenTriC 11-11-2000 17:49:01

RE:Webplayer setup password crack? (modified 0 times) mwheeler Profile Another: 3914 -> 1415 (difference 2499) 11-11-2000 19:18:59

RE:Webplayer setup password crack? (modified 0 times) mwheeler Profile Another: 2105 - > 9703 11-11-2000 19:36:26

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile One more 9230 -> 6859 (difference 2371) This one is interesting in that it breaks the 24xx 25xx rule. I got the password by using my magic number rule for a near by pair we already knew. 9246 -> 6843 which gave me the magic number 16089 11-11-2000 22:12:27

RE:Webplayer setup password crack? (modified 0 times) mwheeler Profile So, my list of currently known "Magic Numbers" is: 3329 (for keys between 2914 and 2929) 8144 (for keys between 273 and 336) 8736 (for keys between 568 and 570) 10216 (for keys between 1357 and 1358) 15669 (for keys between 9033 and 9050) 16089 (for keys between 9230 and 9246) A magic number being the sum of the key and the answer. Why is it we have a nearly 5,000 number gap between known answers for keys (from 3914 to 8857)? The numbers in this range apparently follow a different rule thn we are familiar with because no one has guessed a good answer for this half of the keys, and yet we have 33 answers for the other half of the keys... 11-11-2000 23:34:53

RE:Webplayer setup password crack? (modified 0 times) moose_hacker Profile | Email Another pair: 3307 --> 0806. This is based on the first 2 digits of the answer being 25 less than the prompt, and the last 2 digits being one less than the prompt. 11-12-2000 07:51:29

RE:Webplayer setup password crack? (modified 0 times) moose_hacker Profile | Email 3637 <-> 0806 11-12-2000 08:21:47

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile moose_hacker: Please explain your last post. Looks like you are saying two different keys have the same password. What do the two arrows mean? "3637 <-> 0806" 11-12-2000 10:03:35

RE:Webplayer setup password crack? (modified 0 times) Turbo3 Profile One more 2109 -> 9707 11-12-2000 14:36:59

RE:Webplayer setup password crack? (modified 0 times) XenTriC Profile recompiled list: key + pass = value 0024 -> 7624 = 7648 0273 -> 7871 = 8144 0336 -> 7808 = 8144 0568 -> 8168 = 8736 0570 -> 8166 = 8736 0977 -> 8447 = 9424 0981 -> 8451 = 9432 1329 -> 8927 = 10256 1357 -> 8859 = 10216 1358 -> 8858 = 10216 1973 -> 9571 = 11544 2105 -> 9703 = 11808 2109 -> 9707 = 11816 2304 -> 9936 = 12240 2890 -> 0391 = 3281 2914 -> 0415 = 3329 2915 -> 0414 = 3329 2928 -> 0401 = 3329 2929 -> 0400 = 3329 3003 -> 0598 = 3601 3102 -> 0699 = 3801 3477 -> 1076 = 4553 3914 -> 1415 = 5329 8898 -> 6495 = 15393 8988 -> 6589 = 15577 9033 -> 6536 = 15569 9035 -> 6534 = 15569 9050 -> 6519 = 15569 9230 -> 6859 = 16089 9246 -> 6843 = 16089 9657 -> 7256 = 16913 9912 -> 7512 = 17424 9917 -> 7516 = 17433 11-12-2000 16:40:48

RE:Webplayer setup password crack? (modified 0 times) aetherion Profile just another one btw, Excel is a great way to track these codes for those who don't already.... 3513 -> 1112 11-12-2000 17:42:29

RE:Webplayer setup password crack? (modified 0 times) wiggles Profile Today, I played around with a mathematics package for a while, in trying to make sense of the dataset. I can confidently say that the solution involves modding the challenge by one or more unknown constants, and using the results in some way to acquire the response. It's not a simple matter of multiplying, adding, subtracting, or otherwise playing around with one or more integers from the challenge. I can confidently say this because a number of independent linear equation systems based on the dataset that we have provide inconsistent results. Since the entire system is integral (based on integers) the only operation I can think of, that is integral, but not captured by linear equation systems, is the mod operation. Linear equations capture multiplication, division, addition and subtraction. As a quick reminder, mod is the same thing as remainder. 13 % 4 = 1 because 13 = (4 * 3) + 1 11-12-2000 22:46:48

RE:Webplayer setup password crack? (modified 0 times) mwheeler Profile Another: 9533 -> 7132 11-13-2000 00:01:23

RE:Webplayer setup password crack? (modified 0 times) Dag2000 Profile | Email here's smore 2617 -> 216 2325 -> 9923 9914 -> 7511 also confirming: 9657 -> 7256 Dag 11-13-2000 00:17:29

RE:Webplayer setup password crack? (modified 0 times) mwheeler Profile A few more: 9273 -> 6872 189 -> 7787 656 -> 8256 11-13-2000 00:47:36

RE:Webplayer setup password crack? (modified 0 times) thewyz Profile | Email Another: 1330 -> 8926 Once I'm in, has anyone determined which of the IDs, passwords and other settings will allow connection to arbitrary ISPs? wyz 11-13-2000 07:10:23

RE:Webplayer setup password crack? (modified 0 times) moose_hacker Profile | Email Turbo3: Sorry about that. It's just a typo. 3637 -> 1248 11-13-2000 08:03:05

RE:Webplayer setup password crack? (modified 0 times) XenTriC Profile Recompiled list: key -> pass ... (shifted tupple assignment) + (formula depending on key) = pass 0024 -> 7624 where 00xx becomes 7600 and some formula depending on key adds 24 0189 -> 7787 where 01xx becomes 7700 and some formula depending on key adds 87 0273 -> 7871 where 02xx becomes 7800 and some formula depending on key adds 71 0336 -> 7808 where 03xx becomes 7900 and some formula depending on key adds -92 0568 -> 8168 where 05xx becomes 8100 and some formula depending on key adds 68 0570 -> 8166 where 05xx becomes 8100 and some formula depending on key adds 66 0656 -> 8256 where 06xx becomes 8200 and some formula depending on key adds 56 0977 -> 8447 where 09xx becomes 8500 and some formula depending on key adds -53 0981 -> 8451 where 09xx becomes 8500 and some formula depending on key adds -49 1329 -> 8927 where 13xx becomes 8900 and some formula depending on key adds 27 1330 -> 8926 where 13xx becomes 8900 and some formula depending on key adds 26 1357 -> 8859 where 13xx becomes 8900 and some formula depending on key adds -41 1358 -> 8858 where 13xx becomes 8900 and some formula depending on key adds -42 1973 -> 9571 where 19xx becomes 9500 and some formula depending on key adds 71 2105 -> 9703 where 21xx becomes 9700 and some formula depending on key adds 3 2109 -> 9707 where 21xx becomes 9700 and some formula depending on key adds 7 2304 -> 9936 where 23xx becomes 9900 and some formula depending on key adds 36 2325 -> 9923 where 23xx becomes 9900 and some formula depending on key adds 23 2344 -> 9976 where 23xx becomes 9900 and some formula depending on key adds 76 2617 -> 0216 where 26xx becomes 0200 and some formula depending on key adds 16 2890 -> 0391 where 28xx becomes 0400 and some formula depending on key adds -9 2914 -> 0415 where 29xx becomes 0500 and some formula depending on key adds -85 2915 -> 0414 where 29xx becomes 0500 and some formula depending on key adds -86 2928 -> 0401 where 29xx becomes 0500 and some formula depending on key adds -99 2929 -> 0400 where 29xx becomes 0500 and some formula depending on key adds -100 3003 -> 0598 where 30xx becomes 0600 and some formula depending on key adds -2 3102 -> 0699 where 31xx becomes 0700 and some formula depending on key adds -1 3477 -> 1076 where 34xx becomes 1000 and some formula depending on key adds 76 3513 -> 1112 where 35xx becomes 1100 and some formula depending on key adds 12 3914 -> 1415 where 39xx becomes 1500 and some formula depending on key adds -85 8898 -> 6495 where 88xx becomes 6400 and some formula depending on key adds 95 8988 -> 6589 where 89xx becomes 6500 and some formula depending on key adds 89 9033 -> 6536 where 90xx becomes 6600 and some formula depending on key adds -64 9035 -> 6534 where 90xx becomes 6600 and some formula depending on key adds -66 9050 -> 6519 where 90xx becomes 6600 and some formula depending on key adds -81 9230 -> 6859 where 92xx becomes 6900 and some formula depending on key adds -41 9246 -> 6843 where 92xx becomes 6900 and some formula depending on key adds -57 9273 -> 6872 where 92xx becomes 6900 and some formula depending on key adds -28 9533 -> 7132 where 95xx becomes 7100 and some formula depending on key adds 32 9657 -> 7256 where 96xx becomes 7200 and some formula depending on key adds 56 9912 -> 7512 where 99xx becomes 7500 and some formula depending on key adds 12 9914 -> 7511 where 99xx becomes 7500 and some formula depending on key adds 11 9917 -> 7516 where 99xx becomes 7500 and some formula depending on key adds 16 It doesn't have to be that 99xx becomes 7500 it can also become 75xx or even the re-assigned tupples can shift at a certain point like 9950 becomes 7600 while 9949 becomes 7500... This is just theoretical ! But it seems to in the right direction ! So, when someone finds the connection between the key and the number to add we have a winner ! XenTriC 11-13-2000 08:54:45

RE:Webplayer setup password crack? (modified 0 times) XenTriC Profile And as Wiggles noted, the formula seems to be based on integer calculations so it can only use these alteration forms: add subtract (which is adding a negative) multipy mod (as explained by wiggles) but I would also like to add that an overflow could be used to determine sign ! so if 4 spaces are reserved, 9999+0024=10023 which could be read as -0023 so 4 spaces for number with one for sign. 11-13-2000 09:00:18

RE:Webplayer setup password crack? (modified 0 times) thewyz Profile | Email Another : 2102 -> 9698 11-13-2000 09:22:42

RE:Webplayer setup password crack? (modified 0 times) XenTriC Profile Note: I'm using an offset of 25 now (29xx -> 0400 + value = pass) so that all additions are positive. key -> pass ... (shifted tuple assignment) + (formula depending on key) = pass 2929 -> 0400 where 29xx becomes 0400 and some formula depending on key adds 0 2928 -> 0401 where 29xx becomes 0400 and some formula depending on key adds 1 0336 -> 7808 where 03xx becomes 7800 and some formula depending on key adds 8 2915 -> 0414 where 29xx becomes 0400 and some formula depending on key adds 14 2914 -> 0415 where 29xx becomes 0400 and some formula depending on key adds 15 3914 -> 1415 where 39xx becomes 1400 and some formula depending on key adds 15 9050 -> 6519 where 90xx becomes 6500 and some formula depending on key adds 19 9035 -> 6534 where 90xx becomes 6500 and some formula depending on key adds 34 9033 -> 6536 where 90xx becomes 6500 and some formula depending on key adds 36 9246 -> 6843 where 92xx becomes 6800 and some formula depending on key adds 43 0977 -> 8447 where 09xx becomes 8400 and some formula depending on key adds 47 0981 -> 8451 where 09xx becomes 8400 and some formula depending on key adds 51 1358 -> 8858 where 13xx becomes 8800 and some formula depending on key adds 58 1357 -> 8859 where 13xx becomes 8800 and some formula depending on key adds 59 9230 -> 6859 where 92xx becomes 6800 and some formula depending on key adds 59 9273 -> 6872 where 92xx becomes 6800 and some formula depending on key adds 72 2890 -> 0391 where 28xx becomes 0300 and some formula depending on key adds 91 2102 -> 9698 where 21xx becomes 9600 and some formula depending on key adds 98 3003 -> 0598 where 30xx becomes 0500 and some formula depending on key adds 98 3102 -> 0699 where 31xx becomes 0600 and some formula depending on key adds 99 2105 -> 9703 where 21xx becomes 9600 and some formula depending on key adds 103 2109 -> 9707 where 21xx becomes 9600 and some formula depending on key adds 107 9914 -> 7511 where 99xx becomes 7400 and some formula depending on key adds 111 3513 -> 1112 where 35xx becomes 1000 and some formula depending on key adds 112 9912 -> 7512 where 99xx becomes 7400 and some formula depending on key adds 112 2617 -> 0216 where 26xx becomes 0100 and some formula depending on key adds 116 9917 -> 7516 where 99xx becomes 7400 and some formula depending on key adds 116 2325 -> 9923 where 23xx becomes 9800 and some formula depending on key adds 123 0024 -> 7624 where 00xx becomes 7500 and some formula depending on key adds 124 1330 -> 8926 where 13xx becomes 8800 and some formula depending on key adds 126 1329 -> 8927 where 13xx becomes 8800 and some formula depending on key adds 127 9533 -> 7132 where 95xx becomes 7000 and some formula depending on key adds 132 2304 -> 9936 where 23xx becomes 9800 and some formula depending on key adds 136 0656 -> 8256 where 06xx becomes 8100 and some formula depending on key adds 156 9657 -> 7256 where 96xx becomes 7100 and some formula depending on key adds 156 0570 -> 8166 where 05xx becomes 8000 and some formula depending on key adds 166 0568 -> 8168 where 05xx becomes 8000 and some formula depending on key adds 168 0273 -> 7871 where 02xx becomes 7700 and some formula depending on key adds 171 1973 -> 9571 where 19xx becomes 9400 and some formula depending on key adds 171 2344 -> 9976 where 23xx becomes 9800 and some formula depending on key adds 176 3477 -> 1076 where 34xx becomes 0900 and some formula depending on key adds 176 0189 -> 7787 where 01xx becomes 7600 and some formula depending on key adds 187 8988 -> 6589 where 89xx becomes 6400 and some formula depending on key adds 189 8898 -> 6495 where 88xx becomes 6300 and some formula depending on key adds 195 Some interesting pairs: There has to be a clue in these pairs as some of them don't have the same last digits but others do... 2914 -> 0415 where 29xx becomes 0400 and some formula depending on key adds 15 3914 -> 1415 where 39xx becomes 1400 and some formula depending on key adds 15 1357 -> 8859 where 13xx becomes 8800 and some formula depending on key adds 59 9230 -> 6859 where 92xx becomes 6800 and some formula depending on key adds 59 2102 -> 9698 where 21xx becomes 9600 and some formula depending on key adds 98 3003 -> 0598 where 30xx becomes 0500 and some formula depending on key adds 98 3513 -> 1112 where 35xx becomes 1000 and some formula depending on key adds 112 9912 -> 7512 where 99xx becomes 7400 and some formula depending on key adds 112 2617 -> 0216 where 26xx becomes 0100 and some formula depending on key adds 116 9917 -> 7516 where 99xx becomes 7400 and some formula depending on key adds 116 0656 -> 8256 where 06xx becomes 8100 and some formula depending on key adds 156 9657 -> 7256 where 96xx becomes 7100 and some formula depending on key adds 156 0273 -> 7871 where 02xx becomes 7700 and some formula depending on key adds 171 1973 -> 9571 where 19xx becomes 9400 and some formula depending on key adds 171 2344 -> 9976 where 23xx becomes 9800 and some formula depending on key adds 176 3477 -> 1076 where 34xx becomes 0900 and some formula depending on key adds 176 11-13-2000 13:23:32

RE:Webplayer setup password crack? (modified 0 times) XenTriC Profile Since I don't have Webplayer but just do this for the kick I need the following info: Did anyone of you get a key challenge between 4000 and 8000 ? I only need to know if you've seen em for my own analysis. I think it's weird that in a list as long as we have now, there are still no entries between these values. Not even a single one ! Damn, maybe i'll post a list with know numbers on a math-newsgroup because I'm sure this one can be cracked. I'm just not math-oriented enough to see hints that will lead to the crack. For example, there's something with 2929 wich has a round pass of 0400. And what about all the numbers that have the same addition to the basic "offset 25 rule" !? 2914 will lead to 0400 and when we add 15 we get pass 0415. 3914 will lead to 1400 and when we add 15 we get pass 1415. but 2344 will lead to 9800 and when we add 176 we get pass 9976. 3477 will lead to 0900 and when we add 176 we get pass 1076... An experienced "math freak" will probably see a pattern or clue in pairs like these. I can only use a trial&error method on these pairs, which i'll have to check on some other pairs out of the list. So, just for diagnostics and analysis, DID ANYONE GET CHALLENGES WITHIN THE 4000-8000 RANGE ??? 11-13-2000 15:44:37

RE:Webplayer setup password crack? (modified 0 times) moose_hacker Profile | Email I've gotten key's in the 4000 - 8000 range. I have not been able to guess the correct password though. Another pair : 3151 -> 650 11-13-2000 16:58:25

RE:Webplayer setup password crack? (modified 0 times) wiggles Profile XenTriC, Don't waste your time posting this to a math newsgroup. This is not a very mathematical problem. That is to say, real mathematicians deal with symbols, theorems, and similar high-level concepts. Childish number games are of little interest to them. You would have more luck appealing to recreational mathematics (puzzle) newsgroups. Or perhaps cryptanalysis newsgroups. I'm still reviewing the dataset myself. 11-13-2000 19:33:11

RE:Webplayer setup password crack? (modified 0 times) mwheeler Profile Another: 1465 -> 9062 11-13-2000 23:04:00

RE:Webplayer setup password crack? (modified 0 times) mwheeler Profile Here is a pattern that holds up if the last solution I posted is actually 1465 -> 9063 (instead of 9062). It is possible I was mistaken about the answer: The modulus (remainder) of the key divided by 4 is zero if the difference between key and answer is 2400 (4 cases) The modulus of the key divided by 4 is 1 if the difference between key and answer is 2401 or 2402 (16 cases) The modulus of the key divided by 4 is 2 if the difference between key and answer is 2403 or 2404 (7 cases) The modulus of the key divided by 4 is 3 if the difference between key and answer is 2405 (1 case) The modulus of the key divided by 4 is 1 if the difference between key and answer is 2497 or 2498 (2 cases) The modulus of the key divided by 4 is 2 if the difference between key and answer is 2499 or 2500 (4 cases) The modulus of the key divided by 4 is 3 if the difference between key and answer is 2501 (3 cases) I am not sure what the significance of this is, but it definitely seems to be a pattern. 11-13-2000 23:37:10

RE:Webplayer setup password crack? (modified 0 times) mwheeler Profile Here are four more using the pattern described above: 1743 -> 9241 2740 -> 341 8241 -> 5840 3529 -> 1032 Here is the clearest summary of my formula I've come up with thus far... Divide the key by 4. If it ends in .0 subtract 2399, 2400, 2495, and 2496 from the key. These four differences are the answers to try. If it ends in .25 subtract 2401, 2402, 2497, and 2498 from the key. If it ends in .5 subtract 2403, 2404, 2499, and 2500 from the key. If it ends in .75 subtract 2405, 2406, 2501, and 2502 from the key. This seems to greatly increase the number of answers you will find (but it still hits conssiderably less than half the time), at least compared to my old method of subtracting 2400, 2401, 2402, and 2403 from the key. I never would have found three out of the four answers above using that technique. 11-14-2000 00:12:48

RE:Webplayer setup password crack? (modified 0 times) Dag2000 Profile | Email 3353 - 952 845 - 8347 11-14-2000 00:27:02

RE:Webplayer setup password crack? (modified 0 times) XenTriC Profile Yeah, wiggles you're right ! Recreational mathematics or puzzle newsgroups would probably have more people who would want to tackle a problem like this... thanks for the tip. 11-14-2000 06:04:55

RE:Webplayer setup password crack? (modified 0 times) cguy8 Profile Found another one 2244->9748 11-14-2000 08:46:03

RE:Webplayer setup password crack? (modified 0 times) Datoyminaytah Profile I notice the numbers "wrap" at 10000, e.g. "24 -> 7624" 24 minus 2400 is -2376, and 10000 minus 2376 is 7624. 11-14-2000 10:04:55

RE:Webplayer setup password crack? (modified 0 times) neon96rt Profile Here's one for you guys 2332 -> 9932 Thanks everyone!! Keep it up 11-14-2000 12:18:29

RE:Webplayer setup password crack? (modified 0 times) Programmer Profile Series 29## seems fairly easy 29XX -> AABB 129 - 25 = AA XX - 29 = -1(BB) Other combinations appear to be similar; but not all of them 11-14-2000 14:19:11

RE:Webplayer setup password crack? (modified 0 times) Programmer Profile Series 90## is another one 90XX -> AABB 190 - 25 = AA XX - 69 = -1(BB) 11-14-2000 14:39:22

RE:Webplayer setup password crack? (modified 0 times) Randy Profile Randy's Rules for Finding Virgin Websurfer Passwords This method will result in a list of Password possibilities. These guidelines are preferable to having no heuristics at all, but hopefully someone will soon unlock the formula that will yield the one working Password for each Key. Until that formula is found, here are the guidelines for identifying a list of possible Passwords for each Key: First, note whether the Key is greater than or less than 2500. If the Key is less than 2500, use method "A" below. If the Key is 2500 or greater, use method "B" below. Method A (for Keys less than 2500): 1) Note whether the Key is less than "1000". If so, consider "0" (zero) to be the first digit of the Key, converting it to a four-digit Key. If the Key is equal to 1000 or more, then no such alteration is needed since it is already four digits. (As an example, if the Key is "334", then consider the Key as "0334". As another example, if the Key is "989", then consider the Key as "0989".) 2) Next, add 10,000 to the Key number, making it a five digit Key. (Example, if the Key is "0334", then the new Key is "10334". Another example, if the Key is "2112", then the new Key is "12112".) 3) Note the first three digits of the Key, and subtract 24 from that. This yields possibility #1 for the first two digits of the Password. Second, subtract 25 from the first three digits of the Key, which yields possibility #2 for the first two digits of the Password. (Example, if the Key is "10334", then possibility #1 for the first two Password digits is "79" since 103 minus 24 equals 79. Possibility #2 for the first two Password digits is "78" since 103 minus 25 equals 78. In this example, all 26 passwords will begin with either "78xx" or "79xx".) 4) Now consider the last two digits of the Key. Those two digits are possibility #1 of the last two digits of the Password. Next, to find the remaining possibilities, add and subtract the following list of numbers to the last two digits of the Key: 1, 2, 3, 4, 27, 28, 29, 30, 31, 95, 96, and 97. Note that anything yielding a number less than zero ("00") or greater than 99 ("99") can be discarded. (So, for example, if the last two digits of the Key are "50", then the list of possibilities for the last two digits of the Password are: 50, 49, 51, 48, 52, 47, 53, 46, 54, 23, 77, 22, 78, 21, 79, 20, 80, 19, and 81. Remember that you don't add or subtract 95, 96, or 97 to "50" in this example because that would result in possibilities less than zero or greater than 99.) Method B (for Keys equal to or greater than 2500): 1) Note the first two digits of the Key, and subtract 24 from that. This yields possibility #1 for the first two digits of the Password. Second, subtract 25 from the first two digits of the Key, which yields possibility #2 for the first two digits of the Password. (Example, if the Key is "3914", then possibility #1 for the first two Password digits is "15" since 39 minus 24 equals 15. Possibility #2 for the first two Password digits is "14" since 39 minus 25 equals 14. In this example, all 26 passwords will begin with either "14xx" or "15xx".) 2) Now consider the last two digits of the Key. Those two digits are possibility #1 of the last two digits of the Password. Next, to find the remaining possibilities, add and subtract the following list of numbers to the last two digits of the Key: 1, 2, 3, 4, 27, 28, 29, 30, 31, 95, 96, and 97. Note that anything yielding a number less than zero ("00") or greater than 99 ("99") can be discarded. (So, for example, if the last two digits of the Key are "50", then the list of possibilities for the last two digits of the Password are: 50, 49, 51, 48, 52, 47, 53, 46, 54, 23, 77, 22, 78, 21, 79, 20, 80, 19, and 81. Remember that you don't add or subtract 95, 96, or 97 to "50" in this example because that would result in possibilities less than zero or greater than 99.) That's it. I feel confident regarding these guidelines, but of course anything is fallible, so keep us all posted. Randy 11-14-2000 21:32:25

RE:Webplayer setup password crack? (modified 0 times) Randy Profile Oops, I meant "Virgin Webplayer." Wtf is a "Virgin Websurfer" I have no idea. Randy 11-14-2000 21:33:38

RE:Webplayer setup password crack? (modified 0 times) mwheeler Profile Here are ten more pairs I found in less than thirty minutes using my above formula. I have a spreadsheet setup on my Mac to figure out the numbers automatically. 1088 -> 8592 3274 -> 775 199 -> 7697 1943 -> 9537 839 -> 8337 8734 -> 6331 1338 -> 8934 3685 -> 1188 8430 -> 5931 2244 -> 9748 This formula seems to hit more than one third of the time for numbers in our known range. I suspect, but have not tested that adding eight (or a multiple of eight) to each of the numbers to be subtracted will hit for where the numbers I'm using are missing. 11-14-2000 22:28:10

RE:Webplayer setup password crack? (modified 0 times) Randy Profile Here's one: 8254 -> 5851 11-14-2000 22:49:05

RE:Webplayer setup password crack? (modified 0 times) claymon Profile | Email Another: 3907 -> 1406 11-14-2000 23:36:51

RE:Webplayer setup password crack? (modified 0 times) Randy Profile One more: 9657 -> 7256 11-14-2000 23:38:22

RE:Webplayer setup password crack? (modified 0 times) claymon Profile | Email another: 3044 -> 549 11-15-2000 00:04:56

RE:Webplayer setup password crack? (modified 0 times) mwheeler Profile Here are ten more: 8483 -> 6110 (diff. 2373) 935 -> 8561 (diff. 2374) 2208 -> 9840 (diff. 2368) 8738 -> 6367 (diff. 2371) 3727 -> 1354 (diff. 2373) 1282 -> 8910 (diff. 2372) 1656 -> 9128 (diff. 2528) 8818 -> 6287 (diff. 2531) 3073 -> 704 (diff. 2369) 2681 -> 152 (diff. 2529) I used my formula described yesterday but subtracted an additional 32 for answers in the range of a difference of 2400, and added 32 for answers in the range of a difference of 2500. There are fewer in the 2532 range because I didn't not hit upon that until I had five of the other sort solved. This took about 20 minutes to get these ten results. It would go a lot faster if the web player were not so slow and it would stop giving me keys in the 4000-8000 range. 11-15-2000 00:27:26

RE:Webplayer setup password crack? (modified 0 times) Dag2000 Profile | Email here's a few more: 8549 - 6052 2743 - 338 1685 - 9283 11-15-2000 00:59:35

RE:Webplayer setup password crack? (modified 0 times) Dag2000 Profile | Email and two more 8557 - 6006 8594 - 6191 11-15-2000 01:13:23

HERE IS THE CRACK !!!!! (modified 0 times) XenTriC Profile here it is for all of you... Note, some numbers will cause an overflow in the generator but it works for allmost all numbers. There are 3 faulty pairs in the big thread which all seem typos. So give it a try ! Source in TurboPascal and C is included as is the executable. Special thanks go out to Luc Kumps from Belgium who figured out the method ! Download here: http://users.raketnet.nl/dunix/wpcrack.zip 11-16-2000 12:54:54

RE:Webplayer setup password crack? (modified 0 times) jeremyhall Profile Until all pairs are working with the generator, I suggest we still place known combinations here. That way people who are working on their own sollutions will have more data to work with. XenTriC: Please keep verifying the new codes people post here against the results of your program. If you keep checking known pairs against as well as the invalid pairs that are being posted on the alternate thread, you will get a fully working set in about half the time. Here is another one: 9981->7452 11-17-2000 09:10:38

RE:Webplayer setup password crack? (modified 0 times) koaptec Profile | Email Thanks everyone! one more: 2581 -> 0180 12-01-2000 17:22:04

RE:Webplayer setup password crack? (modified 0 times) koaptec Profile | Email One more! 2886 -> 0387 12-04-2000 11:30:11

RE:Webplayer setup password crack? (modified 0 times) pappy Profile | Email For all who haven't seen...... http://virgin.scriptmania.com/ 12-27-2000 13:27:24

RE:Webplayer setup password crack? (modified 0 times) Haxx Profile We have what is supposedly the definitive key/password generator for the Webplayer's setup screen. It should crack any key thrown at it. HackAble.com's Webplayer key/password generator Haxx, HackAbles.com 01-09-2001 10:51:15

Reply to Thread | Printer | All times are PST Powered by UltraBoard v1.62

I-Appliance BBS General - NEWS, Breaking NEWS - linux-hacker.net BBS on CD Questions - User Groups in Your Town - E-Bay, Yahoo Auction LINKS ONLY (MODERATED) - Jokes & Humor - usdtv box I-Opener Areas - I-Opener General Posts - I-Opener Technical Stuff - I-Opener Technical Info Reference (MODERATED) WebSurfer Areas - WebSurfer General Posts - WebSurfer Technical Stuff - WebSurfer Technical Info Reference (MODERATED) Other I-Appliances - Virgin Webplayer - WebPal - MailStation - 3Com Audrey - ThinkNIC / Oracle NIC - Gateway/AOL Connected Touch Pad - Philips/AOL-TV - ACER NT-150 STB - MSN Companion - Compaq IA - Emachines IA - IBM NetVista IA - Intel dot.station - MSNTV2 Network Computers - Fujitsu-Siemens Scovery Linux Net Computers - GallantWeb Server Consoles - Dreamcast - xbox hacking Web Pads - Epods One General Post - Panasonic CF-01 - Fujitsu Stylistic 1200 - Cybiko Thin Clients - Thin Clients DigitalVideoRecorders - DTV Recorders, Replay, TiVo, Etc... - Tivo Hacks Linux - Midori Linux General Board - ITX MotherBoards Single Board Computers - Earth Computers mARMalade Elite Member Area MISC Areas - The Swap Meet WE TAKE NO RESPONSIBILITY FOR ANY TRANSACTION HERE AND NO COMMERCIAL POST PERIOD !!! - Wireless Net - Cameras - Robotics - Routers/Gateways - Mattel JuiceBox