hacking ganux

Ganux simulates a linux terminal through a browser. According to the author: “I have changed it into a hacking-game. The objective of this game is to gain root of this “machine”. I can assure you that this’s not easy! A surprise will be given to those who can hack into it!”

So this is a minimum operating system running on the browser– quite interesting. I spent some time to look into the javascript code to find the secret there. Apparently it’s not difficult– basically it uses javascript to encrypt the passwords. We just need to get the password file (that’s easy if you understand the code) — the file is in unix password format and encrypted using crypt(3) algorithm. Then use a password cracker such as John the Ripper to crack the root password– that may need several days or longer depends on your machine speed and dictionary size.

The author of Ganux is also the authour of the open source PHP gmail lib, a very useful library– combining ganux and gmail will be cool– imagine we have an OS running on the web browsers and the underlying file sytem is using GMail as the storage…

About: mmpower

Software Architect & Soccer Fan 黑超白袜 = IT 民工 + 摇滚大叔

Leave a Reply

Your email address will not be published. Required fields are marked *