Friday, April 24, 2009

Tales of hacker tools Vol 1: View Source

5am and I can't sleep. I am obsessed with "Alternate Reality Games" or ARGs. I started with Majestic from EA and I was hooked from there. With the upcoming Terminator: Salvation, it seems WB thought that an ARG would be a good way to promote the upcoming movie.

There are two sites (that I have found so far): Skynet Research and Resist or be Terminated. Both are funny videos to watch and accept user created submissions. On the Resist site you can sign up and play a simulator that lets you collect resources, build military units, and attack other players. Since I love all three of those things, it seemed like a win-win. The problem is, for a detail-oriented person, the documentations on gameplay is...well there is none.

I decided to use the very dangerous but time honored hacking technique of "View Source". This technique is not for rookies and I am sure it must violate some international law, but I am a maverick and I really want to win this game. Here is what I found:


Medieval game? An empire? Galava? MUD?!?! What does this have to do with John Connor and his plucky band of resistance fighters and their battle with Oba^H^H^HSkynet? Using another hidden hacker tool, Google, will lead you to a new site. Although the names have been changed, the basic layout of this game is the same as the Terminator game. Even better, they have documentation and forums. What works in the Galava game also works in the Terminator game. Armed with this information my performance has spiked in the last 2 hours.

The moral of this story is beware of hacker tools like "View Source" and "Google". They could give unauthenticated, 3rd party attackers insight into your application design, and can cause unexpected results.

4 comments:

Anonymous said...

"cause unexpected results"

You mean, like productivity?

Robert Graham said...

Didn't you base64 decode the "verify-1" parameter? What did it say? I'd do it myself, but I don't want to type in all those characters.

Rafal aka "Raf" said...

"View Source" as a "hacker technique"... only on the web.

David Maynor said...

@Raf

It seems sarcasm is lost on some people as pretty much the entire post was a joke.