diff --git a/revolabs-flx_uc_1000/README.md b/revolabs-flx_uc_1000/README.md
index 7f893c6..031c03c 100644
--- a/revolabs-flx_uc_1000/README.md
+++ b/revolabs-flx_uc_1000/README.md
@@ -4,6 +4,14 @@ found this device in a conference room, found the IP from an unauthenticated men
 
 ## story time
 
+from the page that loaded when you first hit http://<device>, i noticed `app.js`
+
+in it, i found:
+```json
+ sys.password:
+  - defaultVal: "7386",
+  - pattern: /^(\d{4,})$/,
+```
 
 
 ## tools
diff --git a/revolabs-flx_uc_1000/bf_login.rb b/revolabs-flx_uc_1000/bf_login.rb
index f8848fa..6bf7d10 100644
--- a/revolabs-flx_uc_1000/bf_login.rb
+++ b/revolabs-flx_uc_1000/bf_login.rb
@@ -1,12 +1,5 @@
 #!/usr/bin/env ruby
 ## bf_login.rb - brute force the login for the revolabs flx UC 1000
-#
-# http://<device>/app/app.js exposes:
-# sys.password:
-#  - defaultVal: "7386",
-#  - pattern: /^(\d{4,})$/,
-#
-# so when the default works, we only have to try 9998 other possibilities
 
 require 'json'
 require 'net/http'