Solution for Bright-Shadows.net : JavaScript - Easy script
This is the link to the original challenge: http://www.bright-shadows.net/challenges/scripts/js5/index.php
However, you will need to register before you can make an attempt to solve this.
However, you will need to register before you can make an attempt to solve this.
Quest:
Please enter your username!
As this is the easiest one, let's just do a quick "view-source" and we can quickly spot the following Javascript.
<script type="text/javascript"> function check() { pass = unescape('%44%61%67%6F%62%65%72%74%20%44%75%63%6B'); solution = pass.substr(0,8)+pass.substring(9,13)+pass.substring(8,9); passwd = document.formular.user.value; if (passwd == solution) { window.location.href=solution+".php"; } else { alert("False!!!"); } } </script>
As we can see, it is trying to validate our input value against solution whereby solution is extracted from pass.
A simple solution to this is simply to place an alert right after the following:
A simple solution to this is simply to place an alert right after the following:
passwd = document.formular.user.value;
alert(solution);
and before the following:
if (passwd == solution) {
You see "DagobertDuck " and that's the password. Please be reminded that there is a "space" in the end of the password.
That's pretty easy for everyone to understand. :D
Cheers
0x4A61636F62
No comments:
Post a Comment