Monday, July 9, 2012

Solution for bright-shadows.net : JavaScript - Hard but possible.

Solution for Bright-Shadows.net : JavaScript - Hard but possible.

This is the link to the original challenge: http://bright-shadows.net/challenges/levelj4/index.php

However, you will need to register before you can make an attempt to solve this. 

Quest:
Only input a valid username and you will get to the solution page.


As this is the easiest one, let's just do a quick "view-source" and we can quickly spot the following Javascript.

<script type="text/javascript">
  function testEncode(form){
    input_user = document.formular.user.value;
    if (input_user == "thebestoneisthis") {
        window.location.href="thebestoneisthis.php";
    }else{
        window.location.href=input_user +".php";
    }
}
</script>

As we can see, it is trying to validate whether our input value matches "thebestoneisthis"

You see "thebestoneisthis" and that's the password.

That's pretty easy for everyone to understand. :D


Cheers
0x4A61636F62

No comments:

Post a Comment