What is it? @.@

Here is the place where I record some tactics about wargame, systems, and other security issues.

2012-10-29

Bright Shadows - JavaScript 2: "Often used but easy to solve."

Description:

Get it!

Solution:

  1. When we enter this challenge, it will pop up an alert page like below to require us to enter the password.
  2. Since we don't know the password, left the password field empty and click the 'OK' button. Now , we get another popup page as a hint like below.
  3. Okay, what we only need to do is to disable the javascript!
  4. After getting rid of the annoying popup alert message, view page source code and find the JavaScript part like below.
    <script type="text/javascript">
    function password () {
    var d1, d2, d3, d4, d5, input;
    d1=window.document.bgColor;
    d2=window.document.linkColor;
    d3=d1.substring (1,5)+d2.substring (1,3);
    d4=d3.toUpperCase ();
    input=prompt("Password:","");
    if (input!=d3 && input!=d4) {
    alert("Are you crazy? Thats so easy!");
    window.location.href="/hackchallenge.php";
    }
    else {
    window.location.href=d3+".php";
    }
    }
    </script>
  5. d3.php is our destination. Find d1=bgColor and d2=linkColor to make d3.
    link="#FF9900" bgcolor="#D0D0D0"

    d1=window.document.bgColor;   // d1 = #D0D0D0
    d2=window.document.linkColor; // d2 = #FF9900
    d3=d1.substring (1,5)+d2.substring (1,3);  // d3 = D0D0FF
  6. Back to the challenge page and enable the JavaScript. Enter D0D0FF as password in the popup page.
  7. Well done!!

1 comment:

  1. This comment has been removed by the author.

    ReplyDelete