Get it!
Solution:
- When we enter this challenge, it will pop up an alert page like below to require us to enter the password.
- Since we don't know the password, left the password field empty and click the 'OK' button. Now , we get another popup page as a hint like below.
- Okay, what we only need to do is to disable the javascript!
- After getting rid of the annoying popup alert message, view page source code and find the JavaScript part like below.
<script type="text/javascript">
function password () {
var d1, d2, d3, d4, d5, input;
d1=window.document.bgColor;
d2=window.document.linkColor;
d3=d1.substring (1,5)+d2.substring (1,3);
d4=d3.toUpperCase ();
input=prompt("Password:","");
if (input!=d3 && input!=d4) {
alert("Are you crazy? Thats so easy!");
window.location.href="/hackchallenge.php";
}
else {
window.location.href=d3+".php";
}
}
</script> - d3.php is our destination. Find d1=bgColor and d2=linkColor to make d3.
link="#FF9900" bgcolor="#D0D0D0"
d1=window.document.bgColor; // d1 = #D0D0D0
d2=window.document.linkColor; // d2 = #FF9900
d3=d1.substring (1,5)+d2.substring (1,3); // d3 = D0D0FF - Back to the challenge page and enable the JavaScript. Enter D0D0FF as password in the popup page.
- Well done!!
This comment has been removed by the author.
ReplyDelete