What is it? @.@

Here is the place where I record some tactics about wargame, systems, and other security issues.

2012-11-12

TRY2HACK - Level 9

Description:

LEVEL 9

Enter your login information:
          ___________________
Username:|___________________|
Password:|___________________|
 _____
|Enter|
  ̄ ̄ ̄
Solution:
  1. We really don't know the username and password. But we could use Chrome Developer Tools to help us to discover some trace like below ...
  2. In cookies, there are three values :
    str_username: admin
    str_password: yu0aertehbomb
    auth: no
  3. Yes, don't doubt it! We could use the cookies to pass this challenge. Enter the username and password above into the fields and use the JavaScript code below in the JavaScript Console of Chrome to modify the value of auth.
    username: admin
    password: yu0aertehbomb
    auth: yes

    [Modify the cookie]
    javascript:document.cookie="auth=yes";
  4. It's done!!
    LEVEL 9

    Good job! You can find Level 10 at our IRC channels. Go to #try2hack.level10 on irc.efnet.org and use 'yu0aertehbomb' as key to continue. See the chat page for more information.

    Chat -> http://try2hack.nl/chat/

Posted by at Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)