JavaScript Challenge!!!!

Learn the basics of how to exploit JavaScript.

JavaScript Challenge!!!!

Post by keiferdeanbrown on Sat Jul 25, 2009 10:08 am
([msg=27427]see JavaScript Challenge!!!![/msg])

Challenge solve the password

here is the JavaScript script from the source.
as you can see we only want the password no username


<script type="text/javascript">
a = document.location + "";
b = a.length;
c += ((5*10)*2);
d = String.fromCharCode(c,b*3+2,b*4-24,b*3+9);
p=prompt("Password:","");
if (p==d) {
window.location = "pass="+p;
} else {
window.location = "levels.php";
}

there is no need to worry about spoiling as this isn't from any of the missions on hackthissite.org

tell me what you would do and i will give you the outcome of your idea!
any javascript injections i will have to preform so just tell me and i will tell you exactly what yielded from it!
good luck! and have fun



The purpose of this challenge is to educate people ,as well as my self, on this particular type of javascript mission with the help of different styles that we all have. I have alot of problems with this type and need to now more styles!
CYBER HACKER
User avatar
keiferdeanbrown
New User
New User
 
Posts: 37
Joined: Mon Jul 20, 2009 5:38 pm
Blog: View Blog (0)


Re: JavaScript Challenge!!!!

Post by Nines on Sun Jul 26, 2009 7:47 am
([msg=27459]see Re: JavaScript Challenge!!!![/msg])

There could be any number of passwords as you haven't told us what document.location is.

The password that I'd go for would be "dell", since it seems the only non-gibberish possible password out of:

dGDN
dJHQ
dMLT
dPPW
dSTZ
dbhi
dell
dhpo
dktr
dnxu

I solved it with a simple perl script to run the calculations and print out valid filenames:

Code: Select all
#!/usr/bin/perl

my $c = 100;

for ($b=11;$b<38;$b++){
   $pass = chr($c) . chr(($b*3)+2) . chr(($b*4)-24) . chr(($b*3)+9);
   if ($pass =~ /^[a-zA-Z0-9\_\.\-]+$/){
      print $pass . "\n";
   }
}
User avatar
Nines
Poster
Poster
 
Posts: 191
Joined: Sun Apr 13, 2008 5:57 pm
Blog: View Blog (0)


Re: JavaScript Challenge!!!!

Post by keiferdeanbrown on Sun Jul 26, 2009 8:35 am
([msg=27461]see Re: JavaScript Challenge!!!![/msg])

b=33


your so close!

dell has one wrong letter in it!

you didn't even know b and almost got it! that's pretty impressive to me (doesn't say much though :mrgreen: )
CYBER HACKER
User avatar
keiferdeanbrown
New User
New User
 
Posts: 37
Joined: Mon Jul 20, 2009 5:38 pm
Blog: View Blog (0)


Re: JavaScript Challenge!!!!

Post by Nines on Sun Jul 26, 2009 9:04 am
([msg=27462]see Re: JavaScript Challenge!!!![/msg])

I don't see how I could have a letter wrong :/

c += ((5*10)*2); // c = 100;

d = String.fromCharCode(c,b*3+2,b*4-24,b*3+9);

so:

c = 100 = d
33*3+2 = 101 = e
33*4-24 = 108 = l
33*3+9 = = 108 = l

-----------------------

Edit:

Just noticed c += 100.. So I don't know what it's original value was I assumed 0.. So it'll be ?ell where ? is an unknown.
User avatar
Nines
Poster
Poster
 
Posts: 191
Joined: Sun Apr 13, 2008 5:57 pm
Blog: View Blog (0)


Re: JavaScript Challenge!!!!

Post by keiferdeanbrown on Sun Jul 26, 2009 9:35 am
([msg=27463]see Re: JavaScript Challenge!!!![/msg])

correct! again amazing!

c=4
CYBER HACKER
User avatar
keiferdeanbrown
New User
New User
 
Posts: 37
Joined: Mon Jul 20, 2009 5:38 pm
Blog: View Blog (0)


Re: JavaScript Challenge!!!!

Post by Nines on Sun Jul 26, 2009 9:48 am
([msg=27466]see Re: JavaScript Challenge!!!![/msg])

hell
User avatar
Nines
Poster
Poster
 
Posts: 191
Joined: Sun Apr 13, 2008 5:57 pm
Blog: View Blog (0)


Re: JavaScript Challenge!!!!

Post by keiferdeanbrown on Sun Jul 26, 2009 11:38 am
([msg=27471]see Re: JavaScript Challenge!!!![/msg])

Bingo!!!!

now here is how it gets harder.

the next solve has to be proved without using the previous awesome code.
CYBER HACKER
User avatar
keiferdeanbrown
New User
New User
 
Posts: 37
Joined: Mon Jul 20, 2009 5:38 pm
Blog: View Blog (0)


Re: JavaScript Challenge!!!!

Post by Nines on Sun Jul 26, 2009 11:47 am
([msg=27474]see Re: JavaScript Challenge!!!![/msg])

Insert:
Code: Select all
document.write(d);

After:
Code: Select all
d = String.fromCharCode(c,b*3+2,b*4-24,b*3+9);

..and run it locally.
User avatar
Nines
Poster
Poster
 
Posts: 191
Joined: Sun Apr 13, 2008 5:57 pm
Blog: View Blog (0)


Re: JavaScript Challenge!!!!

Post by keiferdeanbrown on Sun Jul 26, 2009 1:08 pm
([msg=27480]see Re: JavaScript Challenge!!!![/msg])

be more specific for me (for the challenge)

how are you going to insert it? (firebug, save page, tamper data, etc...)
how do you run it locally? (details please for the challenge)
CYBER HACKER
User avatar
keiferdeanbrown
New User
New User
 
Posts: 37
Joined: Mon Jul 20, 2009 5:38 pm
Blog: View Blog (0)


Re: JavaScript Challenge!!!!

Post by Nines on Sun Jul 26, 2009 1:32 pm
([msg=27483]see Re: JavaScript Challenge!!!![/msg])

Notepad > Paste:

Code: Select all
<script type="text/javascript">
c = 4;
b = 33;
c += ((5*10)*2);
d = String.fromCharCode(c,b*3+2,b*4-24,b*3+9);
document.write(d);
</script>


Save as whatever.html > Run.

Although, you'd have to know document.location (URL bar : javascript:document.location) To find the length, then hard-code it.. The c = 4 I think you'd omitted before by mistake or whatever and would be in the code to begin with.
User avatar
Nines
Poster
Poster
 
Posts: 191
Joined: Sun Apr 13, 2008 5:57 pm
Blog: View Blog (0)


Next

Return to Javascript

Who is online

Users browsing this forum: No registered users and 0 guests