This is Sparta
Challenge Information
Category: Web Security
Level: easy
Points: 50
description
Morning has broken today they're fighting in the shade when arrows blocked the sun they fell tonight they dine in hell
Solution
after access the lab we open it browser
now we try to review source code (ctrl+u)
we focus in this line
// Some codevar _0xae5b=["\x76\x61\x6C\x75\x65","\x75\x73\x65\x72","\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x42\x79\x49\x64",
"\x70\x61\x73\x73","\x43\x79\x62\x65\x72\x2d\x54\x61\x6c\x65\x6e\x74","\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\
x20\x20\x20\x20\x20\x20\x20\x20\x43\x6F\x6E\x67\x72\x61\x74\x7A\x20\x0A\x0A","\x77
\x72\x6F\x6E\x67\x20\x50\x61\x73\x73\x77\x6F\x72\x64"];function check(){var _0xeb80x2
=document[_0xae5b[2]](_0xae5b[1])[_0xae5b[0]];var _0xeb80x3=document[_0xae5b[2]](_0xa
e5b[3])[_0xae5b[0]];if(_0xeb80x2==_0xae5b[4]&&_0xeb80x3==_0xae5b[4]){alert(_0xae5b[5]);
} else {alert(_0xae5b[6]);}}well, i'll explain what this function do
{var _0xae5b} //is array of 7 elements [0:6]
function check() and if statement
if ( varx2(usename) == array[4] && varx3(pass)=array[4] ){
then show alert array[5]};// which is **Congratz** -if we decode it ,
else {show alert array[6], //which is **wrong Password**}.
//So let’s lets decode array [4] to get it’s content through any websitethis numbers look like in hex style because the variable start with 0x ,So we will remove everything excepted numbers
76616C756575736572676574456C656D656E74427949647061737343796265722d54616c656e742020
2020202020202020202020202020202020202020436F6E677261747A200A0A77726F6E67
2050617373776F7264now let's go to convert it from this site ⇒ https://cryptii.com/pipes/hex-to-text
now copy the numbers , and you will see thing like this
lab solve it's just login with this credentials :
user ⇒ Cyber-Talent
pass ⇒ Cyber-Talent
after submit you see this pop-up
Last updated