← Back to ringzer0

This folder contains solutions for the Javascript wargame from Ringzer0.

Levels

• Client_side_validation_is_so_secure
• Hashing_is_more_secure
• Then_obfuscation_is_more_secure
• Why_not

Client_side_validation_is_so_secure

in this challenge i opened the source code and found this code, that generates the password, also the username is admin. the password is JavaScriptIsSecure, i’ve found it using running this line in the console: String.fromCharCode(74,97,118,97,83,99,114,105,112,116,73,115,83,101,99,117,114,101)

Flag: FLAG-66Jq5u688he0y46564481WRh

Next Level Writeup

---

Hashing_is_more_secure

here we got the hash b89356ff6151527e89c4f3e3d30c8e6586c63962. i used hashcat to crack this using bruteforce: hashcat -m 100 -a 3 "b89356ff6151527e89c4f3e3d30c8e6586c63962" --show

we got this password: adminz

Flag: FLAG-bXNsYg9tLCaIX6h1UiQMmMYB

Next Level Writeup

---

Then_obfuscation_is_more_secure

using online deobfuscation tools i got this code:

$(".c_submit").click(function () {
  var _0xf382x1 = $("#cpass").val();
  if (_0xf382x1 == "02l1alk3") {
    if (document.location.href.indexOf("?p=") == -1) {
      document.location = document.location.href + "?p=" + _0xf382x1;
    }
    ;
  } else {
    $("#cresponse").html("<div class='error'>Wrong password sorry.</div>");
  }
  ;
});

so, this is the password: 02l1alk3

Flag: FLAG-5PJne3T8d73UGv4SCqN44DXj

Next Level Writeup

---

Why_not

I wrote this code that do the reverse operation

var a = [];
var u = "administrator";
var k = new Array(176,214,205,246,264,255,227,237,242,244,265,270,283);

for(i=0; i<u.length; i++){
    a.push(-i*10 - u.charCodeAt(i) + k[i]);
}
String.fromCharCode(...a)

then, we got this password: OhLord4309111 and the username is: administrator

Flag: FLAG-65t23674o6N2NehA44272G24

Next Level Writeup

---