CTF
  • Intro
  • HTB
    • Love
    • Aton
    • Cereal
    • Tenet
    • Tabby
    • Ophiuchi
  • CTF Competitions
    • SANS CTF 2020
      • Web
        • WE01
        • WE02
        • WE03
        • WM01
        • WM02
        • WH01
        • WX01
      • Binary
        • BE01
        • BM01
        • BM02
        • BX01
      • Crypto
        • CE01
        • CE02
      • Forensics
        • FE01
        • FE02
        • FE03
      • Network
        • NH01
Powered by GitBook
On this page
  • About The Challenge
  • Solution

Was this helpful?

  1. CTF Competitions
  2. SANS CTF 2020
  3. Web

WE02

PreviousWE01NextWE03

Last updated 4 years ago

Was this helpful?

About The Challenge

Type

Difficulty

Web

Easy

Solution

The second challenge is web application that having a login form.

If we take a look at the source code of the website we will find interested JavaScript code:

Their is two JavaScript codes one is Hex encoded the second at the bottom is the interesting JS code, because it checks for the username and the password.

By looking at the JS script it appears that the password is stored on the value d.

We can get the actual password by printing value of d. We can do that by many ways such as using web console to write the JS script and print d value. Here I used online JS editor, I copied the JavaScript code and typed document.write(d); to print d value and I got the password.

By submitting the valid credentials finally we will get the flag.

Flag: aNicESimpLEFORM6-3_211