OWASP Hackademic Challenges Project – Challenge 2

Today’s post is going to go over the second challenge of the OWASP Hackademic Challenges Project.

Below is the scenario:

Your Country needs your help for finding the password of an enemy site that contains useful information, which if is not acquired on time, peace in our area will be at stake.

You must therefore succeed in finding the password of this military SITE.

Good luck!

Solution:

Entering the site – we get the following:

secondpage

Doing a page source we see the following:

secondchallengepagesource

secondchallengepagesource2

We see that the submit button calls the GetPassInfo JavaScript method (second screenshot).

Now we need to analyze what the method returns.

Going to an online JavaScript interpreter we add the code along with alert statements to print what the “wrong” variable is holding.

onlineinterpreter1

onlineinterpreter2

Going back to the challenge, and entering what is in the dialog box = enter a coin to play – we get the following screenshots:

challengetwopasswords

challengetwocongrats

Looking at the address bar after the index.php – we see a parameter of result that has our password in the address bar.

Lesson learned:

  1. We used the same tactics from the first challenge. When doing this we were able to find that the submit button was calling a GetPassInfo() JavaScript method which allowed us to proceed forward
  2. After obtaining the JavaScript code, we went to an online JavaScript interpreter and entered the code adding alerts so we can see what is stored in the variables
  3. After doing this we were able to obtain the password and enter it in the input box.

The developers thought they were able to trick users by putting the password in a method. They didn’t anticipate for us to find an online JavaScript interpreter to decipher the results.

Once again – looking at the page source reigns again! 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s