HellBound Hackers
Become the change you seek in the world. - Gandhi
Wednesday, August 20, 2008
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
HellBoundHackers Additional:
Shop
Learn
Links
Communicate
Submit
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Interact
Other
HellBoundHackers Executive:
HellBoundHackers Leisure:
Donate
Has this website helped you?
px
If so, please donate a little to help out with hosting costs.
Members Online
Total Online: 33
Web Spiders: 4
Guests Online: 19
Members Online: 14
flame_1221, VM7000, Phantom_Ghost, Futility, zbert, rex_mundi, nine-ball, maug, sirrex, H4x0r_Z, saftey, gnot_ice, sharpskater80, slpctrl,

Registered Members: 34366
Newest Member: boyxunghe
Most Users online: 523
Latest Articles

Javascript 9 - 15


advertisement



website security Help with Javascript 9 - 15
Possible spoilers.
Enjoy

Javascript challenges 9 - 15

J9:
Okay, so you look at this one and realize you could just wait for that big number to go

down, but odds are you really want to get these points now. Okay, so what is the first thing

we do when we want to hack a page? If you cant figure this one out, go do Basic 1. Now,

we do a search and find the javascript running this page and we notice something that deals

with the counter. Its a variable on the page. Let's inject something and see where that takes

us.

J10:
So here we view some source and we look for something that deals with our password.

Found it? Good. Okay, so read this code over, if you don't understand Jscript again...go

learn it. We see that it gets our password and compares it to one it builds. Trace through

the code and rebuild the password.

J11:
Again, we do the same and get our code. Look at it. Very similar. Variable is not quite built

the same. Think of a way that we can view it? Mess around with Jscript vars and and old

friend from a few challenges ago.

J12:
Blah blah, same stuff different problem. Get where you need and look at our code. Anyone

have a TI calculator? (If you don't BUY ONE). Find out your answer

J13:
So we browse the S***C* here again, but wait....nothing? So this makes you think maybe

its not required for us to use that code. Take a look at the message. Now, think about ways

you can have your authentication checked and how it relates to Jscripting. Where can we

hide local data? While you think about that I'm going to go grab some milk..... okay, got it

now? So edit it the usual way and nab your points.

J14:
Now some of you may just get this challenge right away. If you do, your lucky. If not, take a

glance. See our conitional? See what it does if you are lucky(but you aren't.) Now: option 1

make your computer meet that, option 2 think of a way to bypass that statement.

J15:
Okay, once you find what your looking for on this you realize its a bit harder than the

rest...gah. I basically just worked it out. Filled it in. Take your time, be precise. It is a pain.

Hint for a few of these. Rather than working out some of the built passwords can you think

of a way to build it yourself? Even make a nice way (with Jscript) to copy and paste it?
I'll let you figure that one out.

PM me if you need some help.

--samurai

security article Posted by only_samurai on October 07 2006 - 12:29:12   |    3 Comments | 2434 Reads | Print print this tutorial
Guest
Username

Password

Remember Me


Bookmark This Page
Affiliates
Adverts

 


By using, viewing or obtaining any information contained on this site, you agree to the disclaimer.

© HellBound Hackers 2007- 2008. Since 3rd December 2004.

4723578 Unique Visits

Powered by HBH-Fusion