I've been working my way through the challenges up at PicoCTF and thought I'd do a write up on a few of them. This one is the Javascrypt Challenge worth 40 points.
Here was the challenge:
Tyrin Robotics Lab uses a special web site to encode their secret messages. Can you determine the value of the secret key?
The hint was:
You may want to learn how to use you browser's JavaScript console.
Naturally I completely missed the hint and did it the hard way my first time around.
The below is the page:
Viewing the source I saw the below:
Completely bypassing the console I decided because I like to do things the hard way I would reconfigure the javascript code to run in C:
This game me a value of 621 making the value answer "flag_621".
For those of you who like to do things the easy way if you enter:
alert(key)
into the Console it will cause an alert with the value of the key to pop up when you enter a value to encrypt.



No comments:
Post a Comment