DefendTheWeb.net, previously called HackThis.co.uk, is a very famous and well-known interactive security platform where you can learn and challenge your skills.. It contains challenges from several different cybersecurity fields.
I’ve decided to have a bit of fun and try to solve every single challenge presented, from the easiest to the hardest. (although easy and hard will be different depending on your skillset and field of expertise).
As I do with any challenge website, I WILL NEVER post the flag in cleartext, as it kills the fun and thrill of finding it, however I will post my way (or ways) of getting there. This is done in respect of the website’s security and non-disclosure policy, even when it doesn’t have one ;).
Challenge Intro 3 / JavaScript
This challenge is also rated as Bronze difficulty, which should be easy to solve. This time all we have is a “Password” field with a “[ Log In ]” button. When trying password at all, we get a JavaScript popup saying “Incorrect password“, so there has to be a piece of JavaScript code somewhere that we can find. Using our beloved friend, Google Chrome Dev Tools (F12) we were able to find this:
Notice that the correct password is validated by a variable called “correct”, running through the code it was possible to find that variable and our password.
There we have it. I hope you liked the Javascript challenge, see ya on the next one!
