Last active
October 8, 2018 09:58
-
-
Save Ge0rg3/7b1570bd881cab2ca06391b25ee23d1b to your computer and use it in GitHub Desktop.
Part of the Reply Challenge 2018 Practice Challenges.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script> | |
| function auth() { | |
| var k = CryptoJS.SHA256("\x93\x39\x02\x49\x83\x02\x82\xf3\x23\xf8\xd3\x13\x##"); // ops...missing last byte! | |
| var u = document.getElementById("user").value; | |
| var p = document.getElementById("pass").value; | |
| var t = false; | |
| if(u == "\x68\x34\x63\x6b\x33\x72") { | |
| var enc = CryptoJS.AES.encrypt(p, CryptoJS.enc.Hex.parse(k.toString().substring(0,32)), { iv: CryptoJS.enc.Hex.parse(k.toString().substring(32,64)) }); | |
| if(enc == "PKhuCrfh3RUw4vie3OMa8z4kcww1i7198ly0Q4rpuyA=") { | |
| t = true; | |
| } | |
| } | |
| if(t) { | |
| document.write("Congratulations, you won! You can now submit the password as the FLAG of the challenge :-)"); | |
| } else { | |
| document.write("Wrong credentials! :("); | |
| } | |
| } | |
| </script> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment