This write-up explains how I solved the "This is Sparta" easy web security challenge by analyzing the login page and reviewing the client-side source code to reach the flag.
The challenge presents a simple login page requiring a username and password
By viewing the page source, I noticed the presence of several encoded strings written in hexadecimal format which indicates that the developer attempted to obfuscate the client-side JavaScript code.
While reviewing the source code, I noticed several hex-encoded strings such as:
\x76\x61\x6C\x75\x65","\x75\x73\x65\x72","\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x42\x79\x49\x64","\x70\x61\x73\x73","\x43\x79\x62\x65\x72\x2d\x54\x61\x6c\x65\x6e\x74","\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x43\x6F\x6E\x67\x72\x61\x74\x7A\x20\x0A\x0A","\x77\x72\x6F\x6E\x67\x20\x50\x61\x73\x73\x77\x6F\x72\x64 ...After some research, I was able to decode these values using CyberChef by applying the From Hex operation.
This revealed readable strings related to the login functionality, and after decoding them, I was able to identify the username and password used by the application.
valueusergetElementByIdpassCyber-Talent
After decoding and formatting the extracted strings, the following values became readable:
value
user
getElementById
pass
Cyber-Talent
Congratz
wrong PasswordBy analyzing these values, it became clear that the JavaScript code retrieves the input values of the username and password fields using
getElementByIdThe string "Cyber-Talent" is used as a hardcoded credential, while the messages "Congratz" and "wrong Password" indicate successful and failed login attempts respectively.
so the username and password = Cyber-Talent
After entering the extracted username and password, we were able to successfully log in and retrieve the flag.
{J4V4_Scr1Pt_1S_Aw3s0me}