Javascript

Client side validation is so secure?

We need to find the username and password to the login form.

If we look at the source code, we find this.

<script>
			// Look's like weak JavaScript auth script :)

			$(".c_submit").click(function(event) {
				event.preventDefault()
				var u = $("#cuser").val();
				var p = $("#cpass").val();
				if(u == "admin" && p == String.fromCharCode(74,97,118,97,83,99,114,105,112,116,73,115,83,101,99,117,114,101)) {
				    if(document.location.href.indexOf("?p=") == -1) {   
				        document.location = document.location.href + "?p=" + p;
				    }
				} else {
				    $("#cresponse").html("<div class='alert alert-danger'>Wrong password sorry.</div>");
				}
			});
		</script>

We see that if u is equals “admin” and p equals to fromCharCode (Which means convert unicode number to character) and a chain of string.

The only thing we need to do is to convert is the chain of number into characters.

Using a python script we got this.

print ''.join(map(unichr, [74,97,118,97,83,99,114,105,112,116,73,115,83,101,99,117,114,101]))

JavaScriptIsSecure

Once we login as admin:JavaScriptIsSecure we get to see the flag.

The flag is FLAG-66Jq5u688he0y46564481WRh