CTFHub

Writeup

Secure Portal

发表于 分类于
Challenge | 2020 | CSICTF | Web | Secure Portal

点击此处获得更好的阅读体验

WriteUp来源

by anishbadhri

题目描述

This is a super secure portal with a really unusual HTML file. Try to login.

题目考点

解题思路

In the sourcecode, an unreadable script is at the end. The javascript code can be deobfuscated to an extent with http://www.jsnice.org/. The script still has a lot of useless functions. On replacing all necessary values into the corresponding locations, we get a final script of

1
2
3
4
5
6
7
8
window["localStorage"]["setItem"]("9-12", "BE*");
window["localStorage"]["setItem"]("4-7", "bb=");
window["localStorage"]["setItem"]("0-2", "5W");
window["localStorage"]["setItem"]("16", "^7M");
window["localStorage"]["setItem"]("12-14", "pg");
window["localStorage"]["setItem"]("7-9", "+n");
window["localStorage"]["setItem"]("14-16", "4t");
window["localStorage"]["setItem"]("2-4", "$F");

From here, its clearly visible that that the password is just rearranging this into increasing order of key. On entering the password, the flag is obtained.

Password: 5W$Fbb=+nBE*pg4t^7M

Flag

1
csictf{l3t_m3_c0nfus3_y0u}