Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

JavaScript 1 to 7


JavaScript 1 to 7

By SySTeM avatarSySTeM | 12395 Reads |
0     0

Alright everyone, as you may or may not know, I’ve made articles on: Basic 1 - 16, Apps 1 - 6 (2nd part coming soon), Web Patching 1 - 3, Real 7 and Real 4. Now it’s time to cover the Javascript challenges 1 to 7. 8 to 13 will be released as soon as I write it. This article may contain spoilers.

JavaScript 1 Ok, when you get to this challenge, you see two boxes, User ID and password. Now, if you’ve done basic1 you should know that you need to view the source :) with Javascript, the actual script is embedded in the source, it’s not parsered like php, so you can still view it. Now, if you are using IE, you may notice that Right Click is disabled :o what now? I know! We find an alternative way to view it!! Just click the “View” tab in the menu at the top. Once you are reading the source you should notice the script and be able to get the user id and password, there we go, js1 out the way!

JavaScript 2 Alrighty then, js2… This one gets annoying after a while with it’s redirects, but if you are quick and you are using firefox, when it says “You’ll go back to the index” just really quickly press Ctrl+U to view the source, or alternatively, you could do view-source:http://www.hellboundhackers.org/challenges/js/js2 to view the source. Now when you find the script, you should notice that it isn’t actually displayed there, it’s including the script from another location, level2script.js, so all we need to do now is view that file, you should know what directory it is in. As soon as you can view this script file you can beat the level, so go back to the js2 index page and enter the pass you got into the box.

JavaScript 3 Like js1, when you get to this level, you see a user id box and a password box and also, in IE the mouse button is disabled, so by now you should know that we need to view the source and find this script. You may notice that this script is a little obscured to the others, this is because it is encoded in hex, so google for a hex decoder, then you’ll be able to see the plain text of the script and beat this challenge.

JavaScript 4 JS4 time, for this one, you need to do what I got Hall Of Fame for, yep it’s XSS time! As it says we have to view a cookie, you need to know some basic JS. I’m assuming you all know basic JS and know how to alert it. So it tells you to “Use This” on the button and it uses $_GET to get what you submittedm, now if you look at the URl, it says ?submit=Use+this, try changing the “use this” to your XSS code :) then we have js4 done!

JavaScript 5 Like js2 this one is kept in a .js file, so you need to find that and then read the script very carefully, now in this script, it uses the getYear() function, instead of the getFullYear() function, this is a very bad idea because ever since the milenium getYear has messed up, e.g: in 1984 getYear would print out 84 and in 1999 it would print out 99, but ever since 2000 it started to go above 99 and carry on counting into 100s. From that you should be able to work it out.

JavaScript 6 Ok, for this you get a pass box and a submit button. To start off you view the source like normal, then you find the script, and if you know any JS then you should know that when you want to add words together you use “something”+“something_else”, so once you’ve found the right pass and added it all together you can either navigate to that file of you could put it in the box and submit.

JavaScript 7 Well, this one is very very very frustrating and annoyed the hell out of me. You have to pretty much do view-source:URL for this one and then save it to your HDD. Once you’ve saved it you could manually figure out the pass or, you could make it alert the pass instead of redirecting you. Simplistic solution for an annoying challenge.

That’s it for this article, but stick around, part two will be out very soon.

Please rate and comment on it

Comments
ghost's avatar
ghost 18 years ago

Nice article. You'll have one for every challenge on the site soon ^^

ghost's avatar
ghost 18 years ago

Wow ain't there already like 10 of these articles on javascript??:o

SySTeM's avatar
SySTeM 18 years ago

Yes, but like flash says, I'm aiming to have articles on most of the challenges, plus these go into deep detail :)

ghost's avatar
ghost 18 years ago

I like how these would actually help if you were stuck, unlike some other javascript articles.

SySTeM's avatar
SySTeM 18 years ago

Thanks :)

ghost's avatar
ghost 18 years ago

good job system…considering a 14 year old kid wrote it…(lol already did all js challenges b4 i read this :()….make some realistic challenges tuts. now!

ghost's avatar
ghost 18 years ago

What do you mean considering he is 14? The kid did an excellent job as far as any one is concerned.

SySTeM's avatar
SySTeM 18 years ago

Wooo thanks knutrainer!

ghost's avatar
ghost 17 years ago

this is a great article! i just bookmarked it :ninja:

ghost's avatar
ghost 16 years ago

Very good article thnks System great work :happy:

ghost's avatar
ghost 16 years ago

Good article it helped me out allot with out giving to much away. I was stuck on JS5 but after reading on how the function does not work properly I figured it right out.

ghost's avatar
ghost 16 years ago

Good article it helped me out allot with out giving to much away. I was stuck on JS5 but after reading on how the function does not work properly I figured it right out.