Basic and Javascript Challenges

Basic and Javascript Challenges

By ghost | 14641 Reads |

0     0

Welcome to my first article. As I saw that noone has made a random assortment of challenge articles into one i decided to for the heck of it. :)

Well lets start with the easy's. BASIC.

Basic 1- Ok this the most basic test in the world simply view the source and search through it for a riddle type of statement. Put the answer to the riddle and voila points. You better get used to viewing the source because you are going to see alot more of it! Basic 2- Once again view the source. If you read the description it tells you to look for a source of where the iframe is coming from. Simply hit Ctrl + F to Search the source for iframe. Find the value of the src and there you go! Basic 3-This one talks about user agents. Google on how to change your user agent and put in the required value. EASY! Basic 4-It tells you that htpasswd.php is not in the right directory. SO… maybe HBH accidentally got ahead of themselves and switched some files with the basic 5 files. :) We'll skip onto Basic 10 now-If you go to the ip protected page you will most likely be told Forbidden. if so then view the source for some important info. Otherwise you are lucky since your ISP is already in the right range lol. This challenge enables you to learn how to use Proxies. Google on how to set one up based on your internet browser.(GET FIREFOX!). find a proxy in the right range and refresh the page and your good to go. Basic 13-On this one you can use javascript to inject/alter the dropdown values. Or you can do it the lazy way, and save it to your computer locally, alter the html to add George into the dropdown. Once you do that save your new page, open it and George will be on there so go ahead and login as him. Basic 14- This is a very easy one. Just view the source and you will see where to find the password. Basic 15-On This chall you have to use a .txt file that is used so that Google's curious spider doesnt crawl into the directory's listed here. just google a file that hides dir's from google.

Alright onto a different type of challenges. JAVASCRIPT! If you need any thing about Javascript / learn it / then go to www.w3schools.com. Hands down they are the best. JS 1- View the source(if you use Internet Exploder(internet explorer lol) you have to find a different way to view the source - hint look at the menus at the top of the browser.) You will see the user id and the password in the tags. Check what value the script is looking for and enter those values into the correct places. JS 2-So if you click on the link you automatically get hit with a prompt box. If you cancel or type the wrong pass/ it repops. So how about trying putting before the http://www.hellboundhackers.org/blah blah … try putting what you do the most to complete the challenges. cough v**w u*ce (put a - in the middle and a : at the end). once you do that do exactly what you did in the first js challenge. Now get your pts! JS 3- Soo your looking thru the source and you dont really find anything but this one really long line with %20's in the middle of things. Well the easiest thing to do is to put that line into an alert box kind of like this alert(escape(the line of code here)); however the escape part needs to be the opposite. :) JS 4- Did you click the button? well if you havent then do it!lol. notice what happens to the end of the address bar. well how do you alert cookies thru the address bar? well if you dont know then google it other wise if you do know how do the same thing but pretend like you are in the script and not the address bar. put that in the value of the submit variable via the address bar and voila. JS 5- You have been combing thru the source for awhile now and finally you notice a line where it starts the but ends it on the same line… look at the source of the script. once you have the js file go back and complete the chall. Lets fast forward a bit to JS 8 since loads of people have been frustrated with this one. JS 8-so you see the secret and you notice that is encoded in h. so you decode it (nice decoder is yellowpipe.com go to their tools and then encrypter / decrypter.) Once you decode it you notice its still rubbish. but not exactly put that into the pwd and you still (think) you dont see any result.WRONG!. View the source again and you see another secret. well simply put in what you think woulld not be the passwd and well it is lol. on this part just dont decrypt it or anything… just do what you think would be stupid lol. JS 9- ah!!!!!!!! 35000 seconds no!!!!lol. all you need is a simple javascirpt injection to NULL the function they use to set the timeout. JS 10- Now if you want to do this one the easy way as well as some other js chall's then do what i tell you (very simple). OK so you see that the function does all these weird things and your getting all confused trying to decipher it. so… copy & paste it into notepad and at the part else { alert("wrong"); } change "wrong" with the variable that they are comparing with to determine if its right or wrong. that will give you the right value if you are right or wrong. JS 11-on this one do the same thing as above ^ JS 12- once again do the same thing as the past 2 challs or you always do your math on this one. pick your choice. JS 13- Finally its the last JS challenge(well at least at the moment). So it tells you that you arent authorized. well thats lame. ok so think how it verified that hint- it aint crackers its ******* hehe lol. use a js injection to alter the value to the opposite of false. There you go!

I hope that this article helped some people. if it did Please Rate it!!!!!! Thanks