Skip to main content

Posts

Showing posts with the label Ringzer0 Hashing is more secure

Ringzer0 - Java Script - Hashing is more secure

Ringzer0 - Java Script - Hashing is more secure Objective:   Get that Flag Solution: So this is another javascript challenge so I started with the source code again found this code <script> // Look's like weak JavaScript auth script :) $(".c_submit").click(function(event) { event.preventDefault(); var p = $("#cpass").val(); if(Sha1.hash(p) == "b89356ff6151527e89c4f3e3d30c8e6586c63962") { if(document.location.href.indexOf("?p=") == -1) { document.location = document.location.href + "?p=" + p; } } else { $("#cresponse").html("<div class='alert alert-danger'>Wrong password sorry.</div>"); } }); </script> So this time the are checking the password supplied against a hashed value of the password   if(Sha1.hash(p) == "b89356ff6151527e89c4f3e3d30c8e6586c63962  so its taking a sha1 of what is supplied and checking it