Ringzer0 - Java Script - Hashing is more secure Objective: Get that Flag Solution: So this is another javascript challenge so I started with the source code again found this code <script> // Look's like weak JavaScript auth script :) $(".c_submit").click(function(event) { event.preventDefault(); var p = $("#cpass").val(); if(Sha1.hash(p) == "b89356ff6151527e89c4f3e3d30c8e6586c63962") { if(document.location.href.indexOf("?p=") == -1) { document.location = document.location.href + "?p=" + p; } } else { $("#cresponse").html("<div class='alert alert-danger'>Wrong password sorry.</div>"); } }); </script> So this time the are checking the password supplied against a hashed value of the password if(Sha1.hash(p) == "b89356ff6151527e89c4f3e3d30c8e6586c63962 so its taking a sha1 of what is supplied and checking it
@circusmonkey404 on the twitters; DM for contact