HackThis main level 3 write up

KatsuragiCSL
Sep 9, 2018 · 1 min read

Coming to level 3, new things have appeared. Viewing source code and searching “password” can’t give you any hints 🙂 So why don’t just come back to the login page of level 3, hitting the submit button and just see what will happen?

This is an alert window of javascript (again, who wants to do web app hacking better know some basic HTML, javascript and other things related). So let’s check how the script for log-in is written. Searching “script” in the source code and see what we’ve found:

This piece of javascript is checking whether the username is equal to heaven and the password is equal to hell. If they are not, the error message we saw will be popped up. So you know the correct username and password now 🙂


Originally published at katsuragicsl.wordpress.com on September 9, 2018.

A security enthusiast. @ZuuitterE

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade