Flare-On 8 Challenge 1: CredChecker
CredChecker - First Challenge in Flare-On 8
To download these Flare-On challenges visit http://flare-on.com/files/Flare-On8_Challenges.zip
Opening the admin.html file in Google Chrome presents us with a login page:
Trying several different username/password combinations will show an error on the bottom
Next, I look at the page source. On Chrome, you can click the three verticle dots on the top right > more tools > developer tools.
Looking at the page’s source code, specifically in the login form, we see that once we click Check Credentials it will call the function checkCreds().
Control + F’ing for checkCreds() I found that the function is on the same html file. Instead of making a request to authenticate through the backend, it does the authentication in plaintext. Below is the checkCreds() function:
The function essentially first checks if the user name is Admin and if after doing the atob function is goldenticket, it’ll show the flag.
Looking up what the atob function is in javascript, the mozilla developer website says “The atob() function decodes a string of data which has been encoded using Base64…”
This means, we just need to find what goldenticket is encoded in Base64. After a quick lookup, I discovered I can just use the javascript function btoa.
Pasting in the creds Admin:Z29sZGVudGlja2V0 I get the flag!
Last updated