This blog space will be used to show via video and written tutorials how to use various different tools that are openly available on the web that can be used to break into systems and help secure them.
This mission, like many of the other Javascript missions, simply require you to lookup javascript functions. In this case, the "escape/unescape" function. As you can see from the video there tends to be an online version of any language function that involves conversion.
To pass this mission you simply need to input the unescaped version of the given string is the source code which is ilovemoo.
Faith is trying to trick you... she knows that you're tired after all the math works...
The difficulty rating for this one is easy for a reason! What's involved to get the password is as easy as the first mission, however it takes a bit more thinking 'outside of the box'. There's not a lot more that can be said in this tutorial as it really is quite simple.
Although most websites will not use this kind of mechanism for logins (well... we hope so from their point of view but from ours it makes the job a lot easier :)) they will try and obscure information using javascript and other tricks like this. For example, if you look at the source code for many video hosting websites you will notice that they have the location of the video embedded somewhere in the code, so we can easily come along and simply paste it into our address bar and download the video. However, try and do this to a website like veoh or youtube and it's not quite as easy to find.
Faith is going to test your math skills and your javascript operations
Faith is going hardcore with javascript operators...
Javascript 3 is based on the operators available in all programming and scripting languages. By looking at the source code we see that the password function does a number of mathematical functions to a number of variables and this links with the password itself. The use of google here to do the sums for us is to ensure that no mistakes are made in the calculations and to put emphasis on how useful google can really be.
After working out the sums:
foo: 47
bar: 7
moo: 14
rar: N/A
We know the value of what of moo is 14 and this somehow relates to the password. The next step is to see what the javascript function "length" returns. After looking up the function we see that it returns "the length of the string (in characters)." This is very important as it is the difference between the answer being the value 14, or a string consisting of 14 characters in length. in this case, I used: xxxxxxxxxxxxxx
Faith had made a redirect script and logout with javascript to keep hackers away
The key to this missions is the information given above. When you click on the link you see this redirect script work and make you "lose" the mission. By simply turning off javascript within your browser you disable any javascript content on a web page; in this case you stop the execution of the redirect script.
Faith is learning Javascript, the only thing that is protecting her from hackers is luck.
"Faith is learning javascript"
Similar to Basic 1, this mission requires very little, if any, javascript knowledge. A simple look at the source code shows us that the function that handles the login takes the password and checks if it is equal to "cookies".
