There are a thousand hacking at the branches of evil to one who is striking at the root.- Henry Thoreau
Article name: Help for the The Snow Wachters level (wrote by k32.nix).
Manipulating scripts:

You need to have a basic knowledge of:


When you put a code inside a webpage, your browser will interpret it,
and show you the result(Thats a good information. Do not forget it)

Now with this information, what could we do to manipulate the script inside the webpage?

-Save the file and edit the code.

-input data/commands using the browser.

Using the first choice, youll have to save the file in your hard disk, and edit the file
putting the code you want to. Lets assume that you have a login page, you insert your 
login and password, taking a look at the source you see that the page calls a function 
 the script:

function ME(a,b)

... ME(login,password)

you see that the script will process your information and return the result.Again, lets assume
that the function ME«» do a complex work, and check if your are a trust user. You don't like
burning your brain following and calculating everything, then just let the computer do the hard
work and alert() you!
(or by 'msgbox'!)

The problem is if the script is inside an apart file. You will need to get the file too.
And place it in  you saved the web page. If you need to get just one file, its ok,
but it becomes tedious when the page uses more than 10 files.

Finally,the easiest way, just insert data/commands into the url bar!
By typing " " in the urlbar, your browser will interpret anything you want it to, 
and even show you variables!

When you put a code inside a webpage, your browser will interpret it,
and show you the result.«Thats a good information. Do not forget it!»

what? we can't see the source. Yeah, obfuscation.

But,look at the code you can read... the page doesn't understand too, then it will decrypt it
and execute.
Let the page do the hard work, and make the page show you the decrypted value.
(How? by replace the 'Execute' with 'Document.write'!)

After doing once, you will know what to do later.

When you can read how the system generates and checks the password, look at the checking,
You will pass when your code equals "x", discover the value inside "X" and use the encryption
system to generate the same value.

If you know javascript or visual basic it will be easy! ;)

Good luck!

Thats all.
TryThis0ne - Hacking Challenges.
TryThis0ne 2005-2014© :: Codingr :: B~HFH :: cp77fk4r :: There are 13336 accounts in this site. 90626 People has logged on to this site. Design By SBD