{"id":32,"date":"2021-11-10T21:16:14","date_gmt":"2021-11-10T21:16:14","guid":{"rendered":"https:\/\/blogs.oregonstate.edu\/paul\/?p=32"},"modified":"2021-11-17T04:56:36","modified_gmt":"2021-11-17T04:56:36","slug":"writeup-hash-browns","status":"publish","type":"post","link":"https:\/\/blogs.oregonstate.edu\/paul\/2021\/11\/10\/writeup-hash-browns\/","title":{"rendered":"Writeup: Hash Browns"},"content":{"rendered":"\n

In our first OSUSEC challenge of 2021, we were given the instructions to “open the linked website in your browser. Good luck!”<\/p>\n\n\n\n

Opening the link in Firefox, we reach this site prompting for a password.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

My spidey-senses tingling, I opened inspect element. This revealed some javascript that activated when the submit button was pressed:<\/p>\n\n\n\n

function check_password() {\n  let password = document.getElementById(\"password\").value;\n  let hash = get_sha256(password);\n  if (hash == \"b0fef621727ff82a7d334d9f1f047dc662ed0e27e05aa8fd1aefd19b0fff312c\") {\n    document.getElementById(\"login\").submit();\n  }\n}  <\/code><\/pre>\n\n\n\n
We see that there is a sha256 hash in the script. Using Hash Toolkit<\/a> on the hash reveals that the password is “pineapple.” Hit submit, and getting the flag should be trivial from here!<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
Looks like we’re in for a bit more! We’ve got to click the link, which is twisting and turning all about the webpage. We can either click it (the fun way) or pretend to click it (the 1337 way).<\/p>\n\n\n\n
Looks like it calls a function called print_flag(), which can be entered using the web console. After this function is called, the text “Get the flag!” is replaced with the flag. Hitting Ctrl-A selects the text, which can then be copied and submitted!<\/p>\n\n\n\n
This was a fun, goofy introduction to OSUSEC, and I enjoyed my first-ever CTF challenge \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"
In our first OSUSEC challenge of 2021, we were given the instructions to “open the linked website in your browser. Good luck!” Opening the link in Firefox, we reach this site prompting for a password. My spidey-senses tingling, I opened inspect element. This revealed some javascript that activated when the submit button was pressed: We … Continue reading Writeup: Hash Browns<\/span><\/a><\/p>\n","protected":false},"author":11809,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-32","post","type-post","status-publish","format-standard","hentry","category-writeups"],"_links":{"self":[{"href":"https:\/\/blogs.oregonstate.edu\/paul\/wp-json\/wp\/v2\/posts\/32","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.oregonstate.edu\/paul\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.oregonstate.edu\/paul\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.oregonstate.edu\/paul\/wp-json\/wp\/v2\/users\/11809"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.oregonstate.edu\/paul\/wp-json\/wp\/v2\/comments?post=32"}],"version-history":[{"count":5,"href":"https:\/\/blogs.oregonstate.edu\/paul\/wp-json\/wp\/v2\/posts\/32\/revisions"}],"predecessor-version":[{"id":46,"href":"https:\/\/blogs.oregonstate.edu\/paul\/wp-json\/wp\/v2\/posts\/32\/revisions\/46"}],"wp:attachment":[{"href":"https:\/\/blogs.oregonstate.edu\/paul\/wp-json\/wp\/v2\/media?parent=32"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.oregonstate.edu\/paul\/wp-json\/wp\/v2\/categories?post=32"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.oregonstate.edu\/paul\/wp-json\/wp\/v2\/tags?post=32"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}