Thursday, October 25, 2012

Hack.Lu CTF: Mini Zombie Business Writeup

This challenge was a password prompt protected by obfuscated javascript.

1. Entering the site, we see harmless little zombie. Clicking on him gives:

Looking at the source, we see:

Unescaping this string yields yet another eval(unescape) and so on and so forth. At this point, I turned to the firefox plugin “JavaScript Deobfuscator”.

3. After running the script again JavaScript Deobfuscator shows:

Flag: tasty_humans_all_day_erry_day

-- d1r3w0lf

No comments:

Post a Comment