-
Notifications
You must be signed in to change notification settings - Fork 2
Find That Data!
Nathan edited this page Oct 5, 2020
·
1 revision
Complete what Clu could not... Find the data in memory. https://www.youtube.com/watch?v=PQwKV7lCzEI
- Watching the video you can see that we are trying to login as
CLUwith password0222 - The password part is tricky, but thankfully there's client side js that you can look at to find the username and password.
function login(username, password) {
if (username == "CLU" && password == "0222") {
window.location = "/maze";
} else window.location = "/";
}- This looks really intimidating
- The maze updates every second and there's a call to
/tokenas well - There's 4 buttons to move Clu through the maze, but the data (the yellow 'o') is always blocked off.
- There's a lot of ways to do this, but you just have to make sure that the token is still constantly updating.
- You can comment out the checks for walls and just move through them
function move_down() {
let cell = get_cell(x, y + 1);
if (cell == null) return;
//if (y == maxRows || cell.style.borderTopStyle != "hidden") return;
remove_x();
y += 1;
add_x();
check_data();
}- Comment out the
CreateGrid()andCreateMaze()functions
function CreateAll() {
Token();
//CreateGrid();
add_x();
add_o();
//CreateMaze();
}- Just set the coordinates to be on top of the data
x = 1;
// Set x to be 1
y = maxRows;
// Go to bottom
check_data();
// Check the data from the server
- Type this into the console
x=1; y=maxRows; check_data();
Reversing
Crypto
Crypto World
Pwning
- Metacortex
- White Rabbit
- There is no Spoon
- The Oracle
- Free Your Mind
- See for Yourself
- Goodbye Mr. Anderson
- Matrix Management System
Web
- Where's Tron?
- Programs Only
- EnFlaskCom
- Reindeer Flotilla
- First Day Inspection
- Find That Data!
- Derezzy
- Next Gen Networking
Miscellaneous