Author Topic: Script Challenge 4 - Did you fall for it too?  (Read 16053 times)

deathcoder

  • Newbie
  • *
  • Posts: 1
  • Rank:
    • View Profile
Re: Script Challenge 4 - Did you fall for it too?
« Reply #30 on: May 03, 2016, 01:24:12 pm »
I have tried out different combination:

19,24,15,4:wrong
22,17,14,13:typeg

none them seems to work what I am missing please give a hint..
I have no more tricks left in my mind

Re: Script Challenge 4 - Did you fall for it too?

catalyst_245

  • Newbie
  • *
  • Posts: 1
  • Rank:
    • View Profile
Re: Script Challenge 4 - Did you fall for it too?
« Reply #31 on: June 15, 2016, 12:32:12 pm »
Hey guys,

Been trying to solve this one for days.  Just can't see a way it could be anything but the obvious answer - which is obviously wrong.

Like the other posters I've tried running the script offline and it seems to be working. 
I can also obviously inject values by adding in other parts to the answer string which get executed - but I don't think that's the correct answer (especially as only the parts[1] gets submitted in the answer).

I think I know javascript reasonably well.  I've even asked my frontend dev friends if they can see an answer, yet we can't work it out.  Can anyone PM me a hint? 
If not - at least to clarify, the script tag has to be HTML4 compliant, no?  And injecting/overriding javascript isn't the correct solution either?  (because then I guess the password could be anything) 

Re: Script Challenge 4 - Did you fall for it too?

bolofecal

  • Newbie
  • *
  • Posts: 5
  • Rank:
    • View Profile
Re: Script Challenge 4 - Did you fall for it too?
« Reply #32 on: September 27, 2016, 11:33:43 am »
This challenge is working? Someone to check if my password is correct in pm?

Re: Script Challenge 4 - Did you fall for it too?

[Axel]

  • Administrator
  • Newbie
  • *****
  • Posts: 6
  • Rank:
    • View Profile
Re: Script Challenge 4 - Did you fall for it too?
« Reply #33 on: September 28, 2016, 03:54:34 pm »
it is working, and I can have a look on your findings

Re: Script Challenge 4 - Did you fall for it too?

bolofecal

  • Newbie
  • *
  • Posts: 5
  • Rank:
    • View Profile
Re: Script Challenge 4 - Did you fall for it too?
« Reply #34 on: October 03, 2016, 12:02:23 am »
Thanks axel. I pm you.

Re: Script Challenge 4 - Did you fall for it too?

bolofecal

  • Newbie
  • *
  • Posts: 5
  • Rank:
    • View Profile
Re: Script Challenge 4 - Did you fall for it too?
« Reply #35 on: October 10, 2016, 04:48:00 pm »
When I try access this url http://canyouhack.it/Content/Challenges/Solve.php?ID=46&Password=password returns a 500 Internal Server Error its is part of chall, is off or I'm accessing a wrong url?

Re: Script Challenge 4 - Did you fall for it too?

AASPRONI

  • Newbie
  • *
  • Posts: 1
  • Rank:
    • View Profile
Re: Script Challenge 4 - Did you fall for it too?
« Reply #36 on: November 09, 2016, 07:48:05 am »
I have these results but all not work. :-\ >:( :'(

[scriptattribute "the:password"]
accesskey : "0,2,2,4,18,18,10,4,24:gccnssknrg"
class : "2,11,0,18,18:clgssg"
contenteditable : "2,14,13,19,4,13,19,4,3,8...1,11,4:cpewnewndiwgblng"
contextmenu : "2,14,13,19,4,23,19,12,4,13,20:cpewnxwmneug"
dir : "3,8,17:diyg"
draggable : "3,17,0,6,6,0,1,11,4:dygaagblng"
dropzone : "3,17,14,15,25,14,13,4:dypozpeng"
hidden : "7,8,3,3,4,13:hiddneg"
id : "8,3:idg"
itemid : "8,19,4,12,8,3:iwnmidg"
itemprop : "8,19,4,12,15,17,14,15:iwnmoypog"
itemref : "8,19,4,12,17,4,5:iwnmynfg"
itemscope : "8,19,4,12,18,2,14,15,4:iwnmscpong"
itemtype : "8,19,4,12,19,24,15,4:iwnmwrong"
lang : "11,0,13,6:lgeag"
onabort : "14,13,0,1,14,17,19:pegbpywg"
onblur : "14,13,1,11,20,17:pebluyg"
oncancel : "14,13,2,0,13,2,4,11:pecgecnlg"
oncanplay : "14,13,2,0,13,15,11,0,24:pecgeolgrg"
oncanplaythrough : "14,13,2,0,13,15,11,0,24,...0,6,7:pecgeolgrwhypuahg"
onchange : "14,13,2,7,0,13,6,4:pechgeang"
onclick : "14,13,2,11,8,2,10:peclickg"
oncontextmenu : "14,13,2,14,13,19,4,23,19,12,4,13,20:pecpewnxwmneug"
ondblclick : "14,13,3,1,11,2,11,8,2,10:pedblclickg"
ondrag : "14,13,3,17,0,6:pedygag"
ondragend : "14,13,3,17,0,6,4,13,3:pedyganedg"
ondragenter : "14,13,3,17,0,6,4,13,19,4,17:pedyganewnyg"
ondragexit : "14,13,3,17,0,6,4,23,8,19:pedyganxiwg"
ondragleave : "14,13,3,17,0,6,11,4,0,21,4:pedygalngvng"
ondragover : "14,13,3,17,0,6,14,21,4,17:pedygapvnyg"
ondragstart : "14,13,3,17,0,6,18,19,0,17,19:pedygaswgywg"
ondrop : "14,13,3,17,14,15:pedypog"
ondurationchange : "14,13,3,20,17,0,19,8,14,...3,6,4:peduygwipechgeang"
onemptied : "14,13,4,12,15,19,8,4,3:penmowindg"
onended : "14,13,4,13,3,4,3:penedndg"
onerror : "14,13,4,17,17,14,17:penyypyg"
onfocus : "14,13,5,14,2,20,18:pefpcusg"
onformchange : "14,13,5,14,17,12,2,7,0,13,6,4:pefpymchgeang"
onforminput : "14,13,5,14,17,12,8,13,15,20,19:pefpymieouwg"
oninput : "14,13,8,13,15,20,19:peieouwg"
oninvalid : "14,13,8,13,21,0,11,8,3:peievglidg"
onkeydown : "14,13,10,4,24,3,14,22,13:peknrdpteg"
onkeypress : "14,13,10,4,24,15,17,4,18,18:peknroynssg"
onkeyup : "14,13,10,4,24,20,15:peknruog"
onload : "14,13,11,14,0,3:pelpgdg"
onloadeddata : "14,13,11,14,0,3,4,3,3,0,19,0:pelpgdnddgwgg"
onloadedmetadata : "14,13,11,14,0,3,4,3,12,4...,19,0:pelpgdndmnwgdgwgg"
onloadstart : "14,13,11,14,0,3,18,19,0,17,19:pelpgdswgywg"
onmousedown : "14,13,12,14,20,18,4,3,14,22,13:pempusndpteg"
onmousemove : "14,13,12,14,20,18,4,12,14,21,4:pempusnmpvng"
onmouseout : "14,13,12,14,20,18,4,14,20,19:pempusnpuwg"
onmouseover : "14,13,12,14,20,18,4,14,21,4,17:pempusnpvnyg"
onmouseup : "14,13,12,14,20,18,4,20,15:pempusnuog"
onmousewheel : "14,13,12,14,20,18,4,22,7,4,4,11:pempusnthnnlg"
onpause : "14,13,15,0,20,18,4:peogusng"
onplay : "14,13,15,11,0,24:peolgrg"
onplaying : "14,13,15,11,0,24,8,13,6:peolgrieag"
onprogress : "14,13,15,17,14,6,17,4,18,18:peoypaynssg"
onratechange : "14,13,17,0,19,4,2,7,0,13,6,4:peygwnchgeang"
onreadystatechange : "14,13,17,4,0,3,24,18,19,...6,4:peyngdrswgwnchgeang"
onscroll : "14,13,18,2,17,14,11,11:pescypllg"
onseeked : "14,13,18,4,4,10,4,3:pesnnkndg"
onseeking : "14,13,18,4,4,10,8,13,6:pesnnkieag"
onselect : "14,13,18,4,11,4,2,19:pesnlncwg"
onshow : "14,13,18,7,14,22:peshptg"
onstalled : "14,13,18,19,0,11,11,4,3:peswgllndg"
onsubmit : "14,13,18,20,1,12,8,19:pesubmiwg"
onsuspend : "14,13,18,20,18,15,4,13,3:pesusonedg"
ontimeupdate : "14,13,19,8,12,4,20,15,3,0,19,4:pewimnuodgwng"
onvolumechange : "14,13,21,14,11,20,12,4,2...,13,6,4:pevplumnchgeang"
onwaiting : "14,13,22,0,8,19,8,13,6:petgiwieag"
spellcheck : "18,15,4,11,11,2,7,4,2,10:sonllchnckg"
style : "18,19,24,11,4:swrlng"
tabindex : "19,0,1,8,13,3,4,23:wgbiednxg"
title : "19,8,19,11,4:wiwlng"
translate : "19,17,0,13,18,11,0,19,4:wygeslgwng"
   
   "14,13,22,0,8,19,8,13,6:petgiwieag"
spellcheck
   
   "18,15,4,11,11,2,7,4,2,10:sonllchnckg"
style
   
   "18,19,24,11,4:swrlng"
tabindex
   
   "19,0,1,8,13,3,4,23:wgbiednxg"
title
   
   "19,8,19,11,4:wiwlng"
translate
   
   "19,17,0,13,18,11,0,19,4:wygeslgwng"

Re: Script Challenge 4 - Did you fall for it too?

bolofecal

  • Newbie
  • *
  • Posts: 5
  • Rank:
    • View Profile
Re: Script Challenge 4 - Did you fall for it too?
« Reply #37 on: February 13, 2017, 10:32:19 am »
I think maybe correct is src="text/javascript" and wrong is type="text/javascript". If the correct is src the js file must be in http://canyouhack.it/Hacking-Challenges/Script-Challenges/Did-you-fall-for-it-too/text/javascript but this url returns error 404. I'm in the correct way?

 

Login

Username:
Password:
Minutes:
Remember:

Forgot your password?
Register

Like Us On Facebook