Solving a crackme implemented in JavaScript that attempts to obfuscate the algorithm through some anti-debugging.
Solution Script / HTML: https://gist.github.com/LiveOverflow/bbdffe3777ce0f008b452e0a789cef65
John Hammond: https://www.youtube.com/user/RootOfTheNull
-=[ π΄ Stuff I use ]=-
β Microphone:* https://amzn.to/2LW6ldx
β Graphics tablet:* https://amzn.to/2C8djYj
β Camera#1 for streaming:* https://amzn.to/2SJ66VM
β Lens for streaming:* https://amzn.to/2CdG31I
β Connect Camera#1 to PC:* https://amzn.to/2VDRhWj
β Camera#2 for electronics:* https://amzn.to/2LWxehv
β Lens for macro shots:* https://amzn.to/2C5tXrw
β Keyboard:* https://amzn.to/2LZgCFD
β Headphones:* https://amzn.to/2M2KhxW
-=[ β€οΈ Support ]=-
β per Video: https://www.patreon.com/join/liveoverflow
β per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ π Social ]=-
β Twitter: https://twitter.com/LiveOverflow/
β Website: https://liveoverflow.com/
β Subreddit: https://www.reddit.com/r/LiveOverflow/
β Facebook: https://www.facebook.com/LiveOverflow/
-=[ π P.S. ]=-
All links with “*” are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#CTF
Original source
42 responses to “Solving a JavaScript crackme: JS SAFE 2.0 (web) – Google CTF 2018”
The confusion with the x's isn't cuz of the with statement. The parameter Ρ (U+0445 or 1093) isn't the x from the English alphabet. It is a Cyrillic alphabet which only looks like it. And this input variable was never used in the code except for the last eval() which dynamically generated 'Ρ ==c(weird_string,h(Ρ ))' referring to our input Ρ . THAT was the beauty of the challenge π
You put foo variable which is a string in a str function, it's like transforming a string in a string
I'm an outsider looking in. I tried to figure it out, but as far as I can tell "x" provides the password in hidden and obscured fashion. That of course being the main difficulty. Me having little knowledge of JS I know I would be incapable of solving for "x" assuming my assessment here is correct.
The with statement makes it hard for the interpreter to understand how to interpret it (or something) lmao
Google CTF and you run google chrome hahahah π
How do you open the source code for the html
Love you videos, i'm gradually learning more and more thanks to you ! Your explainations helps me understand the mindset behind these CTF, hopefully with more knowledge and time i'll be able to clear some CTF one day π Cheers !
https://github.com/google/google-ctf/tree/master/2018/quals
solution of all the CTF
Uuuuuh. I guess some people used the solution in this video to validate the challenge … To people doing this : you are stupid to cheat on a challenge.
they updated it and it's still a nightmare
12:49 basically nobody in the world knows what it does π€£π€£π€£
I didn't understand a shit, but I loved it! I subscribed!
I'm a long-time computer enthusiast with 'okay' coding skills (intermediate skill perhaps?) and I'm starting my compsci course at uni this year. Thanks for the cool videos. I hope I can practice and get to the point where my style of thinking makes these kinds of problems a matter of 'intuition' like it seems to be for you and definitely others who do CTFs.
When I actually dont understand a single word…
wait WHAT?!
crazy man ~~!!!
You sir said you were a noob at this, then I should be an insect lol
Both noobs lol!
funny
Seems the more I learn, the more I realize I don't know. ( -_-)
This is why I don't trust JavaScript programmers. Shit like this is what nightmares are made of.
In Typescript we trust. All day er' day
Great video!
Are there any similiar websites where you can practice JS by solving similiar tasks (I still feel Iβm not ready to join CTF) ?
Any recommendations are welcome.
I love you videos and im kinda binge watching them
keep up the good work!
If you have a look at the file for this challenge now its quite different!
!SpamAndHexβ€οΈβ€οΈβ€οΈ
These naming conventions hurt my head
Man… my mind is blown… holy smokes…
cucked by x
whenever i feel like im getting the hang of coding i just watch one of these videos so i realize i know nothing again
Jesus Christ and that was an easy one…
If this is considered really easy i think i shouldnt even think of pursuing coding
This is so crazy cool π±
i srsly dont understand shit about this but its really cool man keep up the good work
BRAYN TOO PEENOOT SISD TΓ UNDRSTUND
this gave me long hair. I understood 0.000%
was mache ich hier eigentlich
14:03 made me just say "Uhhhhhhhhhhhhhhhhhhhhhhhhhhhhh…yeah?" π I'm a fuckin' idiot
this is like mathmatical composition on xanax
Is Ctf challenges good practise for noobs like me? It seems fun
Where can I learn all this stuff
Where do you start ?
What just happened…
Thanks. It was informative. Will check John Hammond's channel as well. Really like that how much great online content is produced nowadays π