Javascript - Authentication 2

Description: Yes folks, Javascript is damn easy
Difficulty: Very easy

🔎 Solution

The challenge website features a login button. Inspecting the source code reveals that clicking it executes the connexion() function.

<input type="button" value="login" onclick="connexion();">

Examining the contents of login.js:

function connexion(){
    var username = prompt("Username :", "");
    var password = prompt("Password :", "");
    var TheLists = ["GOD:HIDDEN"];
    for (i = 0; i < TheLists.length; i++)
    {
        if (TheLists[i].indexOf(username) == 0)
        {
            var TheSplit = TheLists[i].split(":");
            var TheUsername = TheSplit[0];
            var ThePassword = TheSplit[1];
            if (username == TheUsername && password == ThePassword)
            {
                alert("Vous pouvez utiliser ce mot de passe pour valider ce challenge (en majuscules) / You can use this password to validate this challenge (uppercase)");
            }
        }
        else
        {
            alert("Nope, you're a naughty hacker.")
        }
    }
}

Specifically, this function checks whether the entered username and password are GOD and HIDDEN respectively.

The flag for this challenge is the password HIDDEN.

🚩Flag

HIDDEN

🔎 Solution​

🚩Flag​

🔎 Solution

🚩Flag