Intro 2 | Defend the Web

Hacker Silhouette | Credit: B_A on Pixabay

Problem

Alright second mission on defend the web which is super simple if you follow the last mission. All you will need to is to understand how to use dev tools to parse the HTML for information.

Now we have a 2 next to the title

Solution

So if you right click on inspect the Username text box you’ll find the following snippet.

<span style="color: rgba(0,0,0,0)">is emberfire</span>

Note: These values are pulled from some dictionary and are unique per user

So same rule applies to the Password text box and you’ll find the text for that as well. If you want to go ahead and edit the textbox and you’ll be able to display it on the page.

<span>is emberfire</span>

Tada!

Explanation

Fundamentally the website is flawed in storing username and password information in the HTML itself. I doubt you’ll see this nowadays, but commonly users forgetting information might of stored it this poor way. This mission represents securing the website by obfuscation, notice the intentional manipulation of HTML elements to make the information match the background, this is a common theme in CTFs like these.