As you can see, there's some suspicious-looking code inside the <script> tags. It includes a block of obfuscated JavaScript that appears questionable, mainly because of its obfuscated nature.
The following is the block of JavaScript from the image above:
var _0xae5b=[“\x76\x61\x6C\x75\x65”,”\x75\x73\x65\x72",”\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x42\x79\x49\x64",”\x70\x61\x73\x73",”\x43\x79\x62\x65\x72\x2d\x54\x61\x6c\x65\x6e\x74",”\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x43\x6F\x6E\x67\x72\x61\x74\x7A\x20\x0A\x0A”,”\x77\x72\x6F\x6E\x67\x20\x50\x61\x73\x73\x77\x6F\x72\x64"];function check(){var _0xeb80x2=document[_0xae5b[2]](_0xae5b[1])[_0xae5b[0]];var _0xeb80x3=document[_0xae5b[2]](_0xae5b[3])[_0xae5b[0]];if(_0xeb80x2==_0xae5b[4]&&_0xeb80x3==_0xae5b[4]){alert(_0xae5b[5]);} else {alert(_0xae5b[6]);}}
The code appears to be obfuscated using ASCII hex encoding. The use of repeated "\x" suggests that each character is represented by its corresponding hexadecimal value. The variable "_0xae5b" seems to store an array of these encoded hex strings. To decipher the obfuscated code, I used an online tool called DDecoder, which helped to uncover the original content hidden within the encoded strings.
Decoded Results
The output from DDecoder was the following:
var _0xae5b=[“value”,”user”,”getElementById”,”pass”,”Cyber-Talent”,” Congratz
“,”wrong Password”];function check(){var _0xeb80x2=document_0xae5b[2](_0xae5b[1])[_0xae5b[0]]; var _0xeb80x3=document_0xae5b[2](_0xae5b[3])[_0xae5b[0]]; if(_0xeb80x2==_0xae5b[4]&&_0xeb80x3==_0xae5b[4]){alert(_0xae5b[5]);} else {alert(_0xae5b[6]);}}
We can crack this JavaScript code if we know how to interpret it. The function called check() does some interesting assignments. It sets two variables, .80×2 and .80×3, based on indices from a previously defined array. The array, named .5b, is written in hexadecimal and contains different elements like getElementById, user, and value, which correspond to .5b[2], .5b[1], and .5b[0], respectively.
The code checks if the value of .80×2 (which is the user input field variable) matches .5b[4], which is 'Cyber-Talent'. It also checks if the value of .80×3 (the password input field) matches .5b[4] as well. If both conditions are true, it pops up an alert with the message stored in .5b5, which is 'Congratz'. Otherwise, it displays a message from .5b[6], which says 'wrong password'. From here, all we have left to do is to enter the username ‘Cyber-Talent’ and password ‘Cyber-Talent’ and submit.
Flag Popup Window
After inputting the specified username and password we got the flag in a pop up alert dialog box.
