CyberHeroes Walkthrough

May 30, 2022 Easy / Try Hack Me

CyberHeroes is very easy and simple machine that is created to test your understanding of how logging into website might work. you can access the machine from here

As always, let’s start by scanning the machine with Nmap

nmap -sC -sV IP

You should get the following results

CyberHeroes Nmap Results

We can see that we have the following services running

  • SSH on port 22
  • Apache on port 80

Now we know that there’s a website running on that machine (written in description), so let’s open the browser and access the site.

CyberHeroes Website

Let’s start by checking the page source for the website but nothing much was there, now we already know that this machine is about authentication so let’s go to login form.

now let’s try to submit the form while we have our network tab open on the browser

CyberHeroes Login Form

now, when we try to submit, there are no requests sent to the server to validate our username and password, which means there is a frontend method that verifies that.

So let’s check which code is running

and here it is, so when we click the button, the function “authenticate” runs, let’s open that function and see the code

and we can find the code in the same page

function authenticate() {
      a = document.getElementById('uname')
      b = document.getElementById('pass')
      const RevereString = str => [...str].reverse().join('');
      if (a.value=="h3ck3rBoi" & b.value==RevereString("54321@terceSrepuS")) { 
        var xhttp = new XMLHttpRequest();
        xhttp.onreadystatechange = function() {
          if (this.readyState == 4 && this.status == 200) {
            document.getElementById("flag").innerHTML = this.responseText ;
            document.getElementById("todel").innerHTML = "";
            document.getElementById("rm").remove() ;
          }
        };
        xhttp.open("GET", "RandomLo0o0o0o0o0o0o0o0o0o0gpath12345_Flag_"+a.value+"_"+b.value+".txt", true);
        xhttp.send();
      }
      else {
        alert("Incorrect Password, try again.. you got this hacker !")
      }
    }

Let’s analyze the code first

  • we get the username and the password from the form
  • we reverse a string
  • we check if the username is “h3ck3rBoi” and if the reverse of the password is “54321@terceSrepuS”
  • then we will o a get request to get our flag

So let’s submit the form with the data we have where the username is “h3ck3rBoi” and the password is “SuperSecret@12345”

And Voila, We got the Falg

CyberHeroes Flag

Uncover the flag!

flag{edb0be532c540b1a150c3a7e85d2466e}

and that’s all for CyberHeroes machine.

Tags:

You may also like...