The confusion with the x's isn't cuz of the with statement. The parameter х (U+0445 or 1093) isn't the x from the English alphabet. It is a Cyrillic alphabet which only looks like it. And this input variable was never used in the code except for the last eval() which dynamically generated 'х==c(weird_string,h(х))' referring to our input х. THAT was the beauty of the challenge :P
@LiveOverflow6 жыл бұрын
yeah I was fooled!
@adityavallabh60826 жыл бұрын
They fooled us all lol. Btw since you didn't mention why the browser crashes, it's cuz the for loop in c() runs for a.length times and a regex doesn't have this property making it an infinite loop and crashing the browser due to memory limits. And by this they fooled us not once but TWICE! xD
@LiveOverflow6 жыл бұрын
AHHHHHHHHH. that also explains why they wrote i!=a.length and not i
@tomaschku6 жыл бұрын
This trick to use similar (or equal) looking characters is also a vuln. in Windows. (An Example here: kzbin.info/www/bejne/baTciGZjr96FhZo) Kinda wondering, why javascript (and other languages as well) allow non-ansii characters to be used outside of (string) variables.
@Ariana-dn4mm6 жыл бұрын
Oh wow such a interesting challenge, thanks for the insight
@LOEVI5 жыл бұрын
whenever i feel like im getting the hang of coding i just watch one of these videos so i realize i know nothing again
@BorisMediaProds5 жыл бұрын
sigh
@skrmnghrd45204 жыл бұрын
I think I was the only one
@chrisauh4 жыл бұрын
he's going so fast so it's hard to understand
@michaelhofmann29254 жыл бұрын
@@chrisauh totally, especially when you are used to watch video on youtube in *1.5time X)
@RGT.4 жыл бұрын
lmao
@_JohnHammond6 жыл бұрын
Thanks so much for the shoutout, Live Overflow! Hopefully we can do more together sometime soon. :)
@trungthanhbp3 жыл бұрын
hey dude, dont change avatar, people cant find you ...
@matthewlandry13523 жыл бұрын
Lol..10,000 followers back in the day. Good job on the almost 200,000k
@motivaciontotal53102 жыл бұрын
@@matthewlandry1352 You have seen his face? lol he looks totally different i was socked.
@THE16THPHANTOM6 жыл бұрын
this some next level thinking and reasoning i am just not ready for. and its scary that there are so many people that can do this and i can barely comprehend it.
@stefanopersechino96846 жыл бұрын
Totally agree with you. Just impressive
@alexanderher76925 жыл бұрын
lol, so much for 3 years of CS uni
@rumble19255 жыл бұрын
Relax. If I encounter anything even half as complex as this in a codebase I just rip it out and replace it. Fuck trying to debug horrors like this.
@GRITBONE5 жыл бұрын
It's just learning a new language. Takes practice, but if there's other people that can speak it, so can you.
@kilvesx79245 жыл бұрын
Nah figuring out stuff like this takes hours and lots of trial and error, it's all just edited out here and only the final conclusions are presented. Watching a guy do "does this work? nah, how about this?" for 4 hours isn't good entertainment
@Anonymous-vh6kp4 жыл бұрын
I love watching these videos. I’m at a stage in life where I kind of understand what is going on, enough to comprehend the logic expressed, but not enough to be able to try this myself.
@mxxone166 жыл бұрын
Wow, if you say you're a total noob I don't know what I am
@XseuguhX6 жыл бұрын
He is not, just very humble...
@LiveOverflow6 жыл бұрын
Thanks, I guess. But it was in fact one of the easiest challenges during this CTF based on the number of solves ;)
@qps93806 жыл бұрын
Same lol
@ChrisD__6 жыл бұрын
Maybe you just took the long way around.
@soopyc5 жыл бұрын
mx xone me too
@ineedzsleep5 жыл бұрын
When C++ programmers look at Javascript code: *wtf* ** googles some stuff ** *wtf intensifies*
@wargodsamael68604 жыл бұрын
tm man facts 😂
@excalibirb92044 жыл бұрын
I don't get it. Is it cuz js is child's play to them?
@skepticmoderate57904 жыл бұрын
@@excalibirb9204 No it's because it's insanely dynamic. The opposite of child's play. The programmer has basically no guarantees about the state of the runtime at any specific point in the program, which can make it very hard to debug.
@cameronholt47354 жыл бұрын
True asf
@koji29754 жыл бұрын
@@excalibirb9204 No, the joke is that javascript can be really fuckin confusing
@hopkinskong6 жыл бұрын
Btw, two "x" are in different encoding. IDE saves the day :D
@benjaminbrady23856 жыл бұрын
This felt like one of those de-obfuscation of pop-under videos. I loved those!
@IsaiahGamers6 жыл бұрын
Benjamin Brady agreed we need more like those
@stefanopersechino96846 жыл бұрын
I feel incredibly stupid. This is impressive..who created this is just a genius
@pavankumar7735 жыл бұрын
mean while I'm coding hello world with some hacker music in the background .
@wargodsamael68604 жыл бұрын
Pavan Kumar lol this cracked me up 😂
@autumnhd4 жыл бұрын
@@spidercubed9718 title hacking bank details
@jowyjozef4 жыл бұрын
"Coccolino" 👈 Best music channel on KZbin, perfect for coding/programming/hacking... Thank me later.
@FunkadelicFeed4 жыл бұрын
Lolz
@PaprikaX336 жыл бұрын
1:30 I don't think "JS" and "military grade" are compatible with each other
@peregrinusoblivione49675 жыл бұрын
The recent breaches at some big companies were hackers cleverly injecting 15 lines of JS. Mirai I think it was called. So I'd say it's militant enough. Enough for the FBI to have them snitch and employ them.
@chigozie1235 жыл бұрын
Depends on perspective. Military grade for the person who did NOT write that garbage.
@slonkazoid4 жыл бұрын
aes-js in node.js
@theshermantanker70434 жыл бұрын
@@peregrinusoblivione4967 It's still pretty horrific at breaching systems. For that there really is no other reliable way bessides C/C++ and Assembly language
@jankaltenecker5976 жыл бұрын
I just want to thank you for not taking a jab at JS. This Video was really interesting. I was torn between trying it myself first and watching your solution but I'm glad to have watched your video instead.
@soopyc5 жыл бұрын
You sir said you were a noob at this, then I should be an insect lol
@alex107916 жыл бұрын
Same here, joined for a few hours and only solved the noob question :p The argument was not an x but a homograph of x as others also mentioned and that took me a bit to figure out. Also I didn't figure out exactly why the browser hanged but it was so annoying, yet I didn't want to spend time on that. I took the same approach for decryption but heard that there was another way based on low redundancy of the internal variables (a and b). I hope I find time and motivation to look into it soon.
@KingJellyfishII5 жыл бұрын
*The with statement makes it hard for the interpreter to understand how to interpret it* (or something) lmao
@marsanmarsipan6 жыл бұрын
Been lurking your chan for months. Started Beginners quest on this google-ctf now. Never done this before.. Thanks for hooking me up!
@LeoLokoII4 жыл бұрын
lol
@DeepakKumar-ym1wr2 жыл бұрын
I don't know any programming language but love to watch this ;)
@michaelz68204 жыл бұрын
Basically to explain 'with' statement, you enter an object to it like: with( ) { // CODE HERE } then, basically when you call anything, it first checks the block scope if the variable exists, then, the window. Else, it tries the properties of the object you put in. So in theory, this should work. with (console) { log("Hello."); }
@myflorin254 жыл бұрын
I don't have a clue what I've just watched but it was interesting and a pleasure to watch , you are a clever dude .
@perkinskurt61474 жыл бұрын
'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit contact via:::::WHATSAPP>>> wa.me/17472081186 remember a stitch in time saves nine
@userou-ig1ze4 жыл бұрын
I simply love this channel. Hits just my level of programming skills
@codechapter69605 жыл бұрын
I love you videos and im kinda binge watching them keep up the good work!
@LiveOverflow5 жыл бұрын
awesome, thanks!
@greywolf2712 жыл бұрын
Number 1 reading for the next few weeks.
@vibheeshavelayudha19036 жыл бұрын
i want to appreciate ur time and dedication towards the efforts by you not related to solving the ctf but the thing not many noticed, which was the ur skills in copying and redrawing the "google capture the flag" logo as your thumbnail XD lol. Seriously how the hell did u do that, which software?
@Hyperverse5 жыл бұрын
This was kind of hard to follow but also easy to understand. Where have you been all my life? Shit, I guess I'm hunting for flags now.
@akatsukilevi4 жыл бұрын
JS: 'with' MDN: Not even who made this function knows, may be a sentient function SCP: Hold my containment
@jarska226 жыл бұрын
The "x" password variable is actually cyrillic small letter (u0445)
@AntiAtheismIsUnstoppable5 жыл бұрын
However, there exists other "chars", which are interpreted right away and which can be used to obfuscate code, if you use them as actual non-printable "chars" (copied from the char table) instead of (what they're usually used for) as HML entities. Like the RTL mark. I use that to obfuscate source code (browser view source code, but also some IDEs), and while the code is run as it should, it does fool some RegExes used by bots (It's quite effective in anti spamming). The W3C validator, however, is not fooled, that's its only weakness. It throws an error. From Wikipedia: _"The right-to-left mark (RLM) is a non-printing character used in the computerized typesetting of bi-directional text containing mixed left-to-right scripts (such as English and Cyrillic) and right-to-left scripts (such as Persian, Arabic, Urdu, Syriac and Hebrew). "_
@AntiAtheismIsUnstoppable5 жыл бұрын
Back in time, using the RTL mark on email addresses was an easy way of obfuscating, because they were "reversed", when going to the email program, while still bots didn't understand it. This doesn't work anymore though, no email program will accept it today.
@tobias86786 жыл бұрын
Awesome video! I really enjoy your writeup's video because they are so inspiring, detailed and actually enjoyable to watch!
@neloka43136 жыл бұрын
Great video and great challenge too! Spent quite a few hours before beating it!
@sp1nzer8135 жыл бұрын
i srsly dont understand shit about this but its really cool man keep up the good work
@dannythomsen6 жыл бұрын
I never got to solve this challenge because I got the length of the hash wrong. But the argument x is not x but a unicode that looks like x, that is why the scoping looks weird :)
@aroymart6 жыл бұрын
I somehow didn't realize pure RE capture the flag existed until you scrolled past the challenge list
@mitchg90175 жыл бұрын
These naming conventions hurt my head
@Askaholic9076 жыл бұрын
I think the guys over at JS Safe should really have used a sha256 hash. Then there’s no need for all the anti debugging and it’s also unbreakable (given the current state of technology). Very fun challenge though!
@cocosloan37484 жыл бұрын
John Hammond is such cool guy!
@pourliver6 жыл бұрын
Great to see a writeup on this once since I participated :)
@bluerhinoo5 жыл бұрын
Great video! Are there any similiar websites where you can practice JS by solving similiar tasks (I still feel I’m not ready to join CTF) ? Any recommendations are welcome.
@akiraryu62504 жыл бұрын
Great question. I'm looking for a good website too.
@exoR1ft5 жыл бұрын
This just looks like my regular code
@xeome55965 жыл бұрын
lol
@god_mode_0n974 жыл бұрын
I have maths exam today at 9:30 Am and I'm sitting here watching this video at 1:30 am for nothing .
@AnthonyVandeGejuchte6 жыл бұрын
I tried to do this challenge myself, the part with the regexp object was the part I got stuck. About the with statement: `var test = {a: () => console.log("Hello local")}; var a = () => console.log("Hello world"); with (test) a();` outputs "Hello local" as it uses properties in the with statement as first lookup table instead of global scope.
@SrIgort6 жыл бұрын
This was cool, I found it interesting that you probably even do not need to debug to pass this challenge lol
@floodingthesea93665 жыл бұрын
How? By opening the source in an IDE \ notepad ++ in the right configuration to notice that the x is different?
@takatsbalint16 жыл бұрын
They used two different x. You know like the old greek semicolon vs semicolon joke. Whit some fonts you can even see the difference: x(х)
@gwennycake50465 жыл бұрын
I didn't understand a shit, but I loved it! I subscribed!
@DangerousPictures6 жыл бұрын
can you upload a video when a ctf starts? I always miss them
@DangerousPictures6 жыл бұрын
Ritoban Roy Chowdhury thanks
@diegoalpizar68576 жыл бұрын
Ritoban Roy ... Thanks!
@padreigh6 жыл бұрын
Time travel - 90+ solves earlier, then 60th :) nice video
@techitow6 жыл бұрын
Wowwww. You're pretty good at this! Keep it up with the videos
@MrinalPaliwal986 жыл бұрын
13:21 'obviously always repeated' Can someone please help me in understanding why the 4 byte is being repeated in its use in function c?
@LiveOverflow6 жыл бұрын
i is counting from 0 to the length of the cipher text 'a', right? And each character of that cipher text is addressed with a[i]. The other value (the key) that is being XORed uses b[i%b.length]. Length is 4. So b[i%4]. i modulos 4 means, the result will never be larger than 3... so 1%4 = 1 2%4 = 2 3%4 = 3 4%4 = 0 5%4 = 1 6%4 = 2 So this always references b[0], b[1], b[2], b[3], b[0], b[1], ... so it always repeats the key from the start.
@XiothMontage6 жыл бұрын
This is how XOR Encryption works. If your key is smaller than your message, then the key is repeated. :) Example: xor("message", "key") ; '^' is the character for XOR Encryption in many languages. - m ^ k - e ^ e - s ^ y - s ^ k - a ^ e - g ^ y - e ^ k
@MrinalPaliwal986 жыл бұрын
Thanks for the quick reply, it helped. This was my first ever CTF and this was the first problem I attempted but was struck on it for the whole 2 days on it. Great explanation video :D
@MrinalPaliwal986 жыл бұрын
Thanks for the quick explanation, I'll be reading more about this :D
@CristiNeagu3 жыл бұрын
0:03 Lol. A photo of John Hammond from when he was a baby hacker.
@otaldohenrik Жыл бұрын
Eu não poderia simplesmente usar um depurador como GDB + engine do google e então ler os dados de "x" na memória em um ponto que ele está descriptografado?
@BlackHermit3 жыл бұрын
This one was so much fun!
@twentylush5 жыл бұрын
this is like mathmatical composition on xanax
@SolomonUcko4 жыл бұрын
At first I though you could just use "CTF{" xor the input string to figure out the 4 bytes, but then remembered that that part of the input is ignored.
@FunkadelicFeed3 жыл бұрын
Just wanted to let you know the point where you messed up is 14:05 . We are beginners here and don't know much, you didn't show the part at 14:05 which was the main thing from my pov.
@Brandino4804 жыл бұрын
This is highly entertaining to watch
@perkinskurt61474 жыл бұрын
'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit contact via:::::WHATSAPP>>> wa.me/17472081186 remember a stitch in time saves nine
@perkinskurt61474 жыл бұрын
'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit contact via:::::WHATSAPP>>> wa.me/17472081186 remember a stitch in time saves nine
@wesleymays19313 жыл бұрын
h(s) looks like an Adler-32 checksum
@Thulahdanlauss5 жыл бұрын
Love you videos, i'm gradually learning more and more thanks to you ! Your explainations helps me understand the mindset behind these CTF, hopefully with more knowledge and time i'll be able to clear some CTF one day :) Cheers !
@phoelee3525 жыл бұрын
Man... my mind is blown... holy smokes...
@berndeckenfels3 жыл бұрын
Hashing the code, that is great!
@onehourmusicbc5 жыл бұрын
When I actually dont understand a single word...
@hoxorious6 жыл бұрын
thank you so much for another amazing video
@DanteElMc4 жыл бұрын
In how many languages do you programming? LiveOverflow: *yes*
@perkinskurt61474 жыл бұрын
'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit contact via:::::WHATSAPP>>> wa.me/17472081186 remember a stitch in time saves nine
@ChunkyChest4 жыл бұрын
I wish I could analyze out the steps like you do.
@perkinskurt61474 жыл бұрын
'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit contact via:::::WHATSAPP>>> wa.me/17472081186 remember a stitch in time saves nine
@MrHatoi4 жыл бұрын
This challenge perfectly summarizes why I can't stand JavaScript. All of these weird rules like how scopes of variables extend to weird places to how you can use non-ASCII symbols that look like ASCII symbols for variable names. You know that your language has issues when even an authoritative documentation like MDN states that one of your builtin syntax statements is too unpredictable to reliably use. You can write bad code in any language, but JavaScript seems like it was specifically designed for spaghetti code. More than half the stuff in this crackme would be literally impossible in almost any other language, because they have rules in place to keep people from writing garbage like this.
@JoJoModding6 жыл бұрын
Could you next time tell us when CTFs are starting/announced and you're participating so that we can follow along?
@Askaholic9076 жыл бұрын
JoJoModding Check out ctftime.org
@tiavor6 жыл бұрын
I didn't know that JS functions can print it self :D
@Askaholic9076 жыл бұрын
Tiavor Kuroma function x() {return eval(String(x))}()
@LastOlie5 жыл бұрын
How do you know when to give up and just learn a new feature and how do you know when to just carry on trying things
@fiercethundr_5 жыл бұрын
I'm an outsider looking in. I tried to figure it out, but as far as I can tell "x" provides the password in hidden and obscured fashion. That of course being the main difficulty. Me having little knowledge of JS I know I would be incapable of solving for "x" assuming my assessment here is correct.
@AntiAtheismIsUnstoppable5 жыл бұрын
Using greek letter "look a likes" or other alphabeths as substitutes for roman letters is a well known technique for spamming purposes. Disquss had this problem for a period of time, probably because they used some reg ex operations to search for "spammy" words in english, while they wanted to allow for any language (and therefore alphabeth) to be used at the same time. Look up the UTF-8 table and see for yourself how many letters of other alphabeths are look-a-likes to roman letters. This is the hebrew letter HET: ח And this is the english n They're not the same, but they look the same. So, JS allows for non ASCII chars in function names, not sure why, but this is used to obfuscate the source code here. Digging deeper into how languages work, and recognizing, that LTR (Left to Right) is only the standard in english speaking world, you can further obfuscate the code by using *non-printable RTL mark,* which is used in for example arabic. Not sure how it works with JS, but HTML it works, I have placed a few RTL marks in my code strategically. The source code gets completely screwed up and unreadable, as it is shown reversed, but it's run and it works.
@hopkinskong6 жыл бұрын
Wired CSV is good too :)
@jmms496 жыл бұрын
Awesome content as always. Cheers m8!
@Ariana-dn4mm6 жыл бұрын
Oh this problem, took me so long for me to realize why adding console.log kept changing output:/ ah should've used the web debugger instead of spamming console.logs, took me i don't even know how many hours (btw try dm coll it's quite easy once you found the correct line of code)
@pwnweb57346 жыл бұрын
No doubt u r the BEST
@marioguglia49285 жыл бұрын
12:49 basically nobody in the world knows what it does 🤣🤣🤣
@nicholasfacciola66265 жыл бұрын
im new to this so forgive me if this is ignorant but if you know that the password is the flag why can't you just simply console.log the password variable?
@cjhackerz6 жыл бұрын
I knew this video is coming :D
@7heMech2 жыл бұрын
Uhh... Yes, I understood everything!
@xenonamericium85356 жыл бұрын
on which websites you can play ctfs without a team? looks like you have to be really into it to compete with something on ctftime.org...
@mashtonish5 жыл бұрын
after the whole "with" statement thing, you just kind of fumbled over what was going on into calling it a solution. I wish you better explained how the solution/script helped crack that strange key for the value of source at the start, and the value of what CTF{AAAABBBB} made it
@AdrielFreud5 жыл бұрын
I'm watching from Brazil, Congratulations on the content :D
@oldbootz5 жыл бұрын
If you have a look at the file for this challenge now its quite different!
@oldbootz5 жыл бұрын
Maybe time to redo this one?
@raulmartina87816 жыл бұрын
Hey, can you suggest me an IRC with teams from the current ongoing Google CTF, I would like to chat with likeminded! :)
@d55112826 жыл бұрын
It used different 'x'es because the 'x'es were actually different - one of them was a Unicode one :) Look here - apps.timwhitlock.info/unicode/inspect?s=x%D1%85 First one is the "function name", and the second is the "function parameter" - aka the flag.
@d55112826 жыл бұрын
ah, someone wrote that already.. damn you, non-ajax youtube comments.
@h3xad3cimaldev614 жыл бұрын
How people think Google Employees are: "Oh my God they must be really good at there job since Google hired them and must write code insanely well that a baby could read it" Google Employees when writing code: "I speak AblaEnglJaIes" Highly Skilled Programmers: "Ah I see... Keep your secrets to yourself" Google: "I see your a man of culture"
@jowyjozef4 жыл бұрын
*Noob Alert* Newbie here...where can I go to learn all of this stuff? Is this part of "Ethical Hacking"
@StuxNETozor6 жыл бұрын
Hey, I'm still a n00b but I'd like to try playing CTF, does anyone know if there's anyway to find n00bs like me online and start playing ?
@floodingthesea93665 жыл бұрын
U don't need anyone to play with you can simply start with the beginner CTF by Google that's a decent accessible start
@rootkalinethunter3824 жыл бұрын
I am going to study ICT soon and I want to work in the cybersecurity. What do you guys recommend me to learn? I guess python right? Or what else? Could someone give me some answers? Thank you, Root KN from The Netherlands
@notkamui97494 жыл бұрын
If you want to do cybersecurity, python might not be the best language to learn tbh. Actually, if this is your first language, it would be even worse. Even though python is simple to learn, it makes you develop bad habits a lot if you don't know what you're doing. Plus, it does so much things in the background for you that you might end up not really understand how everything works deeply. C might be a little too harsh and cold for a beginner, but C++ or Java are great for that. They're both still low/mid level (not meaning they're easy or bad, but that they're closer to the computer) while being understandable and very complete. Bonus, if you know Java, or C or C++, you can learn any language pretty easily because many are just derivatives of C/C++/Java
@rootkalinethunter3824 жыл бұрын
@@notkamui9749 that's pretty amazing advice! Thank you very much.
@notkamui97494 жыл бұрын
@@rootkalinethunter382 No prob ! I hope you the best in your studies !
@rootkalinethunter3824 жыл бұрын
@@notkamui9749 thanks!
@simplylinn6 жыл бұрын
I took a stab at this myself, and yikes, I gave up after a while, because of the anti debugging measurements. I couldn't figure out what parts were important to the algorithm, and what parts were just anti debugger stuff. Also, this is written almost exclusively using "the bad parts" of javascript, overwriting the function with a string so you can't call it on successions, so I modified the function to be run multiple times to inspect what the hell it did aaaaaand, you guessed it, suddenly the sourcecode wasn't passed into anything anymore. I also couldn't make any sense of the c-function at all. You pass in the 'source' variable as a parameter and it tries to iterate over the length of it, but the source variable is a regexp object. It was a complete mess, I couldn't make sense of anything. It just goes to show that you need a completely different mindset to figure out a puzzle like this, vs when working with actual code that's meant to be understood. I'm fairly decent at reading and reconstructing minified JS into readable code, but that isn't doing weird stuff with scope, overwriting functions with strings as part of normal operations etc. I've always wanted to be a hacker, and CTF's seemed like a good place to start. I've done a few trivial ones, but I get frustrated and unable to continue when I hit a wall. This challenge especially just made me realize that I'm not a hacker, I'm a developer. I'll continue watching these videos, because they're highly educational, interesting and entertaining! And I can use the knowledge you provide to increase my ability to develop secure systems by avoiding pitfalls, but I'm not a "hacker" myself.
@Askaholic9076 жыл бұрын
CoderCandy Google CTF is especially hard, don’t beat yourself up for being stumped. I like some of the other sites like pwnable.kr, xssgame.com, and cryptopals.com to name a few. These are nice because they have very very simple challenges to start you out with, and there is no time limit. Writeups like this can be deceptive because they’re so short, when in reality the challenge takes many hours to solve.
@simplylinn6 жыл бұрын
Yeah, that's what I came to terms with. I don't enjoy beating my head against a problem like this for hours on end. I understand and enjoy the writeups and can learn how to develop more secure systems form them, but I'm not the kind of person who discover the vulnerabilities in the first place. I leave that to people who actually enjoy banging their head against a problem for hours and hours on end for that sweet reward of eventually cracking it. I've done a few simpler CTFs previously, and the really simple ones were unrewarding, and the harder ones were above my skill level. This is one that I COULD have cracked if I gave it some more time, but no. I did not enjoy putting in the time required to solve it, it's not my thing
@SeriousGamer7535 жыл бұрын
If this is considered really easy i think i shouldnt even think of pursuing coding
@JackBond12345 жыл бұрын
This isn't what I'd call coding. I'd consider myself pretty knowledgeable about Javascript, and I was only barely able to understand everything after it was explained in the video.
@thealex76713 жыл бұрын
So where I can find this website with crackmes?
@EmanuelLopesS26 жыл бұрын
I love this content
@kim877135 жыл бұрын
How do you open the source code for the html
@xx-wp3mq5 жыл бұрын
CTRL + U
@mangckyatmamon4 жыл бұрын
A few hrs ago I was watching a solution in NetHack. how did I end up here?
@PeakyBlinder5 жыл бұрын
Where can I learn all this stuff Where do you start ?
@ThirdEyeSuspect5 жыл бұрын
.
@thechillipl5 жыл бұрын
I wanna know that too
@peregrinusoblivione49675 жыл бұрын
He has a video on this. Go watch his web hacking video series. also overthewire.org has very easy ctf games that teach you the basics. Code Academy is the best site out there. Learn basic HTML, then some JS, then choose between either Python or Ruby to go full into. Basic SQL helps. But the best thing you can do is learn the theory behind it all and learn how computers think.
@peregrinusoblivione49675 жыл бұрын
Also be prepared to learn hundreds of Acronyms and be able to quickly memorize long strings of numbers.
@Yotanido6 жыл бұрын
You could have put a link to the challenges in the description, not just your solution...
@unihedronp25735 жыл бұрын
5:22.9-5:24.7 "And now we can ivnestigate."
@chigozie1235 жыл бұрын
This is why I don't trust JavaScript programmers. Shit like this is what nightmares are made of. In Typescript we trust. All day er' day
@iseceepcool25 жыл бұрын
If password = the flag why doesn't you just do like element.innerHtml(password); to make it display what the password string is
@JackBond12345 жыл бұрын
The password isn't stored anywhere in the file. It has to be reverse engineered based on the encryption key and the encryption algorithm provided, but the file is full of a lot of pitfalls that can make that very difficult.
@christiankaindl5 жыл бұрын
This is so crazy cool 😱
@ahmedmani10514 жыл бұрын
I was happy that i finished js course after watching this vid geuss not
@perkinskurt61474 жыл бұрын
'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit contact via:::::WHATSAPP>>> wa.me/17472081186 remember a stitch in time saves nine