 How's it going everybody my name is John Hammond and we are doing some more girls go cyber start which is a fun game put together by Sans it's meant for more of the high school girl Population which I am not a part of admittedly, but it's a lot of fun So it's enjoyable and I wanted to showcase it because I think it's very very cool. It's simple stuff. It's enjoyable It's it's easy breezy simple puzzles, but let's check it out. We're on challenge number eight here It's called newbie says our team has been working with the business whose website has been targeted by a series of militia scripts And had all the harm rocks of an experienced hacker still learn the code And we were easily able to quickly trace it back to their personal website We want to gain access to gather evidence and see what other scripts they have can you do so by taking advantage of the weak code Yeah, let's do it. Hey. Hey Do I have a sequel injection thing? Open vaults Maybe this is just JavaScript. Let's take a look at it here Yeah, if username is equal to admin and password is equal to ABCDF handle failure. Okay, let's do it Yeah Flag equals try function Good. Good. That's uh, what challenge was that 08 newbie? Let's make that as a little directory here 08 newbie CD 08 newbie. I should have marked that as complete my bad 08 newbie To the flag that text in there and a solution text view source See JavaScript Admin ABCDF ABCDF Good Let's move on challenge nine. We're almost at ten. We're digging it crypto coffee Sometimes hackers appear in the most unlikely of places our team recently uncovered a hacker who was running a coffee shop as a cover for secret identity We had to catch her to sleep. I was gonna be really fast, but I failed at it Use some kind of cipher to hide them take a look example. Can you find? secret message is This rot 13 just like the other thing was earlier rot 13 No, let's do a little for I in 26 do Caesar attack I done Are there any English words in this? I do not see password is password is That's 24, right? Yeah, okay 24. So this Will echo into Caesar 24 Merge verduree did it's No, what was it not the right key anymore? Did they change it? Hey, hey now That's not okay Someone just like walk by I'll care Not a big deal liquid. Why they change it. That's was I wrong? Password is liquid All right Let's uh What is that challenge 10 right crypto coffee? All right make directory 10 I'm watching this dude. He's just going out for a walk Flag dot text equals Liquid not that thing liquid nano solution dot text explore rot 13 first 24 then it was 23 I think Like that should have been 23 done. Yeah, that's weird man Maybe it's because of the Q query or whatever that's doing. Oh That was challenge nine. Oh, no, I was wrong all along That's good thing is it'll let me uh market is complete Good challenge 10. Oh, we're looking at real code not that the other stuff isn't real code But you know one of our agents recently brought up recently caught up with a talent hacker that loves using JavaScript for all of his attacks He hit the blow piece of JavaScript on a page. It's also embedded on this page. Can you find the result? Yeah, dude Let's just friggin run this You know our console here in DevTools paste that in Run it get a tax string code is that easy easy cheesy peasy make directory 11 Challenge 10. I don't I'm sorry. I don't know why I keep jumping the gun Indescriptable. Wow, that's a great challenge name flag dot text I'm enjoying myself. I don't know if you guys are I hope you are let's just say no solution Copy and run the JavaScript in the DevTools console People just walking around Move 10. Oh, no, I wanted to move back. Can you guys hear the rapid key fire on my keyboard? Probably It's fun. I hope this has been cool doing it live because this is all like stuff that I haven't touched before so You're getting the raw Puzzle-solving stuff baffling binary a recent identified hacker who goes by the name roo boots has been hiding secret messages in the robot She's been building stop anyone from This is straight up binary It's just binary Is that all you wanted me to do? Whoa put a zero X in there my bad 121 does it need in a binary? Oh Guess not. All right. That was that That's a little needed challenge 11 battling binary. Let's make that done Challenge, you know, oh, no make directory. I'm sorry. Gosh trying to type dude Should have marked that as complete as usual. I fail had the binary values enter In decimal you guys playing along. I hope this is kind of fun Animation is paused. Let's move on to challenge 12. We don't have too many left. How we doing on the video time? Six minutes. Oh, we can finish it, bro. Let's get these to get these next couple challenges spin lock We're all the world's largest banks refit all their vaults the new spin lock extreme two We're sure it was impossible to hack. Unfortunately. It seems it's incorrect Special key card we found that remote access in the interface in the vault to unlock the reverse getting the Can you do the same? I Skip through all of that and I probably shouldn't have so what do I have to do get my mouse in there? I don't understand interface test tool Special key card to be inserted which after checking the authenticity of the card realigns the circular locking mechanism to unlock it and updates interface that shows it's unlocked. How we found that by Remote accessing information interface on the vault we can unlock the vault by doing the reverse getting the interface to unlock Which unlocks the vault itself. Can you do the same? So what do I have to do? Insert the special key card How do I insert the special key card? Where is the key card? Where's the stuff at? Dude my computer's starting to cry on this though. What the F? What's going on remind users the number of degrees to use to unlock? There's JavaScript in here my phone's blown up. Sorry Say degrees Degrees, I don't understand pause yet slow down circle to a start circles Can I run the same exact code and get it to like stop? so Now I paste all those in Circles I I need a for loop Sorry all tabs going crazy so Set them to be paused Keep all tab in my bed now. They're all paused Um Real the physical vault itself requires a special key card to be inserted after which checking the authenticity of the card realigns A circular locking mechanism to unlock it and updates interface that it shows that it's unlocked We found that by remote accessing the interface on the vault. How does it? What is it? What is the alignment that needs to be in place? Updates the interface to show that it's unlocked well, I Will have to keep staring at this I guess Figure this out next time because I gotta get back to the office. You know what I'm saying? And we're about 10 minutes in this video, so I hope that was enjoyable and fun I'll see you in the next one and we'll get back to figuring out spin lock doing some fun stuff with that Hey, if you did like this video, please do like comment and subscribe join the discord server The link is in the description and it's a cool party place I'm so bad at these outros man. I'm so bad at YouTube. Why do you even watch these videos? You