 How's it going everybody? My name is John Hammond. Welcome back to the YouTube video this time checking out the Kaisen CTF as we have been before So I want to check out some of the web challenges showcase and demonstrate some of these to you The first one is the button which was a pretty simple 100 point challenge Again, the web category and the question is click the button to get the flag. How hard could it be? So this is a pretty classic web challenge where it's just a simple button You can move your mouse over it or at least try to and every time you do it hides I guess it hides your mouse for one thing. I don't know if it does that on your end too But if you try and mouse over it, it moves the button so you can't actually click on it So if you actually take a look at the source of the web page here, you see how it's doing what it's doing We can see some JavaScript stuff and there's really nothing else here obviously between that HTML comment So the first one that we see is a Four thing this looks like jQuery. This is like the jQuery library So that must be how they're doing it to begin with and then another JavaScript script that is This time explaining the functionality of the web page. So it said this authorization object to null Get this authorization thing and it creates a div ID message and there's a button that says click here to flag They that they create with JavaScript it says this mouse over function that puts the position to a random spot and we can't really mouse over every time we Do move our mouse it runs away. It moves away from us But this click once we actually on the click function and on the click button Event handler it makes a call with Ajax to this get flag URL it passes some headers with an authorization thing and It posts with the HTTP post method Passing in requests. Can I have the flag and know whatever it returns from this this get flag PHP file? It does display out in a message. So initially I tried to like automate this process here. I'll show you here Because I have curl right and I can specify a URL we can give it the button page With that get flag dot PHP script Frank this down so you can see it more It says okay. We're not authorized to view the flag if we pass in that data that it's missing requests can equal Can I has the flag question mark again? We're still not authorized to view this flag So it's got to be that header that's determining what we can do for us So I'm we can pass in. Oh sure an authorization on like header with curl, right? We can set that equal to It looks like they just set it to an undefined thing So I literally just tried the the string undefined, but that didn't work for us So I tried that tactic for a little bit and it didn't work because I just wanted to see if I could automate getting the flag to begin with But it didn't work for us. So I went back to poking at it within the web page What I did was I actually used Javascript. I'm sorry firefox extension called firebug to be able to work with the web page and I can try and zoom in here a little bit So I can enable this and take a look at the HTML Again, there's nothing in here though other than the button and there's that script that's controlling it It doesn't look like it has any Javascript for one thing that it sees though within The Firebug extension so that didn't work for me. I wasn't able to see Javascript for whatever reason But I am still able to interact with it and do things with it because of the console like Firebug and let me manipulate the entire web page however I want so since jQuery is loaded and I know that it is on the page I can use jQuery to specify I want that button object Right, and it'll get returned for me and I can say dot click to initialize or like invoke that event listener And hey, it does it and hey we get this congrats. Here's your flag. I click the button. So there it is real easy. I Just use firebug to interact with the page and literally click the button by calling it within Javascript and jQuery That's all I did. So there's our flag. We can submit it for 100 points. That's how I solved it Maybe you or some others solved a different way, but hey, that's how I did it in this case So thanks for watching guys. Hope you enjoyed it. Hope you can check out the firebug extension for Firefox If you haven't heard of it or seen it before but it's a really cool Javascript a bugger if you're ever trying to write your own Javascript code you can turn the like Console and the the logger on and that can notify if you have any errors in your Javascript code because otherwise It's kind of difficult to debug Javascript. So alright. Thanks for watching guys. Hope you enjoyed this one and I'll see you in a later video