Tuesday, 14 October 2014

NUS SoC Hacking Challenge 6 - The Flash

Second Last Level for the NUS SoC Hacking Challenge!

So in level 6, we only have this flash image and no hints at all.

Thanks to my experience in performing on analyzing vulnerabilities of flash files, first thing i did was to download the .swf file from the site (Thank you Firefox for making this easy!). Once downloaded, i used the free HP SWFScan to decompile the flash file. And yeap, found a string that is really suspicious. 

So i placed the string of text into the form field BUT then, the submit button was not able to be clicked on. It looked like it was disabled. Using Firebug addon for Firefox (Again, thank you Firefox!), i search for the Submit button and look at the HTML code. Fair enough, it was 'disabled'.

So trying my luck, using Firebug, i edited the 'disabled' and turned it to 'enabled'. And sure enough, when i edited that, i was able to click Submit. And i was happy it went through!!

Next stop - Level 7!!!!

No comments:

Post a Comment