Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!DOCTYPE html>
- <html>
- <noscript>
- <style>html {
- display: none;
- }</style>
- <meta http-equiv="refresh" content="0;url=/no-javascript">
- </noscript>
- <head><script type="text/javascript">window.NREUM||(NREUM={}),__nr_require=function(e,n,t){function r(t){if(!n[t]){var o=n[t]={exports:{}};e[t][0].call(o.exports,function(n){var o=e[t][1][n];return r(o||n)},o,o.exports)}return n[t].exports}if("function"==typeof __nr_require)return __nr_require;for(var o=0;o<t.length;o++)r(t[o]);return r}({1:[function(e,n,t){function r(){}function o(e,n,t){return function(){return i(e,[c.now()].concat(u(arguments)),n?null:this,t),n?void 0:this}}var i=e("handle"),a=e(2),u=e(3),f=e("ee").get("tracer"),c=e("loader"),s=NREUM;"undefined"==typeof window.newrelic&&(newrelic=s);var p=["setPageViewName","setCustomAttribute","setErrorHandler","finished","addToTrace","inlineHit","addRelease"],d="api-",l=d+"ixn-";a(p,function(e,n){s[n]=o(d+n,!0,"api")}),s.addPageAction=o(d+"addPageAction",!0),s.setCurrentRouteName=o(d+"routeName",!0),n.exports=newrelic,s.interaction=function(){return(new r).get()};var m=r.prototype={createTracer:function(e,n){var t={},r=this,o="function"==typeof n;return i(l+"tracer",[c.now(),e,t],r),function(){if(f.emit((o?"":"no-")+"fn-start",[c.now(),r,o],t),o)try{return n.apply(this,arguments)}finally{f.emit("fn-end",[c.now()],t)}}}};a("setName,setAttribute,save,ignore,onEnd,getContext,end,get".split(","),function(e,n){m[n]=o(l+n)}),newrelic.noticeError=function(e){"string"==typeof e&&(e=new Error(e)),i("err",[e,c.now()])}},{}],2:[function(e,n,t){function r(e,n){var t=[],r="",i=0;for(r in e)o.call(e,r)&&(t[i]=n(r,e[r]),i+=1);return t}var o=Object.prototype.hasOwnProperty;n.exports=r},{}],3:[function(e,n,t){function r(e,n,t){n||(n=0),"undefined"==typeof t&&(t=e?e.length:0);for(var r=-1,o=t-n||0,i=Array(o<0?0:o);++r<o;)i[r]=e[n+r];return i}n.exports=r},{}],4:[function(e,n,t){n.exports={exists:"undefined"!=typeof window.performance&&window.performance.timing&&"undefined"!=typeof window.performance.timing.navigationStart}},{}],ee:[function(e,n,t){function r(){}function o(e){function n(e){return e&&e instanceof r?e:e?f(e,u,i):i()}function t(t,r,o,i){if(!d.aborted||i){e&&e(t,r,o);for(var a=n(o),u=m(t),f=u.length,c=0;c<f;c++)u[c].apply(a,r);var p=s[y[t]];return p&&p.push([b,t,r,a]),a}}function l(e,n){v[e]=m(e).concat(n)}function m(e){return v[e]||[]}function w(e){return p[e]=p[e]||o(t)}function g(e,n){c(e,function(e,t){n=n||"feature",y[t]=n,n in s||(s[n]=[])})}var v={},y={},b={on:l,emit:t,get:w,listeners:m,context:n,buffer:g,abort:a,aborted:!1};return b}function i(){return new r}function a(){(s.api||s.feature)&&(d.aborted=!0,s=d.backlog={})}var u="nr@context",f=e("gos"),c=e(2),s={},p={},d=n.exports=o();d.backlog=s},{}],gos:[function(e,n,t){function r(e,n,t){if(o.call(e,n))return e[n];var r=t();if(Object.defineProperty&&Object.keys)try{return Object.defineProperty(e,n,{value:r,writable:!0,enumerable:!1}),r}catch(i){}return e[n]=r,r}var o=Object.prototype.hasOwnProperty;n.exports=r},{}],handle:[function(e,n,t){function r(e,n,t,r){o.buffer([e],r),o.emit(e,n,t)}var o=e("ee").get("handle");n.exports=r,r.ee=o},{}],id:[function(e,n,t){function r(e){var n=typeof e;return!e||"object"!==n&&"function"!==n?-1:e===window?0:a(e,i,function(){return o++})}var o=1,i="nr@id",a=e("gos");n.exports=r},{}],loader:[function(e,n,t){function r(){if(!x++){var e=h.info=NREUM.info,n=d.getElementsByTagName("script")[0];if(setTimeout(s.abort,3e4),!(e&&e.licenseKey&&e.applicationID&&n))return s.abort();c(y,function(n,t){e[n]||(e[n]=t)}),f("mark",["onload",a()+h.offset],null,"api");var t=d.createElement("script");t.src="https://"+e.agent,n.parentNode.insertBefore(t,n)}}function o(){"complete"===d.readyState&&i()}function i(){f("mark",["domContent",a()+h.offset],null,"api")}function a(){return E.exists&&performance.now?Math.round(performance.now()):(u=Math.max((new Date).getTime(),u))-h.offset}var u=(new Date).getTime(),f=e("handle"),c=e(2),s=e("ee"),p=window,d=p.document,l="addEventListener",m="attachEvent",w=p.XMLHttpRequest,g=w&&w.prototype;NREUM.o={ST:setTimeout,SI:p.setImmediate,CT:clearTimeout,XHR:w,REQ:p.Request,EV:p.Event,PR:p.Promise,MO:p.MutationObserver};var v=""+location,y={beacon:"bam.nr-data.net",errorBeacon:"bam.nr-data.net",agent:"js-agent.newrelic.com/nr-1044.min.js"},b=w&&g&&g[l]&&!/CriOS/.test(navigator.userAgent),h=n.exports={offset:u,now:a,origin:v,features:{},xhrWrappable:b};e(1),d[l]?(d[l]("DOMContentLoaded",i,!1),p[l]("load",r,!1)):(d[m]("onreadystatechange",o),p[m]("onload",r)),f("mark",["firstbyte",u],null,"api");var x=0,E=e(4)},{}]},{},["loader"]);</script>
- <title>CyberStart Assess</title>
- <link type="text/css" rel="stylesheet" media="all" href="/assets/css/styles.css?version=3.1.2">
- <meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0">
- <script src="/assets/js/site.js?version=3.1.2"></script>
- <script src="/assets/js/bodymovin.js?version=3.1.2"></script>
- <link rel="apple-touch-icon-precomposed" href="/assets/images/apple-touch-icon.png?version=3.1.2">
- <link rel="icon" type="image/png" href="/assets/images/apple-touch-icon.png?version=3.1.2">
- <link rel="shortcut icon" href="/assets/images/favicon.ico?version=3.1.2">
- </head>
- <body>
- <div class="module-navbar">
- <div class="navbar">
- <a href="/" class="logo">
- <img src="/assets/images/logo-navbar.png?version=3.1.2" class="image"
- alt="CyberStart Assess logo">
- </a>
- </div>
- </div>
- <div data-challengeid="5" data-bonus="14" data-userid="12389" data-timeoutafter="300000" data-incrementtime="30000" data-token="6d60c6eda4eceabcc3a73d2093d10d402bef37882ac20aac57b2f8b0cf980492" id="holder" class="page page-slim page-challenge-k">
- <div class="module-progress" id="progress-holder">
- <div class="progress progress-13"><a href="/challenge-01" class="step step-01 step-correct">01</a><a href="/challenge-02" class="step step-02 step-correct">02</a><a href="/challenge-03" class="step step-03 step-correct">03</a><a href="/challenge-04" class="step step-04 step-correct">04</a><a href="/challenge-05" class="step step-05 step-current">05</a><a href="/challenge-06" class="step step-06">06</a><a href="/challenge-07" class="step step-07">07</a><a href="/challenge-08" class="step step-08">08</a><a href="/challenge-09" class="step step-09">09</a><a href="/challenge-10" class="step step-10">10</a><a href="/challenge-11" class="step step-11 step-correct">11</a><a href="/challenge-12" class="step step-12">12</a><a href="/challenge-13" class="step step-13">13</a></div> </div>
- <div class="module-illustration">
- <div id="bodymovin" class="bodymovin bodymovin-k" style="background-image: url('/assets/images/banner-11-a.png?version=3.1.2');" data-bm-renderer="svg"></div>
- <script>
- var anim;
- var elem = document.getElementById('bodymovin')
- var animData = {
- container: elem,
- renderer: 'svg',
- loop: true,
- autoplay: true,
- rendererSettings: {
- progressiveLoad: true
- },
- path: 'assets/json/data-ch-k.json?version=3.1.2'
- };
- anim = bodymovin.loadAnimation(animData);
- </script>
- </div>
- <div class="module-challenge">
- <div class="paper paper-rounded-bottom">
- <div id="paper-stamp-difficulty" class="stamp stamp-difficulty stamp-easy">Easy</div>
- <div class="stamp stamp-complete" id="completedStamp" style="display:none">Challenge completed!</div>
- <p class="pretitle">Challenge 05</p>
- <h1 class="heading heading-center heading-secondary">Lazy locked login</h1>
- <p class="brief">The Internet of Things (IOT) is a big deal these days and we recently came across a hacker who loves hacking everyday household devices, like coffee machines and fridges. One fridge he hacked has a remotely accessible page allowing a technician to control it. The username and password were easy to find, but the form still has some very lazy extra protection. He managed to get around it, can you?</p>
- <div class="fridge-window">
- <div class="fridge">
- <div class="badge">UBERFRIDGE</div>
- <div class="handle"></div>
- <div class="screen">
- <div class="success" id="successMessage" style="display: none"></div>
- <div class="browser" id="browser">
- <div class="name">UberFridge 1000</div>
- <div class="details">Technician Access Only</div>
- <form class="form" onsubmit="login(get('username').value,get('password').value,'6d60c6eda4eceabcc3a73d2093d10d402bef37882ac20aac57b2f8b0cf980492'); return false">
- <div class="field">
- <label class="label" for="username"></label>
- <input class="input-text" type="text" name="username" autocomplete="off" value="admin" id="username">
- </div>
- <div class="field">
- <label class="label" for="password"></label>
- <input class="input-text" type="password" name="password" autocomplete="off" value="password" id="password">
- </div>
- <div class="actions">
- <!-- Developer notes: This will be disabled if page not accessed from technician's laptop. -->
- <input type="submit" value="Enter" class="btn" disabled="true">
- </div>
- </form>
- </div>
- </div>
- </div>
- </div>
- <div class="code">
- <form class="form form-code" onsubmit="attemptFlag(05, this.code.value, '6d60c6eda4eceabcc3a73d2093d10d402bef37882ac20aac57b2f8b0cf980492'); return false" id="flagForm">
- <div class="pop pop-success" id="pop-message"></div>
- <input type="hidden" id="csrf" name="csrf" value="6d60c6eda4eceabcc3a73d2093d10d402bef37882ac20aac57b2f8b0cf980492">
- <input class="input-text" type="text" name="code" id="codeAttempt" placeholder="Insert code here" autocomplete="off">
- <div class="actions">
- <input type="submit" value="Submit code" class="btn">
- </div>
- <div class="extras extras-center"><a id="skip-link" href="/challenge-06" class="link link-quiet-emphasis">Not sure? Go to Challenge 06</a></div>
- </form><a href="/challenge-06" class="btn btn-complete" id="completedButton" style="display: none">Correct! Well done. Go to challenge 06 →</a> </div> </div>
- </div>
- </div>
- <script>runChallengeTimer();</script>
- <script>
- // Login attempt
- var login = function(username,password,csrf)
- {
- var xhr = xhrObj();
- xhr.onreadystatechange=function() {
- // On successful response...
- if (xhr.readyState==4 && xhr.status==200) {
- var responseText = xhr.responseText;
- if (responseText != "Incorrect") {
- get('successMessage').innerHTML = responseText;
- get('successMessage').style.display = "block";
- get('browser').style.display = "none";
- }
- }
- }
- xhr.open("POST","/challenge-05",true);
- xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
- xhr.send("action=login&username="+encodeURIComponent(username)+"&password="+encodeURIComponent(password)+"&csrf="+csrf);
- }
- </script>
- <div class="module-base">
- <div class="base">
- <div class="discovery"><a href="https://joincyberdiscovery.com" target="_blank" class="link">Back to Cyber Discovery ></a></div>
- <div class="copyright">Copyright 2017 SANS. Version 3.1.2</div>
- <div class="logout"><a href="/logout" class="link">Sign out</a></div>
- </div>
- </div>
- <!-- Google Analytics -->
- <script async src="https://www.googletagmanager.com/gtag/js?id=UA-109525775-3"></script>
- <script>
- window.dataLayer = window.dataLayer || [];
- function gtag(){dataLayer.push(arguments);}
- gtag('js', new Date());
- gtag('config', 'UA-109525775-3');
- </script>
- <script type="text/javascript">window.NREUM||(NREUM={});NREUM.info={"beacon":"bam.nr-data.net","licenseKey":"e8c65ea953","applicationID":"90369300","transactionName":"YFFQYkIDD0ZVAkcNVlkbZ0RZTRNaQRVWSklfRA==","queueTime":0,"applicationTime":21,"atts":"TBZTFAoZHEg=","errorBeacon":"bam.nr-data.net","agent":""}</script></body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement