본문 바로가기

Web Security/webhacking.kr

[Webhacking.kr] old-20

old-20

This problem is in webhacking.kr.
URL: https://webhacking.kr/challenge/code-4///

If you enter the URL, you can see the below photo.

 

First, View Source

If you look at the code, you can see this part.

function ck(){
  if(lv5frm.id.value=="") { lv5frm.id.focus(); return; }
  if(lv5frm.cmt.value=="") { lv5frm.cmt.focus(); return; }
  if(lv5frm.captcha.value=="") { lv5frm.captcha.focus(); return; }
  if(lv5frm.captcha.value!=lv5frm.captcha_.value) { lv5frm.captcha.focus(); return; }
  lv5frm.submit();
}   

This code shows that if you do not enter the value, the page focus on the specific input tag.
But, it says on the first page that you will give 2 seconds to submit.
Thus, this problem cannot solve by the direct input method.

To solve the problem, you can use this method.

 

It is to give value in advance to the page.
As a result, you can solve the problem like this.

 

'Web Security > webhacking.kr' 카테고리의 다른 글

[Webhacking.kr] old-24  (0) 2023.05.19
[Webhacking.kr] old-21  (0) 2021.08.01
[Webhacking.kr] old-18  (0) 2021.08.01
[Webhacking.kr] old-17  (0) 2021.08.01
[Webhacking.kr] old-16  (0) 2021.08.01