Fight against time to deobfuscate the JavaScript function and reval the password.
function validate(username, password)
{
// very strict validation!! (browser specific)
function validate_length(str, len)
{
return str.length == len;
}
function match_cases(str1, str2)
{
return str1.toUpperCase().toLowerCase() == str2.toUpperCase().toLowerCase();
}
return validate_length(password, 8) && match_cases(password, 'qpflmtfifb');
}
You can pick any username,
but you'll need to deobfuscate the JS for the password.
# | Time | Usernames |
---|---|---|
1 | 0:01 | baboures |
2 | 0:02 | shafigullin |
3 | 0:09 | .mario |
4 | 0:21 | jbremer, lolz |
5 | 0:22 | Daniel Kopitchinski |
6 | 0:25 | http |
7 | 0:28 | MBentefor |
8 | 0:37 | Daniel Kopißinski |
9 | 0:40 | smfadhil |
10 | 0:50 | infandrew |
11 | 1:04 | Daniel Kopitßinski |
12 | 1:05 | bek |
13 | 1:12 | Dizzi |
14 | 2:17 | Purkka |
15 | 2:25 | <script>alert(1)</script>, kronusme |
16 | 2:36 | prjanick |
17 | 3:06 | szytop |
18 | 6:17 | avlidienbrunn |