Skip to content

Commit

Permalink
Update GitHub Codespaces instructions for S2L5 (#85)
Browse files Browse the repository at this point in the history
* Update GitHub Codespaces instructions for S2L5

* Apply suggestions from code review

---------

Co-authored-by: ariyonaty <[email protected]>
Co-authored-by: Joseph Katsioloudes <[email protected]>
  • Loading branch information
3 people authored Apr 4, 2024
1 parent 739cf73 commit e975b5d
Show file tree
Hide file tree
Showing 5 changed files with 34 additions and 21 deletions.
13 changes: 8 additions & 5 deletions Season-2/Level-5/hack-1.js
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,13 @@

// 1. Double click index.html to open it in any browser. Are you using GitHub Codespaces?

// Please note that if you are inside a codespace, it is not possible to perform step 1. For
// this reason, please create a local copy for the file 'index.html'. You can do so by copying
// and pasting the contents of 'index.html' in a local file so that you can open it in a browser.
// Then, follow the remaining steps.
// Please note that if you are inside a codespace, it is not possible to perform step 1.
// Instead, run the following command inside the codespace's terminal:
// `cd Season-2/Level-5/ && python3 -m http.server`
// A pop up window will appear on the bottom right informing you that
// "Your application running on port 8000 is available". Now click "Open in Browser".
// Another way to open the application on port 8000 is by clicking on the "Ports" tab
// in terminal, followed by clicking on its respective URL.

// 2. Copy the following line, paste it in the javascript console and press enter.
var s = { toString: function() { alert('Exploit 1'); } };
Expand All @@ -19,4 +22,4 @@ CryptoAPI.sha1.hash(s)

// 5. Refresh the page to reset the level.

// * If the exploit was unsuccessful, you can proceed to the next exploit inside hack-2.js.
// * If the exploit was unsuccessful, you can proceed to the next exploit inside hack-2.js.
13 changes: 8 additions & 5 deletions Season-2/Level-5/hack-2.js
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,13 @@

// 1. Double click index.html to open it in any browser. Are you using GitHub Codespaces?

// Please note that if you are inside a codespace, it is not possible to perform step 1. For
// this reason, please create a local copy for the file 'index.html'. You can do so by copying
// and pasting the contents of 'index.html' in a local file so that you can open it in a browser.
// Then, follow the remaining steps.
// Please note that if you are inside a codespace, it is not possible to perform step 1.
// Instead, run the following command inside the codespace's terminal:
// `cd Season-2/Level-5/ && python3 -m http.server`
// A pop up window will appear on the bottom right informing you that
// "Your application running on port 8000 is available". Now click "Open in Browser".
// Another way to open the application on port 8000 is by clicking on the "Ports" tab
// in terminal, followed by clicking on its respective URL.

// 2. Copy the following line, paste it in the javascript console and press enter.
CryptoAPI.sha1._round = function() { alert('Exploit 2'); };
Expand All @@ -19,4 +22,4 @@ CryptoAPI.sha1.hash("abc")

// 5. Refresh the page to reset the level.

// * If the exploit was unsuccessful, you can proceed to the next exploit inside hack-3.js.
// * If the exploit was unsuccessful, you can proceed to the next exploit inside hack-3.js.
13 changes: 8 additions & 5 deletions Season-2/Level-5/hack-3.js
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,13 @@

// 1. Double click index.html to open it in any browser. Are you using Codespaces?

// Please note that if you are inside a Codespace, it is not possible to perform step 1. For
// this reason, please create a local copy for the file 'index.html'. You can do so by copying
// and pasting the contents of 'index.html' in a local file so that you can open it in a browser.
// Then, follow the remaining steps.
// Please note that if you are inside a codespace, it is not possible to perform step 1.
// Instead, run the following command inside the codespace's terminal:
// `cd Season-2/Level-5/ && python3 -m http.server`
// A pop up window will appear on the bottom right informing you that
// "Your application running on port 8000 is available". Now click "Open in Browser".
// Another way to open the application on port 8000 is by clicking on the "Ports" tab
// in terminal, followed by clicking on its respective URL.

// 2. Copy the following line, paste it in the javascript console and press enter.
Array.prototype.__defineSetter__("0", function() { alert('Exploit 3'); });
Expand All @@ -19,4 +22,4 @@ CryptoAPI.sha1.hash("abc")

// 5. Refresh the page to reset the level.

// * If the exploit was unsuccessful, you have now resolved this exploit. Congratulations!
// * If the exploit was unsuccessful, you have now resolved this exploit. Congratulations!
13 changes: 8 additions & 5 deletions Season-2/Level-5/hint-1.txt
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,16 @@ Do you want to visualize the above? Follow these instructions:

1. Double click index.html to open it in any browser. Are you using GitHub Codespaces?

// Please note that if you are inside a codespace, it is not possible to perform step 1. For
// this reason, please create a local copy for the file 'index.html'. You can do so by copying
// and pasting the contents of 'index.html' in a local file so that you can open it in a browser.
// Then, follow the remaining steps.
// Please note that if you are inside a codespace, it is not possible to perform step 1.
// Instead, run the following command inside the codespace's terminal:
// `cd Season-2/Level-5/ && python3 -m http.server`
// A pop up window will appear on the bottom right informing you that
// "Your application running on port 8000 is available". Now click "Open in Browser".
// Another way to open the application on port 8000 is by clicking on the "Ports" tab
// in terminal, followed by clicking on its respective URL.

2. Copy the first line of the example, paste it in the javascript console and press enter.

3. Now copy the second line, paste it in the javascript console and press enter.

4. A popup should appear with the text "Exploit 1" in it. If it does, the exploit was successful.
4. A popup should appear with the text "Exploit 1" in it. If it does, the exploit was successful.
3 changes: 2 additions & 1 deletion Season-2/Level-5/index.html
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<pre>
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⣀⣀⣀⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⣀⣀⣀⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⣀⣀⣀⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⣴⣻⣿⡁⠀⠈⢹⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣴⣻⣿⡁⠀⠈⢹⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣴⣻⣿⡁⠀⠈⢹⠀⠀⠀⠀⠀⠀⠀⠀⠀
Expand Down Expand Up @@ -122,4 +123,4 @@
runConsole();
</script>
</body>
</html>
</html>

1 comment on commit e975b5d

@ajay01071

This comment was marked as spam.

Please sign in to comment.