White Hat Institute

“Defend the Web” write-up (Intro 5)

“Defend the Web” write-up (Intro 5— JavaScript prompt() function information leak)

We’ll look at the JavaScript prompt in this session. The prompt() method, like alert() and confirm() methods, is a window object method (). The prompt() method displays a dialog box with an optional message asking the user to enter some content. It’s frequently used when a user wishes to enter a value before proceeding to the next page. It either returns a string containing the user’s content or is null.

The data collected from the visitor via prompt() can be saved in a variable. It’s vital to keep in mind that the value returned by prompt() and then put in a variable is always of the string data type. If the JavaScript prompt() method is not filtered properly, there is always a chance to retrieve the data.

Let’s take a look at a challenge.

When a prompt window pops up, type something and then click on the “OK” button.

Defend the Web Intro 5-1

Right-click on the page and select the “View Page Source” option to analyze the source code.

Defend the Web Intro 5-2

Press on “CTRL + F” and search for the “prompt()” method.

Defend the Web Intro 5-3

As you can see in the screenshot, the prompt() method saves the user input to a variable and then compares it to the default password value (9b3e2f54cc). If the user input and the default password value match, then the webpage will have grand access.

Copy the default password value and submit it into the password field of the prompt window to pass the challenge.