Security through Obscurity Challenge

Security through Obscurity Challenge
0.0 0

#1

Hello folks,

recently i learned about the concept of Security through Obscurity in my Introduction to security class.

Security through Obscurity is basically the equivalent of putting your keys under the doormat, you know theres a vulnerability but you hope that an potential attacker wont notice.

I created a small challenge similar to the one i got in my class, try it out - it probably wont take you long to solve it:
http://horv87.github.io/

Hope you enjoy it! Tell me how it went!


#2

I don’t know if this is even security through obscurity, this challenge was barely obscured :smile:

Great to inform people about this though!


#3

thanks for your feedback, maybe i will make a somewhat more difficult followup challenge :slight_smile:


#4

I think you have an error in your SEC.html:

window.location.href=document.a.c.value+".html";

Uncaught TypeError: Cannot read property 'c' of undefined

#5

thanks @jenovs - should be corrected now. :slight_smile:


#6

Now it works.

By the way unescape() is deprecated and you don’t need language="JavaScript" in your script tags.

And Security By Obscurity is bad especially if your code is on GitHub :wink:


#8

nice solved it … just finished binary agents challenge this morning so that helped lol


#9

Quite enjoyed that, but i can’t go any further :thumbsup:


#10

You might like this:


#11

Enjoyed it soo much. @Horv87 Thanks for sharing this informative puzzle. :slight_smile:


#12

Your sentence suggests you didn’t cross level 2. Am I right? :smiley:


#13

haha thought that was it


#14

Maybe this hint helps. :slight_smile:

Spoiler

paste this to console. And boom answer to final level.

String.fromCharCode(83, 69, 67)+".html";