Question: https://backdoor.sdslabs.co/challenges/2013-MISC-75
H4x0r once proclaimed on his posterous blog, ' Time eventually catches up with everyone , but not H4x0r. Challenge me if you can !' Time to bring him down to his Win98 world .
Here is the link
Created by: Ravi Kishore R No. of Correct Submissions: 360 Hints Console
Values in the given link changes on every reload, so the script has to be executed from browser console to avoid the cookies and all. Running the following script from the console (as soon as the page loads), will reveal the flag.
var count=1, sum=2, last_prime=2;
var p = /[1-9][1-9]+/i, s = document.getElementsByTagName("p")[0].innerHTML, n = parseInt(p.exec(s));
while(count<n){
last_prime++;
var b = Math.sqrt(last_prime);
var prime=true;
for(var i=2; i<=b; i++){
if(last_prime%i == 0){
prime=false;
break;
}
}
if(prime){
count++;
sum += last_prime;
}
}
var xhttp = new XMLHttpRequest();
xhttp.onreadystatechange = function() {
if (this.readyState == 4 && this.status == 200) {
document.getElementsByTagName("p")[0].innerHTML= this.responseText;
}
}
xhttp.open("POST", "http://hack.bckdr.in/2013-MISC-75/misc75.php", true);
xhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xhttp.send("answer="+sum);
Now this task cannot be completed ... Invalid page address ... Maybe someone still has a flag?