Lynn's Blog Security Project

2017 Flare-On Challenge 1 login.html

Flare-On Challenge is the FireEye Labs Advanced Reverse Engineering (FLARE) team’s yearly reverse engineering contest. This is a CTF-style challenge for all active and aspiring reverse engineers, malware analysts, and security professionals.


There is an HTML file with a form. We need to provide a flag and check for its correctness.

Here is the content of login.html, the HTML page containing a simple client-side JavaScript authentication using ROT-13.

<!DOCTYPE Html />
   <title>FLARE On 2017</title>
   <input type="text" name="flag" id="flag" value="Enter the flag" />
   <input type="button" id="prompt" value="Click to check the flag" />
   <script type="text/javascript">
    document.getElementById("prompt").onclick = function () {
 	 var flag = document.getElementById("flag").value;
 	 var rotFlag = flag.replace(/[a-zA-Z]/g, function(c){
 	 return String.fromCharCode((c <= "Z" ? 90 : 122) >= (c = c.charCodeAt(0) + 13) ? c : c - 26);});
 	 if ("PyvragFvqrYbtvafNerRnfl@syner-ba.pbz" == rotFlag) {
 	  alert("Correct flag!");
 	 } else {
 	  alert("Incorrect flag, rot again");

Use python to decode and extract this flag.

print "PyvragFvqrYbtvafNerRnfl@syner-ba.pbz".decode('rot13')

If we enter PyvragFvqrYbtvafNerRnfl@syner-ba.pbz as the input, the message box shows us the flag for this challenge: