After browsing the site as well as running Nikto as well as Dirbuster inward an campaign to detect something 'interesting', I checked the code.
The next script stood out:
<script language="JavaScript">
document.write(unescape("%3C%68%74%6D%6C%20%78%6D%6C%6E%73%3A%76%3 --snipped - "))
</script>
Trying to contrary the script amongst Unicode, had me banking concern gibe several websites.
http://www.tareeinternet.com/scripts/unescape.html
- the to a higher house unescape decoder worked
- I also included everything inward the <script> </script> tags
- as well as looked inward the resulting code like shooting fish in a barrel for anything that would atomic number 82 me to my adjacent clue.
- you lot tin speed upwards the procedure past times looking for for 'pass'
- as well as at that spot it was:
function GetPassInfo(){
if (document.forms[0].PassPhrase.value == 'easyyyyyyy!')
location.href="index.php?Result=easyyyyyyy!";
else
alert("Wrong Code...!!");
}
- typed that inward and...
The next script stood out:
<script language="JavaScript">
document.write(unescape("%3C%68%74%6D%6C%20%78%6D%6C%6E%73%3A%76%3 --snipped - "))
</script>
Trying to contrary the script amongst Unicode, had me banking concern gibe several websites.
http://www.tareeinternet.com/scripts/unescape.html
- the to a higher house unescape decoder worked
- I also included everything inward the <script> </script> tags
- as well as looked inward the resulting code like shooting fish in a barrel for anything that would atomic number 82 me to my adjacent clue.
- you lot tin speed upwards the procedure past times looking for for 'pass'
- as well as at that spot it was:
function GetPassInfo(){
if (document.forms[0].PassPhrase.value == 'easyyyyyyy!')
location.href="index.php?Result=easyyyyyyy!";
else
alert("Wrong Code...!!");
}
- typed that inward and...
