Secure Vault: | Notion

Want to run this Docker container locally?

 docker run -d --restart unless-stopped -p 9005:80 --name js_flag joshbeck2024/js_flag_1:latest

Short Summary:

Utilize the javascript console

getcode()

Analysis:

The file `challenge.js` checks to see whether a CSS element, `code=` is present and contains the correct sequence of letters/digits.

function () {

    // This is a secret value stored inside this function.
    // Because it's inside this function, other code cannot access it directly.
    const CORRECT_CODE = "REDACTED";

    // This function attempts to retrieve the flag from the server
    function getflag() {

        // Clears the browser console for a clean output
        console.clear();

        // Gets the HTML element with id="safe-box"
        // Then reads the value of its "code" attribute
        const code = document
            .getElementById('safe-box')
            .getAttribute('code');

        // Sends a request to "/flag.txt" on the server
        fetch('/flag.txt', {

            // Custom HTTP headers are added to the request
            // The server will check this header to decide if access is allowed
            headers: {
                'X-Vault-Code': code
            }
        })

        // Runs when the server sends back a response
        .then(response => {

            // If the server responds with 403 (Forbidden) or 404 (Not Found),
            // we treat this as a failure and stop execution
            if (response.status === 403 || response.status === 404) {
                throw new Error("ACCESS DENIED");
            }

            // If access is allowed, read the response body as text
            return response.text();
        })

        // Runs if the request was successful
        .then(flag => {

            // Prints a green "ACCESS GRANTED" message in the console
            console.log(
                "%c ACCESS GRANTED ",
                "background: #00ff41; color: #000; font-size: 20px; font-weight: bold;"
            );

            // Prints the flag returned by the server
            console.log(
                "%c The flag is: " + flag.trim(),
                "color: #00ff41; font-size: 16px;"
            );

            // Find the visual status panel on the page
            const statusPanel = document.querySelector('.status-panel');

            // If the panel exists, update its appearance to show success
            if (statusPanel) {
                statusPanel.style.borderColor = '#00ff41';
                statusPanel.style.color = '#00ff41';
                statusPanel.innerHTML =
                    '<p>STATUS: UNLOCKED</p><p>ACCESS GRANTED</p>';
            }
        })

        // Runs if anything goes wrong (invalid code, denied access, etc.)
        .catch(err => {
            console.log(
                "%c ACCESS DENIED: Invalid Code Sequence",
                "color: #ff3333;"
            );
        });
    }
}

Find the safe-box div and add

code="CODE_FOUND"

Flag appears in the console

Want to run this Docker container locally?

Short Summary:

Analysis:

The file challenge.js checks to see whether a CSS element, code= is present and contains the correct sequence of letters/digits.

The file `challenge.js` checks to see whether a CSS element, `code=` is present and contains the correct sequence of letters/digits.