HackTheBox Canvas Writeup

2025-02-04[Updated: 2025-02-04]

https://app.hackthebox.com/challenges/156

Description

We want to update our website but we are unable to because the developer who coded this left today. Can you take a look?

Exploitation

Deobfuscated JavaScript

var res = String['\x66\x72\x6f\x6d\x43\x68\x61\x72\x43\x6f\x64\x65'](0x48, 0x54, 0x42, 0x7b, 0x57, 0x33, 0x4c, 0x63, 0x30, 0x6d, 0x33, 0x5f, 0x37, 0x30, 0x5f, 0x4a, 0x34, 0x56, 0x34, 0x35, 0x43, 0x52, 0x31, 0x70, 0x37, 0x5f, 0x64, 0x33, 0x30, 0x62, 0x46, 0x75, 0x35, 0x43, 0x34, 0x37, 0x31, 0x30, 0x4e, 0x7d, 0xa);

Open the browser console and type res.

Summary

Canvas: reduce the custom rules to a scriptable check and use the smallest reliable path to the flag.