JavaScript Deobfuscation

DarkBlanc · March 9, 2024, 11:20am

Query : Using what you learned in this section, try to deobfuscate ‘secret.js’ in order to get the content of the flag. What is the flag?

what i did :-
go to secret.js in browser use it’s code deobfuscate using deobfuscateio then unpack using unPacker i got one flag i.e var flag = “HTB { 1_4m_7h3_53r14l_g3n3r470r!}”
i tried it but it is wrong answer then used curl
curl -s -X POST “http://83.136.249.57:43235/serial.php”
got reply N2gxNV8xNV9hX3MzY3IzN19tMzU1NGcz ,
decoded it using base64 got serial i.e. 7h15_15_a_s3cr37_m3554g3
use curl -s -X POST “http://83.136.249.57:43235/serial.php” -d “serial=7h15_15_a_s3cr37_m3554g3”
i got reply HTB{ju57_4n07h3r_r4nd0m_53r14l}
i entered it but site says it is wrong answer
what should i do?

PrathamSingh11 · April 22, 2024, 3:18pm

Even I am stuck on this one… Have you got any answers, solution to this? If so, please reply

hashira · April 29, 2024, 3:16am

Clue: format issue, you are very close!

7h3B4dg3r · June 26, 2024, 2:33pm

So…is this lab broken? I don’t understand.

Sarma · October 23, 2024, 8:29pm

Hi every body its not broken it just weird. Try all together like flags usually looks: HTB{################}

Omgitsdae · February 16, 2025, 7:45pm

I formatted everything this way “HTB{ju574n07h3rr4nd0m53r14l}” is this not the answer? what other steps am i missing?

Topic		Replies	Views
Javascript deobfuscation room Academy	2	953	March 9, 2024
Javascript Deobfuscation Module - Retrieve the 'flag' variable Academy javascript , htb-academy	3	1571	December 17, 2024
JavaScript Deobfuscation Question Other javascript , academy , htb-academy	4	4718	June 12, 2024
Javascript Off-topic	1	262	May 24, 2022
Secure Coding 101: JavaScript q2 academy	1	186	October 29, 2024

JavaScript Deobfuscation

Related topics