The first set of challeneges in our AIS CTF Challenge Series are quite ironic really, given I’m using WordPress to host this blog, but they’re Client-side protection oriented, and as such, mostly revolve around the browser or ‘client’.
Super Admin
The first challenge within the client-side protection section, simply greets you with the following:
Pressing submit gives the following error: “Javascript validation failed. You are not super admin. is_super_admin = false” – this instantly gives us two very big clues… You might have guessed them…
Opening the console/inspect element with CTRL+SHIFT+C, we can see that AIS have left us a little header in the console, this will be useful to remember for future challenges.
We already know the Javascript variable we’re looking for from the error message (“is_super_admin”), and if we type this into the console, we can quickly see that it exists in our current context and is set to “false”.
Well, that looks to me that we can easily set the variable to true and click submit, so that’s what we did:
Lo and behold:
A quick win! Let’s hope they’re all this easy… (they were not).