Secret Message
Steven_The_GuyT (202)

I got an email this week, containing a secret message! I wasn't able to decipher it, but has anyone else been able? Don't tell us how to(no spoiling), just tell us if you did!

You are viewing a single comment. View All
IzanLarumbe (28)

πŸ†ˆπŸ…°πŸ†ˆπŸ†ˆπŸ…ΎπŸ†„πŸ…ΆπŸ…ΎπŸ†ƒπŸ…ΈπŸ†ƒ--πŸ…±πŸ…°πŸ†‚πŸ…ΈπŸ…²πŸ…΄πŸ†.πŸ†πŸ…΄πŸ…ΏπŸ…».πŸ…²πŸ…Ύ

IzanLarumbe (28)

@IzanLarumbe YES I GOT IT BOI
I AM THE FIRST!!!!

IzanLarumbe (28)

@IzanLarumbe `
// Find the security vulnerability and exploit

let express = require('express');
let fs = require('fs');
let app = express();

let password = process.env.PASSWORD;

if ( !/^[a-z]{8,20}$/.test(password) ) {
console.log("Plese setup your password");
process.exit(1);
}

app.use((req, res, next) => {
let start = process.hrtime()[1];
res.respond = (data) => {
res.contentType('text/plain;charset=utf8');
res.header('X-ProcessingTime', process.hrtime()[1] - start);
res.end(data);
};
next()
});

app.get('/', (req, res) => {
fs.readFile('index.js', "utf8", (err, data) => {
res.respond(data);
});
});

app.get('/info', (req, res) => {
if ( req.query.password == password ) {
res.respond(process.env.INFO);
} else {
res.respond("Password Incorrect");
}
});

app.listen(3000, () => {
console.log('server started');
})`

IzanLarumbe (28)

@IzanLarumbe Sad that i don't know json or hijacking json. I am done :3

Steven_The_GuyT (202)

@IzanLarumbe hey i'm on the leaderboard for most upvotes in 30 days!

Steven_The_GuyT (202)

@IzanLarumbe wait you weren't the first. @mat1 found it before you. Look at the top post and it's replies. Sorry!

mat1 (2508)

@Steven_The_GuyT Btw, the competition ended a while ago. The answer was izatimingattacklol, and you had to find it by running a timing attack on the web server. Rob told me I got 4th place, but I never got a reward and he isn't a part of the Repl.it team any more.

mat1 (2508)

@Steven_The_GuyT The creator of the challenge