Hello World, welcome to haxez where today we’re looking at Hack This Site Javascript Mission 2. For this mission, we only need to change a setting within our browser or install a plugin. As a result, we disable Javascript which allows us to complete the mission. As can be seen from the image below, the mission is called Disabled Javascript and supposedly has a script that redirects to log out hackers.
Javascript 2 Scripting Enabled
As a result, navigating to the mission will prompt an error message saying we need to try again because we didn’t disable Javascript. To complete this mission, we need to disable the script doesn’t run and we don’t get “logged out”.
Disabling Javascript
In order to disable the script, we can install a browser plugin or we can head to our browser settings. I’m using Firefox so the setting we need is in 'about:config'. Head to ‘about:config‘ in your browser and search for Javascript. You should see an enabled option with the value set to true. Click the little arrow icons and change the value to false. There are plenty of guides out there for other browsers or you can search the browsers store for a plugin that disables it.
Scripting Disabled
Now that it’s disabled, we can head back to the mission and click the ‘here’ hyperlink to take the mission. This time you shouldn’t see an error. You should see another link that says “Click here to win”. Click that link and you should then see the image below congratulating you on completing the challenge.
Conclusions
There isn’t much to say about this one honestly. It’s a good mission to teach the user how to disable and enable client-side scripting in your browser. Client-side scripting is responsible for a number of attacks like Cross-Site Scripting (XSS) and when combined with other vulnerabilities can cause a lot of problems. Anyway, I’ve passed this post out as much as possible but there isn’t much more I can say so… thanks for reading.