Solution:
<h4>Why not?
</h4>
<hr />
<div class="challenge-wrapper">
<form action="" method="post">
<label>Username</label>
<input type="text" name="username" id="cuser" placeholder="Username" class="form-control" />
<label>Passwor</label>
<input type="password" name="password" id="cpass" placeholder="Password" class="form-control" />
<input type="submit" style="margin-top: 12px;" value="Login" class="form-control btn btn-success c_submit" />
</form>
</div>
<div id="cresponse">
</div>
<script>
// Look's like weak JavaScript auth script :)
$(".c_submit").click(function(event) {
event.preventDefault();
var k = new Array(176,214,205,246,264,255,227,237,242,244,265,270,283);
var u = $("#cuser").val();
var p = $("#cpass").val();
var t = true;
if(u == "administrator") {
for(i = 0; i < u.length; i++) {
if((u.charCodeAt(i) + p.charCodeAt(i) + i * 10) != k[i]) {
$("#cresponse").html("<div class='alert alert-danger'>Wrong password sorry.</div>");
t = false;
break;
}
}
} else {
$("#cresponse").html("<div class='alert alert-danger'>Wrong password sorry.</div>");
t = false;
}
if(t) {
if(document.location.href.indexOf("?p=") == -1) {
document.location = document.location.href + "?p=" + p;
}
}
});
</script>
<hr />
Reverse the password…
var u = "administrator"
var s = [];
for (i = 0; i < u.length; i++) {
console.log(u.charCodeAt(i) - k[i] + i * 10);
s.push(Math.abs(u.charCodeAt(i) - k[i] + i * 10));
}
var pass = ''
for (x in s) {
pass += String.fromCharCode(s[x]);
}
console.log(pass)
user: administrator
pass: OhLord4309111
Flag: FLAG-65t23674o6N2NehA44272G24