So this is like the hip, overhyped version of any [1] number [2] of [3] public [4] CTF [5] and [6] hackme [7] sites [8]?<p>1 - <a href="http://overthewire.org/wargames/" rel="nofollow">http://overthewire.org/wargames/</a><p>2 - <a href="http://www.hacker.org" rel="nofollow">http://www.hacker.org</a><p>3 - <a href="http://smashthestack.org" rel="nofollow">http://smashthestack.org</a><p>4 - <a href="http://3564020356.org" rel="nofollow">http://3564020356.org</a><p>5 - <a href="https://w3challs.com" rel="nofollow">https://w3challs.com</a><p>6 - <a href="http://sys.warchall.net" rel="nofollow">http://sys.warchall.net</a><p>7 - <a href="http://canyouhack.it" rel="nofollow">http://canyouhack.it</a><p>8 - <a href="http://www.microcontest.com" rel="nofollow">http://www.microcontest.com</a><p>(Seriously, there's a ton)
> function decrypt(a){return "a";}<p>notAdmin<p>a<p>"Login complete, and notAdmin is Admin."<p>Reminds me of when I made a login-form in flash, that simply redirected the browser to "hiddenLoggedIn.html". To be fair I was around 13.
That's an "unconventional" way of using the switch/case construct. But it doesn't seem to matter in this case. Intentional?<p>md5 of password is 44f02a78f5203c7c41463c75aba9e9cc.
This only serves to illustrate why relying on obfuscation to protect you via security-through-obscurity is ridiculous. Commercial Javascript libraries with DRM should take note.