For this write up, I’ll be discussing the web challenge “Ding-O-Tron” from the US Cyber Open 2024.
The challenge displays a bell, and informs us there is a secret that will be revealed once the bell has been dinged over 9000 times.
So of course the first thing I did was be extremely lazy and just automate clicking the bell 9000 times.
I know this is incredibly stupid, I know this would take two and a half hours, and yes there was a faster way to confirm what happens after 9000 clicks which we’ll get into in a bit. I just thought it’d be funny and wanted to let that run in the background while i did other things.
We can achieve this by using the following command in the console with enough delay between clicks to avoid the “You’re dinging too quickly!” error message:
function clickBell(times, interval) {
let count = 0;
const ding = () => {
if (count < times) {
document.querySelector('img[role="button"]').click();
count++;
setTimeout(ding, interval);
} else {
console.log("Clicked 9000 times!");
}
};
ding();
}
clickBell(9000, 900);
Two and half hours later and…..
Lol… not that easy.
We could have just actually inspected the website and seen the “giveFlag();” function, which results in the same message.
Aight, so there’s something else here and we need to actually start digging.
Here we do see a WebAssembly file that we should take a look at.
And after 5 minutes of my potato machine freezing up trying to CTR-F the file, I gave up and just downloaded the thing for analysis on a terminal.
Here, it looks like we found the so called “secret hidden function”. So let’s try calling “superSecretFunction” in the console. We actually see it autocomplete to the full function name with the dynamic identifier.
We got the flag, and successfully solved this challenge.
Side Note: While analyzing the WebAssembly file, I got jump scared and ear damage and now you can too:
