"Reverse Engineering" of the client application in the educational center

Hello, Habr. I want to share a story from life experience. A few months ago I signed up for paid courses to learn the JavaScript programming language in the beautiful city of Minsk. Spent about a week of time studying in detail reviews about each of the companies on the market, comparing prices for services and location relative to my home. Finally, choosing a “worthy” candidate, he went to their office to conclude a contract. In general, I went through an initial briefing, received a class schedule and the contents of the entire course, and gladly got down to business.

The course was quite high-quality, the teachers had real experience in developing production projects and tried very hard to explain the various aspects of the language as simple as possible, but this is not the story ...

At the end of two months of classes, 4 hours a week for 4 hours, each student had to go through control test in the form of 80 questions on the subject with many answers. The company promised, subject to successful completion of testing, to help find a job in a large company in our city in the position of JavaScript Developer. Very tempting.

Here is an example question:
  1. What will console.log () output?

(function() {
    var x = 1;
    functionx() {};
    console.log(x);	
})();

And several answer options, arranged like this:

image

In the picture, black squares are checkboxes . Answers to all 80 questions can be from 1 to all that are in the list of options.

I, as a diligent student, immediately rushed to answer them. However, focusing on a 3-4 question, I wanted to know how this system works. Scrolling to the very bottom of the page, I clicked the Done button and saw the following: all the questions that were given the wrong answers - and these were all the ones without my answers - became highlighted in red. A beautiful frame appeared and the background-color of the parent of the question element changed. “Oh, validation!”, I thought, and began to find out how it works.

Opened, in general, FireBug, updated the page and clicked the "Done" button again. I saw that the request to the server did not go, that is, the purely client validation is currently working. Then I opened the list of JavaScript files that are connected to the page (by the way, Backbone + RequireJS was used there ), and found a module called "validation.js" .

First I went to unminify.com , I needed to bring the code to normal. After reading the code, I found the "validate" method with the following content:

/*здесь был код с такой вот логикой*/
$(".questions").each(function(i,e){
   var a = [];
   $(e).find(":checkbox").each(function(index,elem){      
      if($(elem).val() % 31 == 0) {
         /*все окей, ответ как минимум правильный*/                
      } else {
         /*все плохо, ответ неверный*/
         a.push(index);
      }       
   });
   if (!a.length) {
    /*значит все ответы на вопрос правильные, вызываем функцию correctAnswer();*/
   } else {
    /*был как минимум один неверный ответ, вызываем функцию wrongAnswer();*/
   }
});

Next I looked at the html markup of all the checkboxes:

<inputclass="ui-element-checkbox"type="checkbox"name="answer"value="2561">

So, a wonderful number in the “value” attribute was the key to the correct test answers. It is not difficult to guess that the request to the server will be executed only if only the correct answers are selected.

I wrote a small script that went over all the questions, in each specific question I found the checkbox elements , took their value and divided by 31; if the remainder is 0 - set the attribute 'checked' to true , if not - go ahead:

var parent = $(".questionnaire-text");
var answers = parent.find(".answers[data-type='checkboxes']");
answers.each(function(index,elem){
  var checkboxes = $(elem).find(":checkbox");
  checkboxes.each(function(i,e){
    if ($(e).val() % 31 === 0) {
      $(e).attr("checked","checked");
    }
  });
});   

After a moment, I saw all the correct answers to absolutely all 80 test questions. I happily clicked on the “Done” button and — oh, miracle — in FireBug I saw a sent request to a remote server of the training center, to which I received a response congratulating you on passing the test 100%.

Naturally, I did not want to be convicted of fraud during the test, so I sat for another 20-25 minutes quietly at the computer before informing the curator about my readiness.

I must say right away that no one except me 100% passed this test. In total, only 3 people, including me, passed the test positively by more than 75%. The rest of the guys did not score 50% of the correct answers.

After the successful completion of the courses, I was interviewed in one of the companies in Minsk for the position of JavaScript Developer, but the thought of that trick during the test did not give me rest. One fine day I came to that very training center and told them everything. I was thanked for honesty and presented with a volleyball ball.

Here is a story. I want to advise everyone not afraid to explore unknown areas and constantly find easy ways to solve difficult problems. Thanks for attention.

PS The given code examples only partially describe the real functionality. Also, the story is not my personal one, but my very good friend who asked me to stay incognito.

Also popular now: