If you'll look at the source of the login, you'll notice that it's a simple JS
code. Simpliy run the code without `http.createServer(function (req, res)`
function. So it would look like:  
  
const crypto = require('crypto');

var _0x86d1=["\x68\x65\x78","\x72\x61\x6E\x64\x6F\x6D\x42\x79\x74\x65\x73"];

function generatePart1() {  
return  
{  
x: crypto[_0x86d1[1]](8)

}[x].toString(_0x86d1[0]);  
}  
function generatePart2() {  
return
[+!+[]]+[!+[]+!+[]+!+[]]+[!+[]+!+[]+!+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]];  
}

passwd = generatePart1() + generatePart2();  
console.log(passwd)

This will give you `undefined1337 ` and entering this as a password you'll get
`flag{W0w_1_gu3ss_th1s`. This is one of the three part.

Now moving to login2. It's a PHP and on line 4 we see ` if (hash("md5",
$_GET['passwd']) == '0e514198428367523082236389979035')` meaning whatever our
password is hashed and then compared to the given hash i.e
`0e514198428367523082236389979035` so all we have to do is reverse the hash.
Just go on [this](https://www.md5online.org/) and boom you'll get `R3>M=`.
This password will give you ` t0_be_4_pr3tty_`.

Going on Login3 we see it's flask server. The thing to be noted here is line
19 and 20 i.e  
  
assert(len(passwd) == 3)  
assert(passwd.isdigit())  
This mean our passwd must be of length 3 and should only be digit. That's easy
to figure out but one thing that can confuse us here is that if password is 3
digit then it will be between 100 - 999. That's not the case here. Number
`001` is also a 3 digit number and it's not between 100-999. Okay so now we
know what we have to do so we `automate boring stuff with python`

import os  
import requests  
for i in range(0, 1000):  
print("TRYING >> ", i)  
url = "http://login3.uni.hctf.fun/?passwd=%03d" % i  
print(os.path.basename(url))  
r = requests.get(url).content  
s = """<html><body><form method="get"><input type="text" name="passwd"
value="password"><input type="submit" value="login" /></form></body></html>"""  
if(s != r.decode('utf-8')):  
print(i)  
break

Now this is not the best code but hey it works :)

From above code we get `007`. Entering that we get ` 4_d4mn_l0ng_fl4g}`  
Now combine all the three flags and we get:
`flag{W0w_1_gu3ss_th1s_t0_be_4_pr3tty_4_d4mn_l0ng_fl4g}`