简单的js解密
来源:互联网 发布:js 数组对象添加属性 编辑:程序博客网 时间:2024/05/22 00:41
这里这里→ http://ctf.idf.cn/game/web/43/index.php
源代码:
<html><head><title>超简单的js题</title></head><body><p>这是从一个老外那里抄来的题,应该很简单的。。吧?</p><form id="levelQuest" method="post"><p>密码:</p><p><input type="password" name="password" class="input" id="password"> <input type="submit" class="button" value="走你!"></p></form><p id="errorMessage"></p><script>var p1 = '%66%75%6e%63%74%69%6f%6e%20%63%68%65%63%6b%53%75%62%6d%69%74%28%29%7b%76%61%72%20%61%3d%64%6f%63%75%6d%65%6e%74%2e%67%65%74%45%6c%65%6d%65%6e%74%42%79%49%64%28%22%70%61%73%73%77%6f%72%64%22%29%3b%69%66%28%22%75%6e%64%65%66%69%6e%65%64%22%21%3d%74%79%70%65%6f%66%20%61%29%7b%69%66%28%22%65';var p2 = '%32%64%30%66%32%63%38%39%37%37%62%31%37%36%66%33%64%30%37%66%30%38%33%37%22%3d%3d%61%2e%76%61%6c%75%65%29%72%65%74%75%72%6e%21%30%3b%61%6c%65%72%74%28%22%45%72%72%6f%72%22%29%3b%61%2e%66%6f%63%75%73%28%29%3b%72%65%74%75%72%6e%21%31%7d%7d%64%6f%63%75%6d%65%6e%74%2e%67%65%74%45%6c%65%6d%65%6e%74%42%79%49%64%28%22%6c%65%76%65%6c%51%75%65%73%74%22%29%2e%6f%6e%73%75%62%6d%69%74%3d%63%68%65%63%6b%53%75%62%6d%69%74%3b';eval(unescape(p1) + unescape('%64%36%62%30%33%64%33' + p2));</script></body> </html>
var p1 = '%66%75%6e%63%74%69%6f%6e%20%63%68%65%63%6b%53%75%62%6d%69%74%28%29%7b%76%61%72%20%61%3d%64%6f%63%75%6d%65%6e%74%2e%67%65%74%45%6c%65%6d%65%6e%74%42%79%49%64%28%22%70%61%73%73%77%6f%72%64%22%29%3b%69%66%28%22%75%6e%64%65%66%69%6e%65%64%22%21%3d%74%79%70%65%6f%66%20%61%29%7b%69%66%28%22%61%32%64%31%38%35%37%34%61%62%37%33';
var p2 = '%61%62%65%39%30%62%33%38%39%35%65%38%65%36%33%32%38%36%22%3d%3d%61%2e%76%61%6c%75%65%29%72%65%74%75%72%6e%21%30%3b%61%6c%65%72%74%28%22%45%72%72%6f%72%22%29%3b%61%2e%66%6f%63%75%73%28%29%3b%72%65%74%75%72%6e%21%31%7d%7d%64%6f%63%75%6d%65%6e%74%2e%67%65%74%45%6c%65%6d%65%6e%74%42%79%49%64%28%22%6c%65%76%65%6c%51%75%65%73%74%22%29%2e%6f%6e%73%75%62%6d%69%74%3d%63%68%65%63%6b%53%75%62%6d%69%74%3b';
eval(unescape(p1) + unescape('%64%64' + p2))
显然,这是一种URL编码,首先需要将p1和p2接起来,并在中间加 %64%64 。当不知道是什么编码时,直接借助XSS编码神器(chrome插件)
百度网盘:pan.baidu.com/s/1dD8GYbR
尝试解码后出现:
if("a2d18574ab73ddabe90b3895e8e63286"==a.value)return!0
所以,需要提交这个代码:a2d18574ab73ddabe90b3895e8e63286 (这个值是动态的,从这里复制不一定),之后得出flag。
eval(unescape(p1) + unescape('%64%64' + p2))
显然,这是一种URL编码,首先需要将p1和p2接起来,并在中间加 %64%64 。当不知道是什么编码时,直接借助XSS编码神器(chrome插件)
百度网盘:pan.baidu.com/s/1dD8GYbR
尝试解码后出现:
if("a2d18574ab73ddabe90b3895e8e63286"==a.value)return!0
所以,需要提交这个代码:a2d18574ab73ddabe90b3895e8e63286 (这个值是动态的,从这里复制不一定),之后得出flag。
- 顶
- 0
- 踩
0 0
- 简单的js解密
- 简单的js解密
- IDF实验室:天罗地网--简单的js解密
- IDF实验室-简单的js解密
- IDF实验室之天罗地网简单的js解密
- 简单的加密解密
- 简单的加密解密
- 简单的加解密
- 简单的加密解密
- 一次简单的解密
- 请教js解密与解密的问题
- js算法--简单加密和解密
- 一个简单的解密程序
- 简单的加密解密类
- 简单的加密,解密程序
- 简单的加密与解密
- 简单的加密解密文件
- java简单的加解密
- response.setContentType与 request.setCharacterEncoding 区别
- 子线程是否已可以进行Activity的跳转
- 微信小程序来了,我所关心的问题
- 第四周项目3—1.结点逆置
- Linux查看系统配置常用命令
- 简单的js解密
- 星号拼字母
- mdadm: /etc/mdadm/mdadm.conf defines no arrays.
- python+selenium+web日历控件赋值解决办法
- 最全LogBack 详解、含java案例和配置说明
- php 获取本月,上个月,上上个月的开始时间和结束时间
- 第4周项目4-建立双链表算法库
- 第四周项目三 单链表应用-连接
- Unity 去边框 并实现拖拽窗口