小宁发现了一个网页,但却一直输不对密码。(Flag
格式为 Cyberpeace{xxxxxxxxx}
)
打开网站就是让我们输密码,那就输呗,
他说我FAUX PASSWORD HAHA
,
那应该就是输错了呗。
F12
源码,发现了一串代码
function dechiffre(pass_enc){ var pass = "70,65,85,88,32,80,65,83,83,87,79,82,68,32,72,65,72,65"; var tab = pass_enc.split(','); var tab2 = pass.split(',');var i,j,k,l=0,m,n,o,p = "";i = 0;j = tab.length; k = j + (l) + (n=0); n = tab2.length; for(i = (o=0); i < (k = j = n); i++ ){o = tab[i-l];p += String.fromCharCode((o = tab2[i])); if(i == 5)break;} for(i = (o=0); i < (k = j = n); i++ ){ o = tab[i-l]; if(i > 5 && i < k-1) p += String.fromCharCode((o = tab2[i])); } p += String.fromCharCode(tab2[17]); pass = p;return pass; } String["fromCharCode"](dechiffre("\x35\x35\x2c\x35\x36\x2c\x35\x34\x2c\x37\x39\x2c\x31\x31\x35\x2c\x36\x39\x2c\x31\x31\x34\x2c\x31\x31\x36\x2c\x31\x30\x37\x2c\x34\x39\x2c\x35\x30")); h = window.prompt('Enter password'); alert( dechiffre(h) );
发现了两个字符,上脚本跑一下,把他们转为ASCII码。
70,65,85,88,32,80,65,83,83,87,79,82,68,32,72,65, 72,65
转为字符串为
FAUX PASSWORD HAHA
\x35\x35\x2c\x35\x36\x2c\x35\x34\x2c\x37\x39\x2c\x31\x31\x35\x2c\x36\x39\x2c\x31\x31\x34\x2c\x31\x31\x36\x2c\x31\x30\x37\x2c\x34\x39\x2c\x35\x30 //16进制
用16进制转换文本,转为字符串,
55,56,54,79,115,69,114,116,107,49,50
在把字符转为字符串
786OsErtk12
感觉他就是flag,试一下呗。
还真是。
Cyberpeace{786OsErtk12}
基础知识:
\x35\x35\x2c\x35形状的为16进制字符,可将其转换为文本
转换为ASCII码的脚本
b=[55,56,54,79,115,69,114,116,107,49,50]
for i in b:
print(chr(i),end=’’)