Source it!
js代码直接泄露了
function checkPassword(form) {
password1 = form.password1.value;
name = form.name.value;
var username = "admin";
var hash = "1bea3a3d4bc3be1149a75b33fb8d82bc";
var hashedPasswd = CryptoJS.MD5(password1);
if (password1 == '')
alert ("Please enter Password");
else if (username != name) {
alert ("\nYou lack access privlages...")
return false;
}
else if (hash != hashedPasswd) {
alert ("\nIncorrect password...")
return false;
}
else{
alert("Access Granted\n" + text)
return true;
}
}
把1bea3a3d4bc3be1149a75b33fb8d82bc
拿去md5解密就出来了
Cutest Cookie Clicker Rip-Off
直接抓包改分数就出来了
Tar Inspector
一个文件上传,只允许上传tar类型的文件,上传一个shell,抓包改后缀,发现服务器好像会解压文件
把木马压缩到tar里面再上传
Fastfox
看题目描述就是,我们写js代码上去bob会访问,所以我们需要插入一段js能获取cookie的,等bob来访问
输入框里面估计是已经加好了<script>的标签,我们只需要输入js标签内的代码就行
试了一下document.cookie提示
document只能在前端才有,服务器端没有document
看hint,有一个jsshell可以下载,里面可以尝试js代码
Sizzling Bacon
培根加密,有一个表,里面由a和b来转义成字符串
写一个python脚本把s和S转成b和a
a="sSsSSsSSssSSsSsSsSssSSSSSSSssS{SSSsSsSSSsSsSSSsSSsSSssssssSSSSSSSsSSSSSSSSsSSsssSSssSsSSSsSSsSSSSssssSSsssSSsSSsSSSs}"
b=[]
for i in a:
if i=='s':
b.append('b')
elif i=='S':
b.append('a')
else:
b.append('#')
for i in b:
print(i,end="")
然后解密就可以了
Cipher Gauntlet
拿到文件,全是一些0101,想到二进制转字符串,先去除里面的空格
a="010101..."
a=a.replace(" ","")
print(a)
得到这个:
Uh-oh, looks like we have another block of text, with some sort of special encoding. Can you figure out what this encoding is? (hint: if you look carefully, you’ll notice that there only characters present are A-Z, a-z, 0-9, and sometimes / and +. See if you can find an encoding that looks like this one.)
TmV3IGNoYWxsZW5nZSEgQ2FuIHlvdSBmaWd1cmUgb3V0IHdoYXQncyBnb2luZyBvbiBoZXJlPyBJdCBsb29rcyBsaWtlIHRoZSBsZXR0ZXJzIGFyZSBzaGlmdGVkIGJ5IHNvbWUgY29uc3RhbnQuIChoaW50OiB5b3UgbWlnaHQgd2FudCB0byBzdGFydCBsb29raW5nIHVwIFJvbWFuIHBlb3BsZSkuCm15eHFia2Rldmtkc3l4YyEgaXllIHJrZm8gcHN4c2Nyb24gZHJvIGxvcXN4eG9iIG1iaXpkeXFia3pyaSBtcmt2dm94cW8uIHJvYm8gc2MgayBwdmtxIHB5YiBrdnYgaXllYiBya2JuIG9wcHliZGM6IGVkcHZrcXt4eWdfaXllYm9fenZraXN4cV9nc2RyX21iaXpkeX0uIGl5ZSBnc3Z2IHBzeG4gZHJrZCBrIHZ5ZCB5cCBtYml6ZHlxYmt6cmkgc2MgbGVzdm5zeHEgeXBwIGRyc2MgY3liZCB5cCBsa2NzbSB1eHlndm9ucW8sIGt4biBzZCBib2t2dmkgc2MgeHlkIGN5IGxrbiBrcGRvYiBrdnYuIHJ5em8gaXllIG94dHlpb24gZHJvIG1ya3Z2b3hxbyE=
看起来像base64,拿去解码一次
说被常数移动了,所以应该就是凯撒加密
一个一个试,位移是10的时候出来flag