给了一个页面,老样子,看网页源码
<script>
/**
* Pseudo md5 hash function
* @param {string} string
* @param {string} method The function method, can be 'ENCRYPT' or 'DECRYPT'
* @return {string}
*/
function pseudoHash(string, method) {
// Default method is encryption
if (!('ENCRYPT' == method || 'DECRYPT' == method)) {
method = 'ENCRYPT';
}
// Run algorithm with the right method
if ('ENCRYPT' == method) {
// Variable for output string
var output = '';
// Algorithm to encrypt
for (var x = 0, y = string.length, charCode, hexCode; x < y; ++x) {
charCode = string.charCodeAt(x);
if (128 > charCode) {
charCode += 128;
} else if (127 < charCode) {
charCode -= 128;
}
charCode = 255 - charCode;
hexCode = charCode.toString(16);
if (2 > hexCode.length) {
hexCode = '0' + hexCode;
}
output += hexCode;
}
// Return output
return output;
} else if ('DECRYPT' == method) {
// DECODE MISS
// Return ASCII value of character
return string;
}
}
document.getElementById('password').value = pseudoHash('47491e4d194c4a4c1a4e1a4949464d1c4f4a191a474c1b49191c48461c19461b', 'DECRYPT');
</script>
js就是看着不舒服,翻译成C#
public string pseudoHash(string str, string method)
{
// Default method is encryption
if (!("ENCRYPT" == method || "DECRYPT" == method))
{
method = "ENCRYPT";
}
// Run algorithm with the right method
if ("ENCRYPT" == method)
{
// Variable for output string
string output = "";
// Algorithm to encrypt
char[] ch = str.ToCharArray();
char charCode;
string hexCode;
for (int x = 0, y = str.Length; x < y; ++x)
{
charCode = ch[x];
if (charCode < 128)
{
charCode = (char)(charCode + 128);
}
else if (charCode > 127)
{
charCode = (char)(charCode - 128);
}
charCode = (char)(255 - charCode);
hexCode = Convert.ToString(charCode,16);
if (hexCode.Length < 2)
{
hexCode = '0' + hexCode;
}
output += hexCode;
}
// Return output
return output;
}
else if ("DECRYPT" == method)
{
return str;
}
return "";
}
写个逆函数就是
public string getIt(string str)
{
char[] ch = str.ToCharArray();
string s = "";
for(int i = 0; i < str.Length - 1; i+=2)
{
s += (char)(255-Convert.ToInt32(ch[i] + "" + ch[i + 1], 16)-128) + "";
}
return s;
}
然后结果就出来了,86a2f353e1e6692c05fe83d6fc79cf9d
看样子是个md5码,去解了一下,是4914的md5码,提交,坑爹,不对,然后提交md5码,出来了!!!wctf{jS_decRypt__Eaaasy},。。。
提交,通过!