你先给出第一关的url也许第4关同前3关是有联系的。
解决方案 »
- v8 源码中为什么搜不到 getElementById
- 请问大家,使用easyui时查询参数传不过去
- 50分求js实现的html元素编辑工具
- 别人网站js幻灯片效果,帮我提取一下代码(简单)
- 如果使用body onload 或者 window.onload 就不能用document.body.innerHTML.s2t()
- 可以这样直接设定自定义属性吗?
- 从主页面打开一个子页面,在子页面实现查询后,在查询结果中,单击一项,能把值传给主页面
- 怎样用JS的语句为图片做链接
- 这句话有问题吗?
- 关于输出的问题,很急,希望可以得到您的帮助,万分感激!!!!
- 关于 xhtml下 js 上下漂浮不动的问题
- 大家谁能够给出周历的效果
总觉得第二句话可疑
不过现在还在看,是怎么样编码的
去找工具解密看看
<SCRIPT>
var string = "5asdfj6sdfe92urjvn1de4we3fd7ad8";
var enigma = "";
var whatisthis = "var myxor = prompt('Password:','');for (y=3; y<9; y++) {enigma += (string.indexOf(y)+1);}enigma += 5;if (myxor==enigma){enigma = enigma + '.htm';location.href=enigma;}else{location.href='levels2_comebaby.html';}";
eval(whatisthis);
</SCRIPT>
研究中……
25221728315
第三关地址
http://wlgcx.cuit.edu.cn/gfds/Skilltest/25221728315.htm好玩
username:FiomtEzenA
password:vkYe9hbeHF
M5D4Q35; E2549: M5S4P3%92-6-'56=9,CEU9$=6=0T*9$0P:61'5C1D0SEO9$<Q<T]Y0FIA1T9Y
M8S)6,%; E-: DUX36E)*T11; SA4559545-:
uuencode编码,解开便是。
第一层是uuencode第二层是base64应该还有一层我还没看出来,最近太忙了没时间解,明天再说吧。
第二层解开是这样的:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<META content="MSHTML 6.00.2900.2604" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT size=2>5d5146276ebc02a4.htm</FONT></DIV></BODY></HTML>
你是怎么用uuencode解的???我用rar解开的,但是解出来的东西不对.
http://wlgcx.cuit.edu.cn/gfds/Skilltest/5964256.htm
menrock(做人要厚道),大哥,太佩服你了!怎么解,爆破?
晕,真的5d5146276ebc02a4是5964256通过md5加密的!
menrock(做人要厚道),大哥,太佩服你了!怎么解,爆破?
md5加密后应该是32位字串啊……
这才几位??……
果然是md5……
总结一下:
目标是style.css文件,原内容:
.tip {
下面的东东看不看的懂?
begin 600
M4$-&150P3E575D)&245H5515=V=51E9#5$5L1$E#271,>3E833!-=DPP4E52
M0T))5D4Q34E$475-0T)58VU&=6,R;#!A5SEU65=W=@T*3#!63TEJ-$Y#:GA)
M5D4Q35!J>$E2549%4&<P2U!%,496145G84A2,&-#,6QC6%9P9&HQ1&(R-3!:
M5S4P3%92-6-'56=9,CEU9$=6=0T*9$0P:61'5C1D0SEO9$<Q<T]Y0FIA1T9Y
M8S)6,%!79&E-:DUX36E)*T11;SA4559545-":F(R-3!:5S4P4%-*3E4P:%54
M57=G3FDT=PT*34,T>4]407=,:DDR3411:4E'-6AB5U4Y4C!63U)62D)613E3
M4&<P2U!&3E5757A&4&IW=E4Q4EI4154K1%%O.$PP:$9155$K1%%O.`T*46LY
M15=30FE:,$YV8D<Y>5!33FU:;5IM6FU9*T11;SA216Q74&IX1U0P-55)2$YP
M96U5.4UJ-#%:1%5X3D19>4YZ6FQ9;4UW36U%,`T*3&UH,&)4=W92:SE/5D0T
A.$PP4DI6:C0X3#!*4%)&:RM00SE)5D4Q35!G,$L-"@T*,
`
end
}
第一层:
uuencode编码,解码方法:
原文修改为:
begin 600 style.txt
M4$-&150P3E575D)&245H5515=V=51E9#5$5L1$E#271,>3E833!-=DPP4E52
M0T))5D4Q34E$475-0T)58VU&=6,R;#!A5SEU65=W=@T*3#!63TEJ-$Y#:GA)
M5D4Q35!J>$E2549%4&<P2U!%,496145G84A2,&-#,6QC6%9P9&HQ1&(R-3!:
M5S4P3%92-6-'56=9,CEU9$=6=0T*9$0P:61'5C1D0SEO9$<Q<T]Y0FIA1T9Y
M8S)6,%!79&E-:DUX36E)*T11;SA4559545-":F(R-3!:5S4P4%-*3E4P:%54
M57=G3FDT=PT*34,T>4]407=,:DDR3411:4E'-6AB5U4Y4C!63U)62D)613E3
M4&<P2U!&3E5757A&4&IW=E4Q4EI4154K1%%O.$PP:$9155$K1%%O.`T*46LY
M15=30FE:,$YV8D<Y>5!33FU:;5IM6FU9*T11;SA216Q74&IX1U0P-55)2$YP
M96U5.4UJ-#%:1%5X3D19>4YZ6FQ9;4UW36U%,`T*3&UH,&)4=W92:SE/5D0T
A.$PP4DI6:C0X3#!*4%)&:RM00SE)5D4Q35!G,$L-"@T*,
`
end
保存为style.uue,用winzip或者winrar解压得到style.txt文件,内容:
PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQuMCBUcmFuc2l0aW9uYWwv
L0VOIj4NCjxIVE1MPjxIRUFEPg0KPE1FVEEgaHR0cC1lcXVpdj1Db250ZW50LVR5cGUgY29udGVu
dD0idGV4dC9odG1sOyBjaGFyc2V0PWdiMjMxMiI+DQo8TUVUQSBjb250ZW50PSJNU0hUTUwgNi4w
MC4yOTAwLjI2MDQiIG5hbWU9R0VORVJBVE9SPg0KPFNUWUxFPjwvU1RZTEU+DQo8L0hFQUQ+DQo8
Qk9EWSBiZ0NvbG9yPSNmZmZmZmY+DQo8RElWPjxGT05UIHNpemU9Mj41ZDUxNDYyNzZlYmMwMmE0
Lmh0bTwvRk9OVD48L0RJVj48L0JPRFk+PC9IVE1MPg0K这是第二层,base64编码:
解码方法:
将style.txt内容修改为:
Content-Type: text/plain;charset="cn-gb"
Content-Transfer-Encoding: BASE64PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQuMCBUcmFuc2l0aW9uYWwv
L0VOIj4NCjxIVE1MPjxIRUFEPg0KPE1FVEEgaHR0cC1lcXVpdj1Db250ZW50LVR5cGUgY29udGVu
dD0idGV4dC9odG1sOyBjaGFyc2V0PWdiMjMxMiI+DQo8TUVUQSBjb250ZW50PSJNU0hUTUwgNi4w
MC4yOTAwLjI2MDQiIG5hbWU9R0VORVJBVE9SPg0KPFNUWUxFPjwvU1RZTEU+DQo8L0hFQUQ+DQo8
Qk9EWSBiZ0NvbG9yPSNmZmZmZmY+DQo8RElWPjxGT05UIHNpemU9Mj41ZDUxNDYyNzZlYmMwMmE0
Lmh0bTwvRk9OVD48L0RJVj48L0JPRFk+PC9IVE1MPg0K
保存为style.eml,用outlook打开,得到内容为:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<META content="MSHTML 6.00.2900.2604" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT size=2>5d5146276ebc02a4.htm</FONT></DIV></BODY></HTML>
关键内容为:5d5146276ebc02a4.htm第三层加密,md5
解密方法:
哭,穷举!
public void actionPerformed(ActionEvent actionevent)
{
String s = code.getText();
try
{
String s1 = Base64.encodeString(inpass);
if(s.equals(s1))
{
s1 = s1.replaceAll("=", "");
code.setText(s1 + ".htm");
answer.setText("Go to: " + s1 + ".htm");
} else
{
answer.setText("密码错误");
}
}
public void actionPerformed(ActionEvent actionevent)
{
String s = code.getText();
try
{
String s1 = Base64.encodeString(inpass);
if(s.equals(s1))
{
s1 = s1.replaceAll("=", "");
code.setText(s1 + ".htm");
answer.setText("Go to: " + s1 + ".htm");
} else
{
answer.setText("密码错误");
}
}
密码是:anVzdGFnYW1l,但是下面显示go to:anVzdGFnYW1l.htm明显不是答案,还有什么地方有圈套,晚上再研究了
http://wlgcx.cuit.edu.cn/gfds/Skilltest/hqlhfocn6.htm
<SCRIPT LANGUAGE="JavaScript">
<!--
var testkey1 = "%BFDT%9C%C1%BF0";
var testkey2 = "%B9EV%98";
var s = "%B7%1D%16%C4%9B%B9%0C2%0E%14%266%28%91%8A%E3%06%F0T%21i%05%28oR%A8kc%B8P/K%94%97%B0Q%7C%8B%D1/%DD%8BX%3CD%B3%C54%FC%08%10%0E%06%89%D1%92%1A%A4q%7Ej%90%F4%9D%DC4Z%00D@39%DB%3AW%B2R%7F%94%84pQ%7B%AC%5Bx%13%D3%11%DC%C4%08%E4%D5%u900C%u8F34%7B%CC%93%AE%EB%D6I%F4%EEd%B6%1D%F4C%28U%AC%A1%F8%0E%8D%96%90%AF%8D%AF%93%A1%E6i%9C%8F%A7%A1%EFN%BA%BC%06jI@%EB%93q%12D%FE%AAN%DA%80%0E%06%3C9%E6%F8%DE%C2%E8%29%CF%25%F5%F1%CFc%9B3%5B%A2%8A%3Bs%03%3C%EE%7Cu%EA%26%07%BC%19%1DK%F3%90%97_%07%AF%11%3Dk%FF%1A%D1%D3%D2FxJo%1Dr%5D%1B%C2%CD%5B%D8%93%D4%1E%08%0F%E1J%5E%E5%D9%90%97%A35%BC%9E%E9%A4*n%91%C3M%19%0C%0F.%29v%A3%0Djz%92%1B%A5%BA%1Ed1%9E%B3%037*%A1%94h%1DZ%FF%8A%E9%BC%D8%9E%80T%60%F9%00%D5%F2%18%D1K%EAS%5C%F3%B0%1D%BF%9D%7BK%E2%C8%21%EF%F0%ECEd%3A%CE%F5_%5B%EA%CE%A8fi%5B%96%3D%FD%8A%A4%8B%24%C6%DF%BA%E59%19%C3%91%BCL%8F%24%17%8C%B0T%E2%03%E1%86%C5-Ul%22%3D%C9d%AC%7B%A0%EF%F7%9A%CA%8E%AE%DBk%26%D86%9AlLqV%19%D0%7C%E3i%AF%D5%E0%7Dn%FD%96%9B%9F%DA%ED%B6W%F1%00%1F%0A%FF%03n%29%DD%BA%E7%06%BE*i%D9%ED%90%23c%5C%D6%29%0A7I%FD%B1%0A%AD%9Ad%A3%9E%A0%9E%B6Gx%3C%DC%B8%07%7DvsOJ%28g%D9%8BY%C3u%08%89R%0C3%91%B8%FB%8D%3B%FD%DB%22Cq%95%D3C%C5%23k%3B%7C%3B%92%CA%BF%20%B5%B1sc%CB%C6%83%DC%1D%E0%E6T%E7q%E4l_%29%E4P%C0%DA%02%EA%F8%02%3D%E5%9A%DCM%ED%A9%BE%8CP/%CA%A7i%D5%0C%93%CACt%5C%13%E0%BEqr%8A%A8%E93G%D2%EE%C23%F7O%3A%03-+%93o%8D%27%5C%23D%FB%5C%93%1E%D4mw%9B%AE%B4%7E%D6%BAn%F8%DD+%EC%0A%A2-%90%9D%F1%EB%B5%9Ac%12%8F%C2%EE%A5%02Kp/%2CG%A0%B1%3Bz%21%3B%00%DB%A9%9B%D5%8B%1C%1FY%AF%E3%A6%FC%09/%CB%AA%CF%CA*%FDzD%01%B5%22%C4%9Er%E2%89%CD%F6%F9@%AF%87%FE%C7%20%AB%18%F4s%9A%FC%A8%FC%D5C%B2%8E%10%B7%17%9CG%BB%D4+%A2%E7%A0%91%D7%12%88%E9C%95%D3%83Y%5Dx%F6%F8%13%5ELZ%83%FBc%0B%8A%25%12%27UJ%B4%C8%09/F%A8%E7%8C%0D%84G%D9%95%B9%CA%1B%D3%21%02%CD%D4%E8%DD%D4%B5Nc%DA%D5%D8%7B%09jjX%00%29mA%95%A5%85%AC%7F%9BT%03+X%29%C8%F9%AA%EDU%83KK%BA%1C%DB%97%9E%EC%D9%CF%87%9B%0E%C5%CASVrz%AFn%9C%C0g7%D2%AD%D1%C3%22%EB%FBX%EDb%EBp%DD%F4%D4%9A%E1xg%AF1B%ED%E8%A7%5B%AC%E13%01%60f%7D%F6%E1%FD%3C%7B%7Bo%91%B5%A1%3F%A6%04%90%CA2Y%EC%13%BA%24%D5T%E1%29%B6%ECq%C2@%EF%7D%DD%AB%25%DDx%D6%AA%AC%C3%AF%9A%17%u6013%u55F5%uFF61%u4F6A%u5DC5%u905D%u8F9A%u6B95%u5132%u300Di%3A%C9%B4Mq%91%0F%1C%D0Nj%D5%23%A9%5C%DF/m%07%90%BCK%B8%B1%8A%CB%BB%A5%A8D%AA%29%D0%E9%9B@%5Bw%8D8bR%29%C8%DD%AC%9DJ%20%3F%3FgM%168%A9%BF%26T%20%1A%9B%E1Q%F7%C2%B9%81%DFW%5D%F2%7C%D2CI%A1%E0%CBR%A1%0Cy6_Ww%BE%88%135%B5D%ADaV%CE%7E%C3%C6r%E6sH%A3%9C%8A3%D9%C92%B0%B5%81%EF%8Et%1D%B6%EF%0B%06%D6sF%96%E9B%D5Z%25%EFH%F3%D4%DFW%8F%EBA%A4%F64%94C%3A%A3%F1n%B0%8F%21%F53V%1ETv%DA%BF%01%ECf%90%BA%B5%18%05U%9F%7Ff%17%DDX1%7E%11%95%09pG%1F%F3hq%CD.k%8AM%F0%3FXU%20%CAIx*%C6k%D11%231%D3%FA%04%DA%CBM%23%2C%F0%14K%E4%C3%05%EE%F8G%FF%D6%D9%F8%A0%EA%17%97%3A%E3G%DC%ABN%A4%AA%19%5CRy%14K%10%8B%F1%07%3B%9F%09%08%E0%B0%20a16i%F1%9CI%9A%06%E3%FB%0B%1DIEf%E0%AC%0F%20@%BF%15%A3%82MVO%E3%80%B1%1F%87%5E%FB%86%F4%F0%12%14%89%18%F52S%C4%u8B33%u5C2D%u7610%u7BA6%u89F2%u8F37%u510D%u8F4C%u7A67%u54CF%u57D3%u6BEA%u5182%u4E49%u6204%u4FAC%u75C6%u7692%u5D36%u5136%u537F%u5F79%u632A%u5BC4%u908D%u7B0C%uFF66%uFF88%22%u6253%u4EEF%u5C77%u912A%u604C%u52CA%u52C3%5B%D7Y%8F%0A%F7%09%11K%EA%D1%20%07Q%0D%8B%FA%F0%B0%D6%86%03%F5%E5%24%B5%AE%E3M3pq%E7%A9%F5h%F5%26%8D3%CC%EF%A8P%8E%23%08*E%8Bw%E8nTK%FF%14%1D%91%EF%E5T%24%3A%2C%1E%60%22%16%E9i%FB.%01%16th%EB1%25%0A%89Qd%25%C9%96R%CD%DF%CDW%AEK%A6%EE%B0eN%A9%EB%CD%28%7C%06%1D*%0F%C9u%B1%9E%BES%96%07%C1%60%7F%CA%00zE%3C%D7%C9%98d%A5RX%3A%5C%99%89%85%5B%FB%8E%60%E2%CD%9E%B8%10%E8%E3%DC%20H%D3%B8%F6%3EI%D3%9E%FE%DBk%2CA%1A%94t%F5z%13SS5%B9%3D%09Uh%A2%5C-%FB%86%20Z%1C%EA%A3";
function Try(key)
{
if(test(key)==false)
alert("错误!");
else
document.write(decrypt(unescape(s),key));
}
function test(pass)
{
if(pass=="")
return false;
else
{
var t1 = decrypt(unescape(testkey1),pass);
var t2 = decrypt(unescape(testkey2),pass);
if(t1%t2==0)
return true;
else
return false;
}
} function decrypt(str,key) {
var out=new String();
var i,j;
var tmp,s;
var t,x;
var len=key.length;
var X=new Array();
var Y=new Array(); for(i=0;i<256;i++)
X[i]=i; for(i=0,j=0;i<256;++i,j%=len)
{
Y[i] =key.charCodeAt(j);
j++;
} for(i=0,j=0;i<256;i++)
{
j = (j+X[i]+Y[i])%256;
tmp = X[i];
X[i]=X[j];
X[j]=tmp;
}
for(i=0,j=0,x=0;x<str.length;++x)
{
i = (i+1)%256;
j = (j+X[i])%256;
tmp = X[i];
X[i] = X[j];
X[j] = tmp;
t = (X[i]+(X[j]%256))%256;
s = X[t];
out = out.concat(String.fromCharCode(str.charCodeAt(x)^s));
}
return out;
}
//-->
</SCRIPT>
function Try(key)
求这个key