Javascript missons

Level 1 – Idiot Test

<script language=Javascript>
function check(x)
{
 if (x == cookies)
 {
 alert(win!);
 window.location += ?lvl_password=+x;
 } else {
 alert(Fail D:);
 }
}

위와 같은 코드가 있다. 답은 당연히 cookies

Level 2 – Disable Javascript
링크를 누르면 계속해서 fail.php 페이지로 넘어간다. 따라서 문제 페이지의 자바스크립트가 실행되기 전 스크립트를 확인하면 다음과 같다.

<script language=javascript>
 window.location=http://www.hackthissite.org/missions/javascript/2/fail.php;
</script>
<a href=/missions/javascript/2/index.php?challengePass=B8n7OV>Click here to win.</a>

따라서 저 링크로만 가면 성공.

Level 3 – Math time!

var foo = 5 + 6 * 7
var bar = foo % 8
var moo = bar * 2
var rar = moo / 3
function check(x)
{
 if (x.length == moo)
 {
 alert(win!);
 window.location += ?lvl_password=+x;
 } else {
 alert(fail D:);
 }
}

계산을 해보면 moo 는 14이다. 따라서 14자 아무 값이나 넣으면 성공.

Level 4 – Var?

<script language=Javascript>
RawrRawr = moo;
function check(x)
{
 +RawrRawr+ == hack_this_site
 if (x == \+RawrRawr+\)
 {
 alert(Rawr! win!);
 window.location = ../../../missions/javascript/4/?lvl_password=+x;
 } else {
 alert(Rawr, nope, try again!);
 }
}
</script>

답은 moo

Level 5 – Escape!

<script language=Javascript>
moo = unescape('%69%6C%6F%76%65%6D%6F%6F');
function check (x) {
 if (x == moo)
 {
 alert(Ahh.. so that's what she means);
 window.location = ../../../missions/javascript/5/?lvl_password=+x;
 }
 else {
 alert(Nope... try again!);
 }
}
</script>

escape 된 문자를 unescape 해보면 ilovemoo 이다.

Level 6 – go go away .js

<script type=text/javascript src=http://hackthissite.org/missions/javascript/6/checkpass>
</script>
<script language=javascript>
RawrRawr = moo;
function check(x)
{
 +RawrRawr+ == hack_this_site
 if (x == \+RawrRawr+\)
 {
 alert(Rawr! win!);
 window.location = about:blank;
 } else {
 alert(Rawr, nope, try again!);
 }
}

function checkpassw(moo)
{
 RawrRawr = moo;
 checkpass(RawrRawr);
}
</script>

코드를 보면 맨 상단에 어떤 주소가 있다. 저 주소로 가보면 다시 새로운 스크립트가 나온다. 그 코드를 살펴보면 아래와 같다.

dairycow=moo;
moo = pwns;
rawr = moo;

function checkpass(pass)
{
 if(pass == rawr+ +moo)
 { 
 alert(How did you do that??? Good job!);
 window.location = ../../../missions/javascript/6/?lvl_password=+pass;
 } else {
 alert(Nope, try again);
 }
}

즉 답은 moo pwns 이다.

Level 7 – JS Obfuscation. FTW!

<script language=javascript>
var _0x4e9d=[\x66\x72\x6F\x6D\x43\x68\x61\x72\x43\x6F\x64\x65,\x77\x72\x69\x74\x65\];document[_0x4e9d[0x1]](String[_0x4e9d[0x0]](0x3c,0x62,0x75,0x74,0x74,0x6f,0x6e,0x20,0x6f,0x6e,0x63,0x6c,0x69,0x63,0x6b,0x3d,0x27,0x6a,0x61,0x76,0x61,0x73,0x63,0x72,0x69,0x70,0x74,0x3a,0x69,0x66,0x20,0x28,0x64,0x6f,0x63,0x75,0x6d,0x65,0x6e,0x74,0x2e,0x67,0x65,0x74,0x45,0x6c,0x65,0x6d,0x65,0x6e,0x74,0x42,0x79,0x49,0x64,0x28,0x22,0x70,0x61,0x73,0x73,0x22,0x29,0x2e,0x76,0x61,0x6c,0x75,0x65,0x3d,0x3d,0x22,0x6a,0x30,0x30,0x77,0x31,0x6e,0x22,0x29,0x7b,0x61,0x6c,0x65,0x72,0x74,0x28,0x22,0x59,0x6f,0x75,0x20,0x57,0x49,0x4e,0x21,0x22,0x29,0x3b,0x77,0x69,0x6e,0x64,0x6f,0x77,0x2e,0x6c,0x6f,0x63,0x61,0x74,0x69,0x6f,0x6e,0x20,0x2b,0x3d,0x20,0x22,0x3f,0x6c,0x76,0x6c,0x5f,0x70,0x61,0x73,0x73,0x77,0x6f,0x72,0x64,0x3d,0x22,0x2b,0x64,0x6f,0x63,0x75,0x6d,0x65,0x6e,0x74,0x2e,0x67,0x65,0x74,0x45,0x6c,0x65,0x6d,0x65,0x6e,0x74,0x42,0x79,0x49,0x64,0x28,0x22,0x70,0x61,0x73,0x73,0x22,0x29,0x2e,0x76,0x61,0x6c,0x75,0x65,0x7d,0x65,0x6c,0x73,0x65,0x20,0x7b,0x61,0x6c,0x65,0x72,0x74,0x28,0x22,0x57,0x52,0x4f,0x4e,0x47,0x21,0x20,0x54,0x72,0x79,0x20,0x61,0x67,0x61,0x69,0x6e,0x21,0x22,0x29,0x7d,0x27,0x3e,0x43,0x68,0x65,0x63,0x6b,0x20,0x50,0x61,0x73,0x73,0x77,0x6f,0x72,0x64,0x3c,0x2f,0x62,0x75,0x74,0x74,0x6f,0x6e,0x3e));
</script>

디코딩 된 부분을 풀어보면 아래와 같다.

<button onclick='javascript:if (document.getElementById(pass).value==j00w1n){alert(You WIN!);window.location += ?lvl_password=+document.getElementById(pass).value}else {alert(WRONG! Try again!)}'>Check Password</button>

따라서 j00w1n 가 패스워드!

댓글 남기기

이메일은 공개되지 않습니다. 필수 입력창은 * 로 표시되어 있습니다