Flag Checker V1.0
直接看出是JsFuck
找个JsFuck解密网站
https://enkhee-osiris.github.io/Decoder-JSFuck/
得到flag
Flag Checker V2.0
(function(_0x2e4d58, _0x14c882) {
var _0x18c2d3 = function(_0x28e4b7) {
while (--_0x28e4b7) {
_0x2e4d58['push'](_0x2e4d58['shift']());
}
};
_0x18c2d3(++_0x14c882);
}(_0x5e62, 0xa9));
var _0x5125 = function(_0x4d6021, _0x3f8d8b) {
_0x4d6021 = _0x4d6021 - 0x0;
var _0x2dfd7f = _0x5e62[_0x4d6021];
if (_0x5125['initialized'] === undefined) {
(function() {
var _0x5307f8 = function() {
var _0xdd3db6;
try {
_0xdd3db6 = Function('return\x20(function()\x20' + '{}.constructor(\x22return\x20this\x22)(\x20)' + ');')();
} catch (_0x29e69c) {
_0xdd3db6 = window;
}
return _0xdd3db6;
};
var _0x23f59c = _0x5307f8();
var _0x48a914 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
_0x23f59c['atob'] || (_0x23f59c['atob'] = function(_0x206b25) {
var _0x92d18 = String(_0x206b25)['replace'](/=+$/, '');
for (var _0x1e27fd = 0x0, _0x20f59d, _0x446dfa, _0x53651c = 0x0, _0x49c025 = ''; _0x446dfa = _0x92d18['charAt'](_0x53651c++); ~_0x446dfa && (_0x20f59d = _0x1e27fd % 0x4 ? _0x20f59d * 0x40 + _0x446dfa : _0x446dfa, _0x1e27fd++ % 0x4) ? _0x49c025 += String['fromCharCode'](0xff & _0x20f59d >> (-0x2 * _0x1e27fd & 0x6)) : 0x0) {
_0x446dfa = _0x48a914['indexOf'](_0x446dfa);
}
return _0x49c025;
});
}());
var _0x3a355d = function(_0x53f2b0, _0x2b3688) {
var _0x1ed54c = [],
_0x5d1d31 = 0x0,
_0x4734e1, _0x5a14e7 = '',
_0xc8ab15 = '';
_0x53f2b0 = atob(_0x53f2b0);
for (var _0x41e1e2 = 0x0, _0x39eca1 = _0x53f2b0['length']; _0x41e1e2 < _0x39eca1; _0x41e1e2++) {
_0xc8ab15 += '%' + ('00' + _0x53f2b0['charCodeAt'](_0x41e1e2)['toString'](0x10))['slice'](-0x2);
}
_0x53f2b0 = decodeURIComponent(_0xc8ab15);
for (var _0x4ab6e5 = 0x0; _0x4ab6e5 < 0x100; _0x4ab6e5++) {
_0x1ed54c[_0x4ab6e5] = _0x4ab6e5;
}
for (_0x4ab6e5 = 0x0; _0x4ab6e5 < 0x100; _0x4ab6e5++) {
_0x5d1d31 = (_0x5d1d31 + _0x1ed54c[_0x4ab6e5] + _0x2b3688['charCodeAt'](_0x4ab6e5 % _0x2b3688['length'])) % 0x100;
_0x4734e1 = _0x1ed54c[_0x4ab6e5];
_0x1ed54c[_0x4ab6e5] = _0x1ed54c[_0x5d1d31];
_0x1ed54c[_0x5d1d31] = _0x4734e1;
}
_0x4ab6e5 = 0x0;
_0x5d1d31 = 0x0;
for (var _0x388b4a = 0x0; _0x388b4a < _0x53f2b0['length']; _0x388b4a++) {
_0x4ab6e5 = (_0x4ab6e5 + 0x1) % 0x100;
_0x5d1d31 = (_0x5d1d31 + _0x1ed54c[_0x4ab6e5]) % 0x100;
_0x4734e1 = _0x1ed54c[_0x4ab6e5];
_0x1ed54c[_0x4ab6e5] = _0x1ed54c[_0x5d1d31];
_0x1ed54c[_0x5d1d31] = _0x4734e1;
_0x5a14e7 += String['fromCharCode'](_0x53f2b0['charCodeAt'](_0x388b4a) ^ _0x1ed54c[(_0x1ed54c[_0x4ab6e5] + _0x1ed54c[_0x5d1d31]) % 0x100]);
}
return _0x5a14e7;
};
_0x5125['rc4'] = _0x3a355d;
_0x5125['data'] = {};
_0x5125['initialized'] = !![];
}
var _0x2669d5 = _0x5125['data'][_0x4d6021];
if (_0x2669d5 === undefined) {
if (_0x5125['once'] === undefined) {
_0x5125['once'] = !![];
}
_0x2dfd7f = _0x5125['rc4'](_0x2dfd7f, _0x3f8d8b);
_0x5125['data'][_0x4d6021] = _0x2dfd7f;
} else {
_0x2dfd7f = _0x2669d5;
}
return _0x2dfd7f;
};
function Flagchecker() {
var _0x1b5eee = function() {
if (_0x5125('0x0', 'J@5k') === _0x5125('0x1', 'L3c^')) {
var _0xc90922 = !![];
return function(_0x16a9c8, _0x4fe105) {
if (_0x5125('0x2', 'Dzjs') !== _0x5125('0x3', 'EDGr')) {
alert(_0x5125('0x4', 's7M5'));
} else {
var _0x319d80 = _0xc90922 ? function() {
if (_0x4fe105) {
if ('SsT' !== _0x5125('0x5', '1IMg')) {
var _0x426ff5 = _0x4fe105[_0x5125('0x6', 'yKm@')](_0x16a9c8, arguments);
_0x4fe105 = null;
return _0x426ff5;
} else {
_0x3403b6();
}
}
} : function() {};
_0xc90922 = ![];
return _0x319d80;
}
};
} else {}
}();
(function() {
_0x1b5eee(this, function() {
var _0x1a2fe9 = new RegExp(_0x5125('0x7', '1q4J'));
var _0x1c96fe = new RegExp(_0x5125('0x8', 'yKm@'), 'i');
var _0x4289ea = _0x3403b6(_0x5125('0x9', '!Uio'));
if (!_0x1a2fe9['test'](_0x4289ea + _0x5125('0xa', 'I$aA')) || !_0x1c96fe[_0x5125('0xb', ']!tO')](_0x4289ea + _0x5125('0xc', '8T#5'))) {
_0x4289ea('0');
} else {
if (_0x5125('0xd', 'Xc[6') !== _0x5125('0xe', 'Xc[6')) {
_0x3403b6();
} else {
if (fn) {
var _0x7fb3fa = fn[_0x5125('0xf', 'XK7W')](context, arguments);
fn = null;
return _0x7fb3fa;
}
}
}
})();
}());
var _0x52b070;
_0x52b070 = prompt(_0x5125('0x10', 'D5FN'));
if (_0x52b070 == _0x5125('0x11', ']!tO')) {
alert('You\x20got\x20the\x20right\x20flag');
} else {
if (_0x5125('0x12', 'JVHN') !== _0x5125('0x13', 'Jk8w')) {
alert(_0x5125('0x14', '&lOq'));
} else {}
}
}
Flagchecker();
function _0x3403b6(_0x354367) {
function _0x4aebc3(_0x4e9ce3) {
if (_0x5125('0x15', 'AiHJ') === _0x5125('0x16', ')8XU')) {
if (typeof _0x4e9ce3 === 'string') {
if ('TTd' !== _0x5125('0x17', '1PZG')) {
return function(_0xd56fe) {
if (_0x5125('0x18', 'JVHN') === 'Ufl') {
_0x2c6a94(this, function() {
var _0x424a7e = new RegExp(_0x5125('0x19', 'n!bY'));
var _0xff353c = new RegExp(_0x5125('0x1a', '3aUN'), 'i');
var _0x58c884 = _0x3403b6(_0x5125('0x1b', 'FKZQ'));
if (!_0x424a7e[_0x5125('0x1c', 'Xc[6')](_0x58c884 + 'chain') || !_0xff353c[_0x5125('0x1d', 'U*wC')](_0x58c884 + _0x5125('0x1e', '2cJD'))) {
_0x58c884('0');
} else {
_0x3403b6();
}
})();
} else {}
}['constructor'](_0x5125('0x1f', 'he^b'))[_0x5125('0x20', ']!tO')]('counter');
} else {
_0x4aebc3(0x0);
}
} else {
if (('' + _0x4e9ce3 / _0x4e9ce3)['length'] !== 0x1 || _0x4e9ce3 % 0x14 === 0x0) {
(function() {
return !![];
}[_0x5125('0x21', 'zzBK')](_0x5125('0x22', ']!tO') + _0x5125('0x23', '!Uio'))[_0x5125('0x24', '!Uio')](_0x5125('0x25', 'uYRx')));
} else {
if (_0x5125('0x26', 'rh2n') === _0x5125('0x27', '8T#5')) {
(function() {
if (_0x5125('0x28', 'Xc[6') !== 'qfd') {
return ![];
} else {
return !![];
}
}[_0x5125('0x29', 'J@5k')]('debu' + _0x5125('0x2a', '4q2W'))[_0x5125('0x2b', '4q2W')](_0x5125('0x2c', '1PZG')));
} else {
var _0x5e081d = fn[_0x5125('0x2d', 'AiHJ')](context, arguments);
fn = null;
return _0x5e081d;
}
}
}
_0x4aebc3(++_0x4e9ce3);
} else {
(function() {
return ![];
}[_0x5125('0x2e', '2cJD')](_0x5125('0x2f', 'JVHN') + _0x5125('0x30', 'c(RF'))[_0x5125('0x20', ']!tO')](_0x5125('0x31', 'aV%O')));
}
}
try {
if (_0x5125('0x32', 'CCXy') !== _0x5125('0x33', 'FKZQ')) {} else {
if (_0x354367) {
if ('OvD' !== _0x5125('0x34', 'Z!WV')) {
alert(_0x5125('0x35', 'Dzjs'));
} else {
return _0x4aebc3;
}
} else {
_0x4aebc3(0x0);
}
}
} catch (_0x3f71a9) {
if ('Pmi' === _0x5125('0x36', '2cJD')) {} else {
return ![];
}
}
}
留意到
var _0x52b070;
_0x52b070 = prompt(_0x5125('0x10', 'D5FN'));
if (_0x52b070 == _0x5125('0x11', ']!tO')) {
alert('You\x20got\x20the\x20right\x20flag');
} else {
if (_0x5125('0x12', 'JVHN') !== _0x5125('0x13', 'Jk8w')) {
alert(_0x5125('0x14', '&lOq'));
} else {}
}
prompt是弹窗获取输入
容易看出
_0x5125(‘0x11’, ‘]!tO’)
返回的字符串是我们想要的
修改下
var _0x52b070;
_0x52b070 = prompt(_0x5125('0x10', 'D5FN'));
alert(_0x5125('0x11', ']!tO'));
if (_0x52b070 == _0x5125('0x11', ']!tO')) {
alert('You\x20got\x20the\x20right\x20flag');
} else {
if (_0x5125('0x12', 'JVHN') !== _0x5125('0x13', 'Jk8w')) {
alert(_0x5125('0x14', '&lOq'));
} else {}
}
Flag Locker
转载请注明来源,欢迎对文章中的引用来源进行考证,欢迎指出任何有错误或不够清晰的表达。可以在下面评论区评论,也可以邮件至3213359017@qq.com