728x90

[๋ฌธ์ œ]

https://webhacking.kr/challenge/js-3/

 

Challenge 16

 

webhacking.kr

 

[๋ฌธ์ œ ํ’€์ด]

<script> 
document.body.innerHTML+="<font color=yellow id=aa style=position:relative;left:0;top:0>*</font>";
function mv(cd){
  kk(star.style.left-50,star.style.top-50);
  if(cd==100) star.style.left=parseInt(star.style.left+0,10)+50+"px";
  if(cd==97) star.style.left=parseInt(star.style.left+0,10)-50+"px";
  if(cd==119) star.style.top=parseInt(star.style.top+0,10)-50+"px";
  if(cd==115) star.style.top=parseInt(star.style.top+0,10)+50+"px";
  if(cd==124) location.href=String.fromCharCode(cd)+".php"; // do it!
}
function kk(x,y){
  rndc=Math.floor(Math.random()*9000000);
  document.body.innerHTML+="<font color=#"+rndc+" id=aa style=position:relative;left:"+x+";top:"+y+" onmouseover=this.innerHTML=''>*</font>";
}
</script>
  • ๋จผ์ € ์ฝ”๋“œ๋ฅผ ๋ถ„์„ํ•ด ๋ณด๋ฉด mvํ•จ์ˆ˜๋Š” ํ‚ค ์ž…๋ ฅ์— ๋”ฐ๋ผ ์›€์ง์ž„์„ ์ฒ˜๋ฆฌํ•˜๋Š” ํ•จ์ˆ˜์ž…๋‹ˆ๋‹ค.
  • cd๋Š” ASCII์ฝ”๋“œ๋กœ ์ „๋‹ฌ๋˜๋Š” ์ž…๋ ฅ ๊ฐ’์ž…๋‹ˆ๋‹ค.
    • d(100): ์˜ค๋ฅธ์ชฝ์œผ๋กœ 50px ์ด๋™
    • a(97): ์™ผ์ชฝ์œผ๋กœ 50px ์ด๋™
    • w(119): ์œ„๋กœ 50px ์ด๋™
    • s(115): ์•„๋ž˜๋กœ 50px ์ด๋™
  • ASCII ์ฝ”๋“œ๋กœ 124๋Š” |(ํŒŒ์ดํ”„)์ด๋‹ค.
    • | ํ‚ค๋ฅผ ๋ˆ„๋ฅด๋ฉด ์ƒˆ ํŽ˜์ด์ง€๋กœ ์ด๋™ํ•œ๋‹ค.

  • |(ํŒŒ์ดํ”„) ํ‚ค๋ฅผ ๋ˆŒ๋ €๋”๋‹ˆ ๋ฌธ์ œ๋ฅผ ํ•ด๊ฒฐํ•  ์ˆ˜ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.

'๋ณด์•ˆ > CTF' ์นดํ…Œ๊ณ ๋ฆฌ์˜ ๋‹ค๋ฅธ ๊ธ€

[Webhacking.kr] old-26 write-up  (0) 2025.01.05
[์›นํ•ดํ‚น] | [๋“œ๋ฆผํ•ต]-Broken Buffalo Wings  (0) 2025.01.01
[Webhacking.kr] old-15 write-up  (0) 2024.12.29
[Webhacking.kr] old-17 write-up  (0) 2024.12.22
[Webhacking.kr] old-01 write-up  (0) 2024.12.22

+ Recent posts

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”