超简单的js题 学习笔记
2016-04-08 09:53
316 查看
var p1 = '%66%75%6e%63%74%69%6f%6e%20%63%68%65%63%6b%53%75%62%6d%69%74%28%29%7b%76%61%72%20%61%3d%64%6f%63%75%6d%65%6e%74%2e%67%65%74%45%6c%65%6d%65%6e%74%42%79%49%64%28%22%70%61%73%73%77%6f%72%64%22%29%3b%69%66%28%22%75%6e%64%65%66%69%6e%65%64%22%21%3d%74%79%70%65%6f%66%20%61%29%7b%69%66%28%22%37%66%66%33%39%62%36%38%61%30%66%63%66%33'; var p2 = '%65%38%36%32%62%22%3d%3d%61%2e%76%61%6c%75%65%29%72%65%74%75%72%6e%21%30%3b%61%6c%65%72%74%28%22%45%72%72%6f%72%22%29%3b%61%2e%66%6f%63%75%73%28%29%3b%72%65%74%75%72%6e%21%31%7d%7d%64%6f%63%75%6d%65%6e%74%2e%67%65%74%45%6c%65%6d%65%6e%74%42%79%49%64%28%22%6c%65%76%65%6c%51%75%65%73%74%22%29%2e%6f%6e%73%75%62%6d%69%74%3d%63%68%65%63%6b%53%75%62%6d%69%74%3b'; eval(unescape(p1) + unescape('%63%34%61%66%34%39%30%34%62%64%37%35%38' + p2));
代码中定义的 p1 和 p2两个变量被escape加密了,直接用unescape解密即可,eval函数可以实现把字符串当做php代码进行计算,直接用alert函数输出eval得到的字符串即可得到flag
相关文章推荐
- JS 重新加载当前页面或者父页面
- JS----简单表单密码强度检验
- JSTL标签库简介
- ExtJS实现Excel导出
- 模块化JavaScript设计模式(一)
- js 截取字符串
- JSON资料整理(转)
- 页面缓存js问题解决
- 用js导出页面table到excel表中
- 关于fancybox大图片显示位置不准确的问题解决方案
- JS异步编程
- JavaScript代码实现左右上下自动晃动自动移动
- ExtJS小技巧
- 【转载】js--(function(){…})()立即执行函数写法理解
- JS表单验证的代码(常用)
- JS学习2
- 【Ghost Blog】如何给Ghost Blog添加背景音乐
- 关于Odoo 8.0 jsonrpc的调查
- JavaScript事件代理和委托详解
- js实现几秒页面跳转的几种方式