标签:var itertools earth ase turn log func ram flag
一直自动跳转/die/页面,只能抓包看
看到有个/chase/,进去看一下
去/leftt/中看一眼
后面就一路找,但是没找到什么有用的信息
看了wp才知道,关键点在js文件中
/static/js/door.js
最后来到static/js/fight.js
// Run to scramble original flag
//console.log(scramble(flag, action));
function scramble(flag, key) {
for (var i = 0; i < key.length; i++) {
let n = key.charCodeAt(i) % flag.length;
let temp = flag[i];
flag[i] = flag[n];
flag[n] = temp;
}
return flag;
}
function check_action() {
var action = document.getElementById("action").value;
var flag = ["{hey", "_boy", "aaaa", "s_im", "ck!}", "_baa", "aaaa", "pctf"];
// TODO: unscramble function
}
看起来flag顺序被打乱了,排列组合一下就行
#coding:utf-8
from itertools import permutations
flag = ["{hey", "_boy", "aaaa", "s_im", "ck!}", "_baa", "aaaa", "pctf"]
item = permutations(flag)
for i in item:
k = ‘‘.join(list(i))
if k.startswith(‘pctf{hey_boys‘) and k[-1] == ‘}‘:
print(k)
最后flagpctf{hey_boys_im_baaaaaaaaaack!}
参考
https://www.yuque.com/u390550/kdmol2/ul9gfw
标签:var itertools earth ase turn log func ram flag
原文地址:https://www.cnblogs.com/mech/p/13765074.html
