0
0

摸鱼大作战闯关

摸鱼大作战:
https://p.hancel.org/

Stage 1

stage1改成stage2

Stage 2

查看源代码

Stage 3

查看源代码

Stage 4

F12

Stage 5

this is linux
把url的mac换成linux

Stage 6

看源码

lang/加上ruby.php
后缀会自动变成html

Stage 7

密码是here

Stage 8

英语是真的烂

&&nbsp
实体化字符是空格的意思
空格的英文是space

Stage 9

凯撒密码

Stage 10

十六进制

251636973——————————》》effaced
十进制转十六进制

Stage 11

base64解密

VGhlIHBhc3N3b3JkIGlzIHN0b3JhZ2Uu
||
|| (base64)
||
storage

Stage 12

39°54'32.3"N 116°23'51.1"E
经纬度坐标为tiananmen

Stage 13

找个莫斯密码解码解得 HELLO.MORSE

Stage 14

密码是4
猜出来的

Stage 15

创建post请求输入空密码

Stage 16

Stage 17

Stage 18

同上

Stage 19

c74d97b01eae257e44aa9d5bade97baf    16

70efdf2ec9b086079795                

6f4922f45568161a8cdf4ad2299f6d23    18

由A得B

1f0e3dad99908345f7439f8ffabdffc4    19

Stage 20

开着F12进入页面,不然看不到             
           var a,b,c,d,e,f,g;
                a = 6.18;
                b = a * 2;
                c = a + b;
                d = c / b + a;
                e = c - d * b + a;
                f = e + d /c - b * a;
                g = f * e - d + c * b + a;
                a = g * g;
                a = Math.floor(a);
a=110037296

Stage 21

 eval(String.fromCharCode(100,111,99,117,109,101,110,116,46,102,111,114,109,115,91,48,93,46,111,110,115,117,98,109,105,116,32,61,32,102,117,110,99,116,105,111,110,40,41,123,10,32,32,32,32,32,32,32,32,105,102,40,100,111,99,117,109,101,110,116,46,103,101,116,69,108,101,109,101,110,116,66,121,73,100,40,39,112,97,115,115,119,100,39,41,46,118,97,108,117,101,32,61,61,32,39,118,117,101,106,115,39,41,123,10,32,32,32,32,32,32,32,32,32,32,32,32,119,105,110,100,111,119,46,108,111,99,97,116,105,111,110,46,104,114,101,102,32,61,32,39,118,117,101,106,115,46,104,116,109,108,39,59,10,32,32,32,32,32,32,32,32,125,101,108,115,101,123,10,32,32,32,32,32,32,32,32,32,32,32,32,97,108,101,114,116,40,39,80,97,115,115,119,111,114,100,32,119,97,115,32,119,114,111,110,103,33,39,41,59,10,32,32,32,32,32,32,32,32,125,10,32,32,32,32,32,32,32,32,114,101,116,117,114,110,32,102,97,108,115,101,59,10,32,32,32,32,125));

执行得到vuejs.html

Stage 22

F12网络里看请求头
set-cookie
    the password of stage 22 is =21fbd4a1acbdaf6f37e3eb01aebcf181ddcae1f8; Path=/; Expires=Wed, 13 Apr 2022 07:14:53 GMT; HttpOnly

Stage 23

F12网络中conmmon.js响应底部

Stage 24

F12网络http.html的头部

Stage 25

第n个数字对应第n个字母
组成flower

Stage 26

图片下载下来,改成rar压缩包,解压

Stage 27

图片下载下来,拉到记事本

Stage 28

说图片上有字,我是没看到
下一关:
truth

Stage 29

下载图片拖入记事本里头写着
提示三: /9j/(中略)/9k=
加上[data:image/jpg;base64,]的前缀在浏览器里打开, 图片写着mistake

没搞出来

Stage 30

标签: 安全
本文转载自: https://blog.csdn.net/weixin_53095382/article/details/124144086
版权归原作者 Nailaoyyds 所有, 如有侵权,请联系我们删除。
登录后发布评论

“摸鱼大作战闯关”的评论:

还没有评论
关于作者
...
overfit同步小助手
文章同步
相关阅读

5G网络安全解决方案

【在Linux世界中追寻伟大的One Piece】Socket编程TCP

01 服务器or本地项目部署全流程及常见问题

开源流媒体服务器ZLMediaKit Java实现教程

Hive Metastore 查分区大小 批量建表语句

从零开始的Vue+flask项目实战-登录系统的实现-Vue前端编写

【前端】在 TypeScript 中使用 AbortController 取消异步请求

文章导航