simple_js
[principle]
javascript code audit
[Joint]
Master the simple javascript function
[surroundings]
windows
[tool]
firefox
[step]
1. Open the page to view the source code can be found js code, as shown in FIG.
2. Make the code audit found that no matter what the input will jump to false password, the password really located fromCharCode.
3. The first string processing python with it, producing the array [55,56,54,79,115,69,114,116,107,49,50], exp follows.
s="\x35\x35\x2c\x35\x36\x2c\x35\x34\x2c\x37\x39\x2c\x31\x31\x35\x2c\x36\x39\x2c\x31\x31\x34\x2c\x31\x31\x36\x2c\x31\x30\x37\x2c\x34\x39\x2c\x35\x30"
print (s)4. The resulting digital processing ascii respectively, to obtain the string 786OsErtk12, exp follows.
a = [55,56,54,79,115,69,114,116,107,49,50] c = "" for i in a: b = chr(i) c = c + b print(c)The format specification flag obtained Cyberpeace {786OsErtk12}