Hell JS write up
이걸 실행시키면 다음 결과가 나오는데,
[]["filter"]["constructor"]([]["filter"]["constructor"]("return "+[]["filter"]["constructor"]("return "+"u"+"n"+"e"+"s"+"c"+"a"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e")()([]["filter"]["constructor"]("return "+"e"+"s"+"c"+"a"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e")()({})[+[]]+"5"+(!![]+!![]+!![]))+"t"+"r"+"i"+"n"+[]["filter"]["constructor"]("return "+"t"+"y"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e"+"o"+"f"+([]+[])["fontcolor"]()["1"+(!![]+!![])]+([]+[])["fontcolor"]()["1"+(!![]+!![])])()[!![]+!![]+!![]+!![]+!![]])()["f"+"r"+"o"+[]["filter"]["constructor"]("return "+"t"+"y"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e"+"o"+"f"+" "+"0")()[!![]+!![]]+[]["filter"]["constructor"]("return "+"e"+"s"+"c"+"a"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e")()("1"["s"+"u"+"b"]())[!![]+!![]]+([]["filter"]["constructor"]("return "+"location")()+[])[+[]]+"a"+"r"+[]["filter"]["constructor"]("return "+"e"+"s"+"c"+"a"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e")()("1"["s"+"u"+"b"]())[!![]+!![]]+"o"+"d"+"e"]("4"+"7","4"+"2","1"+"0","1"+"0","9","1"+"0"+"4","101","108","108","111","3"+"3","1"+"0","1"+"0","4"+"2","4"+"7"))()+[]["filter"]["constructor"]([]["filter"]["constructor"]("return "+[]["filter"]["constructor"]("return "+"u"+"n"+"e"+"s"+"c"+"a"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e")()([]["filter"]["constructor"]("return "+"e"+"s"+"c"+"a"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e")()({})[+[]]+"5"+(!![]+!![]+!![]))+"t"+"r"+"i"+"n"+[]["filter"]["constructor"]("return "+"t"+"y"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e"+"o"+"f"+([]+[])["fontcolor"]()["1"+(!![]+!![])]+([]+[])["fontcolor"]()["1"+(!![]+!![])])()[!![]+!![]+!![]+!![]+!![]])()["f"+"r"+"o"+[]["filter"]["constructor"]("return "+"t"+"y"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e"+"o"+"f"+" "+"0")()[!![]+!![]]+[]["filter"]["constructor"]("return "+"e"+"s"+"c"+"a"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e")()("1"["s"+"u"+"b"]())[!![]+!![]]+([]["filter"]["constructor"]("return "+"location")()+[])[+[]]+"a"+"r"+[]["filter"]["constructor"]("return "+"e"+"s"+"c"+"a"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e")()("1"["s"+"u"+"b"]())[!![]+!![]]+"o"+"d"+"e"]("4"+"7","4"+"7","3"+"2","1"+"0"+"3","111","111","100","3"+"2","106","111","98","3"+"3","1"+"0","1"+"0","108","101","116","3"+"2","102","108","97","1"+"0"+"3","3"+"2","61","3"+"2","112","1"+"1"+"4","111","1"+"0"+"9","112","116","40","34","119","1"+"0"+"4","97","116","3"+"2","105","1"+"1"+"5","3"+"2","116","1"+"0"+"4","101","3"+"2","102","108","97","1"+"0"+"3","6"+"3","34","4"+"1","5"+"9","1"+"0","1"+"0","105","102","3"+"2","40","102","108","97","1"+"0"+"3","3"+"2","61","61","61","3"+"2","34","34","4"+"1","3"+"2","1"+"2"+"3","1"+"0","1"+"0","9","97","108","101","1"+"1"+"4","116","40","34","112","108","110","112","1"+"1"+"7","116","34","4"+"1","5"+"9","1"+"0","1"+"0","125","3"+"2","101","108","1"+"1"+"5","101","3"+"2","105","102","3"+"2","40","102","108","97","1"+"0"+"3","3"+"2","61","61","61","3"+"2","34","102","108","97","1"+"0"+"3","1"+"2"+"3","5"+"0","4"+"9","100","102","5"+"2","97","100","5"+"1","99","101","5"+"1","4"+"9","97","102","5"+"6","5"+"2","5"+"3","99","102","57","99","100","5"+"4","97","5"+"3","101","100","100","98","98","57","4"+"9","125","34","4"+"1","3"+"2","1"+"2"+"3","1"+"0","1"+"0","9","97","108","101","1"+"1"+"4","116","40","34","98","105","1"+"1"+"0","1"+"0"+"3","111","34","4"+"1","5"+"9","1"+"0","1"+"0","125","3"+"2","101","108","1"+"1"+"5","101","3"+"2","1"+"2"+"3","1"+"0","1"+"0","9","97","108","101","1"+"1"+"4","116","40","34","119","1"+"1"+"4","111","1"+"1"+"0","1"+"0"+"3","34","4"+"1","5"+"9","1"+"0","1"+"0","125"))()+[]["filter"]["constructor"]([]["filter"]["constructor"]("return "+[]["filter"]["constructor"]("return "+"u"+"n"+"e"+"s"+"c"+"a"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e")()([]["filter"]["constructor"]("return "+"e"+"s"+"c"+"a"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e")()({})[+[]]+"5"+(!![]+!![]+!![]))+"t"+"r"+"i"+"n"+[]["filter"]["constructor"]("return "+"t"+"y"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e"+"o"+"f"+([]+[])["fontcolor"]()["1"+(!![]+!![])]+([]+[])["fontcolor"]()["1"+(!![]+!![])])()[!![]+!![]+!![]+!![]+!![]])()["f"+"r"+"o"+[]["filter"]["constructor"]("return "+"t"+"y"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e"+"o"+"f"+" "+"0")()[!![]+!![]]+[]["filter"]["constructor"]("return "+"e"+"s"+"c"+"a"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e")()("1"["s"+"u"+"b"]())[!![]+!![]]+([]["filter"]["constructor"]("return "+"location")()+[])[+[]]+"a"+"r"+[]["filter"]["constructor"]("return "+"e"+"s"+"c"+"a"+([]["filter"]["constructor"]("return "+"location")()+[])[3]+"e")()("1"["s"+"u"+"b"]())[!![]+!![]]+"o"+"d"+"e"]("4"+"7","4"+"2","1"+"0","1"+"0","9","1"+"0"+"4","111","119","3"+"2","97","1"+"1"+"4","101","3"+"2","1"+"2"+"1","111","1"+"1"+"7","6"+"3","1"+"0","1"+"0","4"+"2","4"+"7"))()
한 가젯 한 가젯 JS console에서 값을 구하면서 정리해보면 최종적으로 다음과 같은 코드가 나온다.
그리고 여기에서 String.fromCharCode 같아 보이는 함수의 인자를 String.fromCharCode 시켜보면 소스를 얻을 수 있다.
[]["filter"]["constructor"]([]["filter"]["constructor"]("return String")()["fromCharCode"]("4"+"7","4"+"7","3"+"2","1"+"0"+"3","111","111","100","3"+"2","106","111","98","3"+"3","1"+"0","1"+"0","108","101","116","3"+"2","102","108","97","1"+"0"+"3","3"+"2","61","3"+"2","112","1"+"1"+"4","111","1"+"0"+"9","112","116","40","34","119","1"+"0"+"4","97","116","3"+"2","105","1"+"1"+"5","3"+"2","116","1"+"0"+"4","101","3"+"2","102","108","97","1"+"0"+"3","6"+"3","34","4"+"1","5"+"9","1"+"0","1"+"0","105","102","3"+"2","40","102","108","97","1"+"0"+"3","3"+"2","61","61","61","3"+"2","34","34","4"+"1","3"+"2","1"+"2"+"3","1"+"0","1"+"0","9","97","108","101","1"+"1"+"4","116","40","34","112","108","1"+"2"+"2","3"+"2","105","1"+"1"+"0","112","1"+"1"+"7","116","34","4"+"1","5"+"9","1"+"0","1"+"0","125","3"+"2","101","108","1"+"1"+"5","101","3"+"2","105","102","3"+"2","40","102","108","97","1"+"0"+"3","3"+"2","61","61","61","3"+"2","34","102","108","97","1"+"0"+"3","1"+"2"+"3","5"+"0","4"+"9","100","102","5"+"2","97","100","5"+"1","99","101","5"+"1","4"+"9","97","102","5"+"6","5"+"2","5"+"3","99","102","57","99","100","5"+"4","97","5"+"3","101","100","100","98","98","57","4"+"9","125","34","4"+"1","3"+"2","1"+"2"+"3","1"+"0","1"+"0","9","97","108","101","1"+"1"+"4","116","40","34","98","105","1"+"1"+"0","1"+"0"+"3","111","34","4"+"1","5"+"9","1"+"0","1"+"0","125","3"+"2","101","108","1"+"1"+"5","101","3"+"2","1"+"2"+"3","1"+"0","1"+"0","9","97","108","101","1"+"1"+"4","116","40","34","119","1"+"1"+"4","111","1"+"1"+"0","1"+"0"+"3","34","4"+"1","5"+"9","1"+"0","1"+"0","125"))
'write-ups > solveme.safflower.kr' 카테고리의 다른 글
| Hard login (0) | 2018.03.04 |
|---|---|
| URL filtering write up (1) | 2018.03.04 |
| Hash collision write up (0) | 2018.03.04 |
| thirty six write up (0) | 2018.02.27 |
| Give me a link write up (0) | 2018.02.26 |