Home

<input type=button value="Submit" onclick=ck()> <script> function ck() { if(lv5frm.id.value=="") { lv5frm.id.focus(); return; } if(lv5frm.cmt.value=="") { lv5frm.cmt.focus(); return; } if(lv5frm.hack.value=="") { lv5frm.hack.focus(); return; } if(lv5frm.hack.value!=lv5frm.attackme.value) { lv5frm.hack.focus(); return; } lv5frm.submit...

Warning: Cannot modify header information - headers already sent by (output started at /home/hosting_users/webhacking/www/challenge/javascript/js6.html:11) in /home/hosting_users/webhacking/www/challenge/javascript/js6.html on line 29 에러를 뿜는다… 문제 터진듯…

<? if($_GET[no]) { if(eregi(" |/|\(|\)|\t|\||&|union|select|from|0x",$_GET[no])) exit("no hack"); $q=@mysql_fetch_array(mysql_query("select id from challenge18_table where id='guest' and no=$_GET[no]")); if($q[0]=="guest") echo ("hi guest"); if($q[0]=="admin") { @solve(); echo ("hi admin!"); } } ?> 소스코드의 중요 부위는 이부분이다....

<html> <head> <title>Challenge 17</title> </head> <body bgcolor=black> <font color=red size=10></font> <p> <form name=login> <input type=passwd name=pw><input type=button onclick=sub() value="check"> </form> <script> unlock=100*10*10+100/10-10+10+50-9*8+7-6+5-4*...

키보드 를 누르면 ‘*’ 문자가 생기고 마우스를 갖다 대면 지워진다… 뭥미…? 😕 <html> <head> <title>Challenge 16</title> <body bgcolor=black onload=kk(1,1) onkeypress=mv(event.keyCode)> <font color=silver id=c></font> <font color=yellow size=100 style=position:relative id=star>*</font> <script> document.body.innerHT...

level 15 버튼을 누르면 “Access_Denied”라는 알림창이 뜨고 들어가 지지 않는다. fiddler를 통해 캡처를 해보았다. 패킷에 브레이크 포인트를 걸고 하나씩 보내보니 “password is off_script”라고 뜨고 전 페이지로 리다이렉트 되었다. <html> <head> <title>Challenge 15</title> </head> <body> <script> alert("Access_Denied"); history.go(-1); document.write("password is off_script"); ...

<html> <head> <title>Challenge 14</title> <style type="text/css"> body { background:black; color:white; font-size:10pt; } </style> </head> <body> <br><br> <form name=pw><input type=text name=input_pwd><input type=button value="check" onclick=ck()></form> <scri...

javascript challenge 라고 뜬다. 소스코드를 살펴보자. <script> WorkTimeFun=String.fromCharCode(118,97,114,32,101,110,99,111,61,39,39,59,13,10,118,97,114,32,101,110,99,111,50,61,49,50,54,59,13,10,118,97,114,32,101,110,99,111,51,61,51,51,59,13,10,118,97,114,32,99,107,61,100,111,99,117,109,101,110,116,46,85,82,76,46,115,117,98,115,116,114,40,100,111,99,1...