IDF-CTF-天罗地网

不难不易的js加密

题目：就是这里 → http://ctf.idf.cn/game/web/28

点击链接，弹出一个输入框。要求输入flag。

查看源代码，发现一个script脚本。
然后复制到站长工具js混淆加密压缩那里解密。
http://tool.chinaz.com/js.aspx

得到解密后的代码：

var a = prompt("\u8f93\u5165\u4f60\u7684\x66\x6c\x61\x67\u5427\uff0c\u5c11\u5e74\uff01", "");
var b = "\x66\x33\x33\x37\x33\x65\x33\x36\x63\x36\x37\x37\x37\x35\x30\x37\x37\x39\x66\x35\x64\x30\x34\x66\x66\x37\x38\x38\x35\x62\x33\x65";
var c = /.+_.+_.+/gi;
var d = 0x0;
var e = a.substr(0x8, 0x5);
if ($.md5(e) == b.replace(/7/ig, ++d).replace(/8/ig, d * 0x2)) {
    
    
    var f = a.substr(0x0 / d, 0x7);
    if (f.substr(0x5, 0x2) == "\x6a\x73" && $.md5(f.substr(0x0 / d, d + 0x3)) == "\x64\x30\x31\x35\x34\x64\x35\x30\x34\x38\x62\x35\x61\x35\x65\x62\x31\x30\x65\x66\x31\x36\x34\x36\x34\x30\x30\x37\x31\x39\x66\x31") {
   
   
        r = a.substr(0xd);
        if (r.charCodeAt(d) - 0x19 == r.charCodeAt(++d) - 0x19 && r.charCodeAt(--d) - 0x19 == r.charCodeAt(--d)) {
   
   
            var g = String.fromCharCode(0x4f);
            g = g.toLowerCase() + g.toLowerCase();
            if (r.substr((++d) * 0x3, 0x6) == g.concat("\x65\x61\x73\x79") && c.test(a)) {
   
   
                d = String(0x1) + String(a.length)
            }
        }
    }
};
if (a.substr(0x4, 0x1) != String.fromCharCode(d) || a.substr(0x4, 0x1) == "\x7a") {
   
   
    alert("\u989d\uff0c\u518d\u53bb\u60f3\u60f3\u3002\u3002")
} else {
   
   
    alert("\u606d<