Hacker Games Suninatas WEB Level 1

1<%2     Str= Request ("Str")3 4     If  not Str=""  Then5result =Replace(Str,"a","AAD")6result =Replace(Result,"I","inch")7RESULT1 =Mid(Result,2,2)8RESULT2 =Mid(Result,4,6)9result = RESULT1 &result2Ten Response.Write Result One         Ifresult ="Admin"  Then APW ="????????" -         End if -     End if the%>

Open the page is an ASP source code, and then code audit, submit the correct answer.

Submit a 1, use Firefox firebug to see the request http://suninatas.com/Part_one/web01/web01.asp?str=1

Good, now know that the source code inside the str is the request URL inside the parameters.

Because did not learn the ASP syntax, probably guessed the next program function, by the way the next ASP manual, (ASP page default is VBScript).

The 2nd line of code is to accept the request with the parameter str. Then the 4th line determines that STR is not empty to continue, the replace () function is a replacement function, and the fifth line is to replace the ' a ' in str with ' AAD ' and assign the value to result.

The 6th line of code is to replace the ' I ' in result with ' in ' and assign the value to result. The Mid () function is a truncated function ( I say it myself, and the official statement is unclear). The 7th line is to truncate the result string into substrings.

Intercept from the 2nd bit, intercept 2 bits, and assign to RESULT1. The 8th line is to truncate the result string into strings, intercept from the 4th bit, intercept 6 bits, and assign the value to RESULT2. Line 9th is the connection result1

With RESULT2, assignment to result, at which point the value of result is still a string. The 10th line is the value of the output result. The 11th line starts to determine if the value of result is admin, yes then return PW, otherwise end.

Understand the general function of the program, the next step is to reverse the answer to push out.

The admin consists of two substrings that may have 6 of them listed first.

Result1:null (empty) a ad adm Admi admin

Result2:admin DMin min in n null (empty)

It is clear from line 7th that the length of the returned substring is 2, so the 4th group is probably the largest.

Result1=ad,result2=min.

Then the value of the result is *admin (* representing an unknown character), followed by the 5th line to know * is actually a. So the value of the complete result is aadmin, and finally the value of STR is AMI.

Congratulate yourself!!

Authkey:k09rsogjorejv934u592oi

Hacker Games Suninatas WEB Level 1