반응형
QR CODE PUZZLE 문제
2019.09.23 기준 113point 문제입니다.
javascript puzzle challenge
just enjoy!
소스 코드
더보기
<html>
<head></head>
<body>
<center>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
<script type="text/javascript" src="jquery.jqpuzzle.js"></script>
<script type="text/javascript" src="jquery.color-RGBa-patch.js"></script>
<script type="text/javascript" src="jquery.blockUI.js"></script>
<script type="text/javascript">
/*<![CDATA[*/
$(function () {
$('#join_img').attr('src', unescape('.%2f%69%6d%67%2f%71%72%2e%70%6e%67'));
$('#join_img').jqPuzzle({ rows: 6, cols: 6, shuffle: true, numbers: false, control: false, style: { overlap: false } });
hide_pz();
});
function hide_pz() {
var pz = $('#join_img div'); if (pz[pz.length - 2]) { $(pz[1]).remove(); $(pz[pz.length - 2]).remove(); } else { setTimeout("hide_pz()", 5); }
}
/*]]>*/
</script>
<style>
#join_img {
padding: 15px 15px 0 15px;
border: 2px solid #999;
background-color: #444;
}
</style>
<br>
<h1>QR Code Puzzle</h1>
<br>
<div class="jqPuzzle" id="join_img"
style="width: 496px; height: 512px; text-align: left; overflow: hidden; display: block;">
<div class="jqp-wrapper"
style="width: 496px; height: 496px; border-width: 0px; padding: 0px; margin: 0px; position: relative; overflow: hidden; display: block; visibility: inherit;">
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 332px; top: 249px; background-position: 0px 0px;"
current="22"><span style="display: none;">1</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 249px; top: 83px; background-position: -83px 0px;"
current="9"><span style="display: none;">2</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 249px; top: 249px; background-position: -166px 0px;"
current="21"><span style="display: none;">3</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 83px; top: 0px; background-position: -249px 0px;"
current="1"><span style="display: none;">4</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 332px; top: 166px; background-position: -332px 0px;"
current="16"><span style="display: none;">5</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 166px; top: 83px; background-position: -415px 0px;"
current="8"><span style="display: none;">6</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 415px; top: 332px; background-position: 0px -83px;"
current="29"><span style="display: none;">7</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 166px; top: 166px; background-position: -83px -83px;"
current="14"><span style="display: none;">8</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 83px; top: 249px; background-position: -166px -83px;"
current="19"><span style="display: none;">9</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 0px; top: 0px; background-position: -249px -83px;"
current="0"><span style="display: none;">10</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 249px; top: 332px; background-position: -332px -83px;"
current="27"><span style="display: none;">11</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 0px; top: 166px; background-position: -415px -83px;"
current="12"><span style="display: none;">12</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 0px; top: 415px; background-position: 0px -166px;"
current="30"><span style="display: none;">13</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 415px; top: 83px; background-position: -83px -166px;"
current="11"><span style="display: none;">14</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 415px; top: 249px; background-position: -166px -166px;"
current="23"><span style="display: none;">15</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 166px; top: 415px; background-position: -249px -166px;"
current="32"><span style="display: none;">16</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 0px; top: 332px; background-position: -332px -166px;"
current="24"><span style="display: none;">17</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 166px; top: 249px; background-position: -415px -166px;"
current="20"><span style="display: none;">18</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 166px; top: 0px; background-position: 0px -249px;"
current="2"><span style="display: none;">19</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 249px; top: 0px; background-position: -83px -249px;"
current="3"><span style="display: none;">20</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 415px; top: 0px; background-position: -166px -249px;"
current="5"><span style="display: none;">21</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 83px; top: 415px; background-position: -249px -249px;"
current="31"><span style="display: none;">22</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 332px; top: 0px; background-position: -332px -249px;"
current="4"><span style="display: none;">23</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 83px; top: 166px; background-position: -415px -249px;"
current="13"><span style="display: none;">24</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 83px; top: 83px; background-position: 0px -332px;"
current="7"><span style="display: none;">25</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 166px; top: 332px; background-position: -83px -332px;"
current="26"><span style="display: none;">26</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 0px; top: 249px; background-position: -166px -332px;"
current="18"><span style="display: none;">27</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 332px; top: 332px; background-position: -249px -332px;"
current="28"><span style="display: none;">28</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 415px; top: 166px; background-position: -332px -332px;"
current="17"><span style="display: none;">29</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 332px; top: 83px; background-position: -415px -332px;"
current="10"><span style="display: none;">30</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 249px; top: 166px; background-position: 0px -415px;"
current="15"><span style="display: none;">31</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 249px; top: 415px; background-position: -83px -415px;"
current="33"><span style="display: none;">32</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 0px; top: 83px; background-position: -166px -415px;"
current="6"><span style="display: none;">33</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 83px; top: 332px; background-position: -249px -415px;"
current="25"><span style="display: none;">34</span></div>
<div class="jqp-piece"
style="width: 81px; height: 81px; background-image: url("./img/qr.png"); border-width: 0px; margin: 0px; padding: 0px; position: absolute; overflow: hidden; display: block; visibility: inherit; cursor: default; left: 332px; top: 415px; background-position: -332px -415px;"
current="34"><span style="display: none;">35</span></div>
</div>
</div><br>
</center>
</body>
</html>해결 방법
이미지 경로 unescape
스크립트 부분에서 이미지 경로가 변환되어 있습니다.
escape() 함수는 ASCII 에 해당하지 않은 문자를 모두 유니코드 형식으로 변환
그와 반대로 unescape() 함수는 변환된 문자열을 복호화합니다.
변환된 경로를 복호화하기 위해 개발자 도구 console 창에
unescape('.%2f%69%6d%67%2f%71%72%2e%70%6e%67') 을 그대로 입력하면
이미지 파일의 경로 ./img/qr.png 가 출력됩니다.
URL에 이 경로를 붙여 넣으면 온전한 qr code가 나옵니다.
찾은 qr code를 스캔하여 FLAG 값을 얻을 수 있습니다.
Chrome 개발자 도구 Sources 확인
qr code puzzle은 background-image를 사용해 불러오고 있다는 것을
해당 html에서 확인할 수 있습니다.
개발자 도구 Sources에서
참조하고 있는 이미지의 경로(./img/qr.png)를 쉽게 찾을 수 있습니다.
반응형
'공부 > 정보보안' 카테고리의 다른 글
| [DVWA] File Upload (0) | 2019.11.27 |
|---|---|
| [DVWA] CSP Bypass (0) | 2019.11.25 |
| [Wargame.kr] login filtering 문제 (0) | 2019.09.16 |
| [Wargame.kr] flee button 문제 (0) | 2019.09.10 |
| 암호 키(Encryption Key) (0) | 2019.08.30 |
댓글