솔직히 문제 분석하는 것보다 답을 써놓는 게 나을 거 같습니다....
[ 문제 1 ]
https://webhacking.kr/challenge/bonus-6/?get=hehe
[ 문제 2 ]
POST https://webhacking.kr/challenge/bonus-6/lv2.php HTTP/1.1
Host: webhacking.kr
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Referer: https://webhacking.kr/challenge/bonus-6/?get=hehe
Accept-Encoding: gzip, deflate, br
Accept-Language: ko-KR,ko;q=0.9,en-US;q=0.8,en;q=0.7,lt;q=0.6
Cookie: PHPSESSID=****
Content-type: application/x-www-form-urlencoded
Content-Length: 21
post=hehe&post2=hehe2
[ 문제 3 ]
https://webhacking.kr/challenge/bonus-6/33.php?myip=내 아이피
[ 문제 4 ]
https://webhacking.kr/challenge/bonus-6/l4.php?password=[MD5 해쉬값]
#!/bin/python3
import hashlib
hashlib.md5('hint에 나오는 시간보다 조금 앞'.encode()).hexdigest()
이후 새로고침
[ 문제 5 ]
POST https://webhacking.kr/challenge/bonus-6/md555.php?imget=1 HTTP/1.1
Host: webhacking.kr
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,ko;q=0.8
Content-type: application/x-www-form-urlencoded
Content-Length: 8
Cookie: PHPSESSID=***; imcookie=1;
impost=1
[ 문제 6 ]
POST https://webhacking.kr/challenge/bonus-6/gpcc.php HTTP/1.1
Host: webhacking.kr
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-origin
Referer: https://webhacking.kr/challenge/bonus-6/md555.php?imget=1
Content-type: application/x-www-form-urlencoded
Content-Length: 35
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,ko;q=0.8
Cookie: PHPSESSID=****; test=[자신의 IP 값의 md5 Hash];
kk=[자신의 접속해서 나온 HTTP_USER_AGENT 값의 md5 Hash]
[ 문제 7 ]
자신의 아이피가 www.xxx.yyy.zzz이면
https://webhacking.kr/challenge/bonus-6/wtff.php?wwwwxxxxyyyyzzzz=wwwwxxxxyyyyzzzz
[ 문제 8 ]
https://webhacking.kr/challenge/bonus-6/ipt.php?addr=127.0.0.1
[ 문제 9 ]
#!/bin/python3
t = ""
for i in range(13):
t += chr(97+(i*2))
print(t)
https://webhacking.kr/challenge/bonus-6/nextt.php?ans=acegikmoqsuwy
[ 문제 10 ]
phptester.net 에서 아래의 코드르 넣고 돌려보면 답이 나옴
<?php
$ip = '210.217.38.14';
for($i=0;$i<=strlen($ip);$i++) $ip=str_replace($i,ord($i),$ip);
$ip=str_replace(".","",$ip);
$ip=substr($ip,0,10);
$answer = $ip*2;
$answer = $ip/2;
$answer = str_replace(".","",$answer);
echo $ip;
echo "</br>";
echo $answer;
https://webhacking.kr/challenge/bonus-6/answerip/27577553775_5515510755.php
'WARGAMES > webhacking.kr - old' 카테고리의 다른 글
| Webhacking.kr_No37(250) - old (0) | 2020.01.06 |
|---|---|
| Webhacking.kr_No36(200) - old (0) | 2020.01.06 |
| Webhacking.kr_No35(350) - old (0) | 2020.01.06 |
| Webhacking.kr_No34(400) - old (0) | 2019.12.31 |
| Webhacking.kr_No32(150) - old (0) | 2019.12.31 |
| Webhacking.kr_No31(150) - old (0) | 2019.12.31 |
| Webhacking.kr_No30(550) - old (0) | 2019.12.31 |
| Webhacking.kr_No.29(400) - old (0) | 2019.12.31 |