Sunday, May 29, 2011

Crack the game (in)



    
Such games are generally from simple to complex, similar to the kind of level career in stand-alone game, but here is the computer knowledge to use, including many related to the content, such as network knowledge, knowledge of crack, hacker knowledge, etc. .

    
First off is very simple, Xu Yi imagined to right-click, and then view the page source code. Sure enough, there are such a "haha, were you discovered. But next time can not be so easy. The pass code is related to BD." Xu Yi see the original words and set the font color is the same background color. He used the mouse to the content of anti-selection page, and she can see the words.

    
The relations are indeed very simple, just hold the mouse can jump to see happen. Who appears to be the topic and break through the barrier in order to mobilize the enthusiasm of those who designed, of course, only those just starting to learn the knowledge of the newbies.

    
Smoothly into the second hurdle. Front page content and almost certainly not as simple as the first hurdle, and Xu Yi or subconsciously want to see the source code, after all, could not see any from the web directly, in order to break the code can only start from the source. Right-click, the pop up a dialog box :"^_^ fuel, keep it up!. "

    
The original is the right to shut off. This method uses a lot of people at an early stage, many owners do not want to compare and mean visitors will copy the contents of a Web page saved, so they use this to make things difficult for visitors who do not understand technology, typically, large Some people are more casual attitude to hold, you will not let replication do not replicate, the content does not have to grab the top down is not.

    
Xu Yi, of course not beat this level, it can only be stopped stopped rookie, Xu Yi are N ways to crack. This effect is called the main JavaScript dynamic scripts (Note: This language and legends of the Java language has no relatives, known as the most serious being misunderstood programming language.) When the visitor clicks the right mouse button, it will be the first time that the (captured), then follow the scheduled program features programmers to respond to this "event", such as right click no response, the pop-up dialog boxes and other functions .

    
So, how can we break it? By the way, is to make the scripting language fails, it does not work.

    
Web browser (such as IE) internal integration of a scripting language interpretation, simply to disable this feature off, that page of the script became a display, what would never work. And this feature is very easy to disable the swap, as long as a simple check off one of the options only.

    
But for Xu Yi, this method is still relatively trouble, so after reading the source code and should set the restore. If you disable this feature off because, after a number of web pages are no dynamic effects. Xu Yi is used in the URL in the address bar directly in front of typing a command "view-sourse:", this command is a command recognized the browser itself, meaning that "View Source", the implementation of "view-sourse: http ://***" later, inside the source code is displayed.

    
There is also a relatively simple method, that is directly on the browser toolbar, see the "source" function. In addition, you can use other software to open, for example, in the windows system, Notepad, WordPad, and the like, directly to the website enter the address to open the dialog box, you can. If you do not bother, then download the software directly downloaded from this page look.

    
Xu Yi very well off to see the second page of the source code, generally browse a bit and found some suspicious code comparison, Xu Yi inference pass the password should be hidden in them.

    
This code says: "% B9% A7% CF% B2% B9% FD% B9% D8% A3% A1% B1% BE% B9% D8% C3% DC% C2% EB% CA% C7% 45% 32 "

    
The second hurdle a little bit difficult, Xu Yi chuckled. Strange to see this section of code to know how he cracked. Look at their form, it is clear that URL encoding, that is, converted at the time of coding. When the Internet can often see this code, the browser used to form the input of a format packaged, this situation with the search engine found at the time of the most common things, search the content is usually converted into this form will be presented in the browser's address bar (as to why this later explained).

    
URL encoded character is actually ASCII (American National Standard Code for Information Exchange) in hexadecimal, but slightly changes, you need to add "%." Such as the backslash "\", and its ASCII code is 92, and 92 is the hexadecimal 5C, so it's URL encoding is% 5C. Character encoding is the same principle, such as "Hu" the ASCII code is 17670, hexadecimal code is BAFA, it's URL encoding is "% BA% FA", as one character is two bytes, so the middle more than a "%."

    
URL encoding is often no access to normal, because IE will automatically be entered into the address bar of non-numeric characters into URL encoding, only the programmers in the preparation of some related functions only when the program need to use one of the principle, of course, body To a hacker, this code is the need to master, and some intrusion on the need to use this knowledge (such as: SQL injection).

    
This little knowledge of Xu Yi already mastered by heart, he decided to bring up the compiler, the spot has prepared a URL encoding converter, anyway, to understand the principle, to write without having to spend much time, but later also need them.

    
Copy the code to their own period of just writing a small program, converted a few Chinese characters: "Congratulations to pass! The related password is E2".

    
Xu Yi smiled, though no more difficult subject, but it was good feeling to cross the border, the second difficulty related to the first hurdle was larger than many, is estimated to be stumped a rookie. Third, the difficulty of what? Xu Yi really looking forward to a little bit, hoping to make himself look a headache, most recently working on cryptography it.

    
Enter the password for the second hurdle, well into the third off. Some similar steps, or may view the source code, but this time the source code looks a bit confusing, unlike the first two off, as a glance, you can probably find some part of the password. Third, there are many pages of code used to interfere with, mainly because some script code. This requires that checkpoints are more familiar with programming on the Web can read the code, or at least should know what that code should be complete function, which code useful, and what the code is from the interference effect.

    
Xu Yi quickly found the target, when the verification of some ciphertext, Xu Yi a look, that using a JScript.Encode encryption, as long as you can get the corresponding decryption function, which may be a problem for others However, Xu Yi nature can easily get, he was well into the fourth pass, he wanted to see how many off in the end, and would like to see the final hurdle earlier. 

No comments:

Post a Comment