ALyric http://lyric.moesound.org/
ALyric 是一个可以和大家分享歌词的网站。
ALyric 支持将歌词以单句的形式展示,并提供了API,可以在第三方网站展示。
ALyric http://lyric.moesound.org/
ALyric 是一个可以和大家分享歌词的网站。
ALyric 支持将歌词以单句的形式展示,并提供了API,可以在第三方网站展示。
"use strict" | |
var dict = {}; | |
var appendToDict = (char) => { | |
if (dict[char]) dict[char]++ | |
else dict[char] = 1; | |
} | |
var convert = (string) => { | |
string.toLowerCase().split('').map(appendToDict); | |
for (key of Object.keys(dict)) { | |
string = string.replace(new RegExp(key, 'ig'), dict[key] % 2 == 0 ? '\$' : '#'); |
"use strict" | |
var dict = {}; | |
var appendToDict = char => { | |
if (dict[char]) dict[char]++ | |
else dict[char] = 1; | |
} | |
var escapeRegExp = string => { | |
return string.replace(/[.*+?^${}()|[\]\\]/g, '\\$&'); | |
} | |
var convert = string => { |
function wait(delay) { | |
return new Promise((resolve, reject) => { | |
setTimeout(resolve, delay); | |
}); | |
} | |
async function hello() { | |
await wait(delay); | |
console.log('executed'); | |
} |
进入界面,右上登录,Steam 账号授权。
然后进Home
发现有infomation
和shop
。shop
里可以买flag推测但显示余额不足。
购买动作的URL为http://gogogo.2017.hctf.io/shop/3
,修改3为4可以发现调试模式没关,源码泄露。
public function buy(Request $request)
{
$itemId = $request->route('id');
const cryptojs = require('crypto-js'); | |
const abemafresh = [1413502068, 2104980084, 1144534056, 1967279194, 2051549272, 860632952, 1464353903, 1212380503]; | |
const url = "abemafresh://abemafresh/206437t2806498f02ad88f4aecd7aa2083a6374edef/2928e09b0fa322020bbe5d854eb92984"; | |
const part1 = url.split('/')[3]; | |
const part2 = url.split('/')[4]; | |
const hash = cryptojs.HmacSHA256(part1, cryptojs.lib.WordArray.create(abemafresh)); | |
const decryptResult = cryptojs.AES.decrypt(cryptojs.lib.CipherParams.create({ | |
ciphertext: cryptojs.enc.Hex.parse(part2) |
// ==UserScript== | |
// @name New Script | |
// @namespace Violentmonkey Scripts | |
// @match https://show.bilibili.com/platform/checkSeat.html?* | |
// @grant none | |
// ==/UserScript== | |
// | |
// | |
(async () => { | |
const open = XMLHttpRequest.prototype.open; |
var hexcase = 0 | |
, b64pad = "="; | |
function b64_hmac_sha1(k, d) { | |
return rstr2b64(rstr_hmac_sha1(str2rstr_utf8(k), str2rstr_utf8(d))) | |
} | |
function rstr_sha1(s) { | |
return binb2rstr(binb_sha1(rstr2binb(s), 8 * s.length)) | |
} | |
function rstr_hmac_sha1(key, data) { | |
var bkey = rstr2binb(key); |