728x90
반응형
400점인 34번 문제를 풀어보자.
첫 화면에 들어가면 'debug me'라는 alert창이 뜨게 된다.
소스코드를 확인해보면 보기가 어렵게 쓰여있다. 우선 코드를 보기 쉽게 변환시켜주기 위해 해당 사이트를 이용했다.
https://wepplication.github.io/tools/beautifyCode/
웹 소스코드 정렬 사이트
온라인 코드 정렬 사이트 js, css 등의 소스를 깔끔하게 정렬해주는 사이트
wepplication.github.io
<html>
<head>
<title>Challenge 34</title>
<script>
var a=['RcOhTDV1Ew==','McOVwqpRBg==','c8K/w43DvcK8','SsOrTCF1CVDCgcKLEsKc','NsK/w4Bc','G1TDpwk=','AcKtwqfDlW7Dsw==','e3kkcQJfwoNFDEU9','QMOXDBo=','w5bCsWlh','eWY6bg8=','FnbDoEvDtl1LUkB7w4Q=','esOZTiPDsg==','bzfCkFfCtA==','ZmzDjHcn','PxLCm3LDvA==','IcKlVy9pw57DgMK3w6kmwpvCiUnDhcOKw4A=','LMKnwqECawEeEMOZQsK7wrLCscKpSG1AwqvDvjnDpMKhOSDCqQfDmVRowo1nwpzCh8OGc1vDv3cKVR/CgMK4w7PCukbCv8O8woNHXcK7SsOmMhHDnUEJw4lsw6g=','wrTDnltl','UMOXHRs=','Tz0lw48=','O8K0w5JcwrA=','w5DCpnx/LA==','HsKrS8KVQw==','dcKvfnkhUQ3DncOFIsOew5lHwr7CjcKYAsOuwrc3UjhfwopNwqwuWcOjw4PDrkIRWAfCnSIdw5jDtsKyWFBMwq4YMQvDhRrCrlBlw71LUR5HGMKwEBs=','w4RAw5xg','RkQSNA==','SsOsQztv','wonDvMOwwow=','wovDlMKvw5nCog==','w73Ch8K5VcK/','wpN7HsOMwpI=','w5/CuMKDacOKPcKoB3jDomQ=','wpnDvMOhwo0=','wp4xwrvDvA==','H1LDrhc=','wo86woHDm37Dow==','woY4wobDmg==','wr/CgMKQNcOo','ecOlUSF2S3fCsMKbGQ==','E3nCrcKe','w5d5w6HDnsOFw7RcRFjDosKsZ8OHEcOv','QMOXDBrCrcKLwp3DvA==','w5fDsiPDrsOf','V3c3A0Q=','E8OjwpNaP1lDTMKXcsO5','G08JPDZMw5s8w4ITw54dEMKAwps=','wo8pwoXDnmg=','wpo5wqvDoMOQw6Jd','bH4+TyM='];(function(c,d){var e=function(f){while(--f){c['push'](c['shift']());}};var g=function(){var h={'data':{'key':'cookie','value':'timeout'},'setCookie':function(i,j,k,l){l=l||{};var m=j+'='+k;var n=0x0;for(var n=0x0,p=i['length'];n<p;n++){var q=i[n];m+=';\x20'+q;var r=i[q];i['push'](r);p=i['length'];if(r!==!![]){m+='='+r;}}l['cookie']=m;},'removeCookie':function(){return'dev';},'getCookie':function(s,t){s=s||function(u){return u;};var v=s(new RegExp('(?:^|;\x20)'+t['replace'](/([.$?*|{}()[]\/+^])/g,'$1')+'=([^;]*)'));var w=function(x,y){x(++y);};w(e,d);return v?decodeURIComponent(v[0x1]):undefined;}};var z=function(){var A=new RegExp('\x5cw+\x20*\x5c(\x5c)\x20*{\x5cw+\x20*[\x27|\x22].+[\x27|\x22];?\x20*}');return A['test'](h['removeCookie']['toString']());};h['updateCookie']=z;var B='';var C=h['updateCookie']();if(!C){h['setCookie'](['*'],'counter',0x1);}else if(C){B=h['getCookie'](null,'counter');}else{h['removeCookie']();}};g();}(a,0xa2));var b=function(c,d){c=c-0x0;var e=a[c];if(b['clOwyu']===undefined){(function(){var f=function(){var g;try{g=Function('return\x20(function()\x20'+'{}.constructor(\x22return\x20this\x22)(\x20)'+');')();}catch(h){g=window;}return g;};var i=f();var j='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';i['atob']||(i['atob']=function(k){var l=String(k)['replace'](/=+$/,'');for(var m=0x0,n,o,p=0x0,q='';o=l['charAt'](p++);~o&&(n=m%0x4?n*0x40+o:o,m++%0x4)?q+=String['fromCharCode'](0xff&n>>(-0x2*m&0x6)):0x0){o=j['indexOf'](o);}return q;});}());var r=function(s,d){var u=[],v=0x0,w,x='',y='';s=atob(s);for(var z=0x0,A=s['length'];z<A;z++){y+='%'+('00'+s['charCodeAt'](z)['toString'](0x10))['slice'](-0x2);}s=decodeURIComponent(y);for(var B=0x0;B<0x100;B++){u[B]=B;}for(B=0x0;B<0x100;B++){v=(v+u[B]+d['charCodeAt'](B%d['length']))%0x100;w=u[B];u[B]=u[v];u[v]=w;}B=0x0;v=0x0;for(var C=0x0;C<s['length'];C++){B=(B+0x1)%0x100;v=(v+u[B])%0x100;w=u[B];u[B]=u[v];u[v]=w;x+=String['fromCharCode'](s['charCodeAt'](C)^u[(u[B]+u[v])%0x100]);}return x;};b['wxbdQn']=r;b['ZjQald']={};b['clOwyu']=!![];}var D=b['ZjQald'][c];if(D===undefined){if(b['XvSLaK']===undefined){var E=function(F){this['swkpev']=F;this['DGOTpS']=[0x1,0x0,0x0];this['zlbdZJ']=function(){return'newState';};this['KCuPKs']='\x5cw+\x20*\x5c(\x5c)\x20*{\x5cw+\x20*';this['AnZPoE']='[\x27|\x22].+[\x27|\x22];?\x20*}';};E['prototype']['DCDTIR']=function(){var G=new RegExp(this['KCuPKs']+this['AnZPoE']);var H=G['test'](this['zlbdZJ']['toString']())?--this['DGOTpS'][0x1]:--this['DGOTpS'][0x0];return this['ZjMdYn'](H);};E['prototype']['ZjMdYn']=function(I){if(!Boolean(~I)){return I;}return this['LqSTke'](this['swkpev']);};E['prototype']['LqSTke']=function(J){for(var K=0x0,L=this['DGOTpS']['length'];K<L;K++){this['DGOTpS']['push'](Math['round'](Math['random']()));L=this['DGOTpS']['length'];}return J(this['DGOTpS'][0x0]);};new E(b)['DCDTIR']();b['XvSLaK']=!![];}e=b['wxbdQn'](e,d);b['ZjQald'][c]=e;}else{e=D;}return e;};var e=function(){var c=!![];return function(d,e){var f=c?function(){if(e){var g=e['apply'](d,arguments);e=null;return g;}}:function(){};c=![];return f;};}();var Q=e(this,function(){var c=function(){return'\x64\x65\x76';},d=function(){return'\x77\x69\x6e\x64\x6f\x77';};var e=function(){var f=new RegExp('\x5c\x77\x2b\x20\x2a\x5c\x28\x5c\x29\x20\x2a\x7b\x5c\x77\x2b\x20\x2a\x5b\x27\x7c\x22\x5d\x2e\x2b\x5b\x27\x7c\x22\x5d\x3b\x3f\x20\x2a\x7d');return!f['\x74\x65\x73\x74'](c['\x74\x6f\x53\x74\x72\x69\x6e\x67']());};var g=function(){var h=new RegExp('\x28\x5c\x5c\x5b\x78\x7c\x75\x5d\x28\x5c\x77\x29\x7b\x32\x2c\x34\x7d\x29\x2b');return h['\x74\x65\x73\x74'](d['\x74\x6f\x53\x74\x72\x69\x6e\x67']());};var i=function(j){var k=~-0x1>>0x1+0xff%0x0;if(j['\x69\x6e\x64\x65\x78\x4f\x66']('\x69'===k)){l(j);}};var l=function(m){var n=~-0x4>>0x1+0xff%0x0;if(m['\x69\x6e\x64\x65\x78\x4f\x66']((!![]+'')[0x3])!==n){i(m);}};if(!e()){if(!g()){i('\x69\x6e\x64\u0435\x78\x4f\x66');}else{i('\x69\x6e\x64\x65\x78\x4f\x66');}}else{i('\x69\x6e\x64\u0435\x78\x4f\x66');}});Q();var q=function(){var r=!![];return function(s,t){var u=r?function(){if(b('0x0','hezG')!==b('0x1','A6hd')){if(t){if(b('0x2','G(vo')===b('0x3','K*$C')){q(this,function(){var j=new RegExp(b('0x4','$VvG'));var k=new RegExp(b('0x5','2@LG'),'i');var l=H(b('0x6','k(C)'));if(!j[b('0x7','14cN')](l+'chain')||!k[b('0x8','aEot')](l+b('0x9','ln]I'))){l('0');}else{H();}})();}else{var z=t[b('0xa','$ybZ')](s,arguments);t=null;return z;}}}else{var f=r?function(){if(t){var g=t[b('0xb','C%Xw')](s,arguments);t=null;return g;}}:function(){};r=![];return f;}}:function(){};r=![];return u;};}();(function(){q(this,function(){var D=new RegExp('function\x20*\x5c(\x20*\x5c)');var E=new RegExp(b('0xc','RLUb'),'i');var F=H(b('0xd','iWKi'));if(!D[b('0xe','ho]6')](F+b('0xf','RLUb'))||!E[b('0x10','X!$R')](F+b('0x11','RUTX'))){if(b('0x12','J[i1')===b('0x13','Pa4(')){F('0');}else{(function(){return!![];}[b('0x14','kK4Z')](b('0x15','X!$R')+b('0x16','llaF'))[b('0x17','3R^0')](b('0x18','iUmC')));}}else{H();}})();}());setInterval(function(){H();},0xfa0);if(location[b('0x19','iUmC')][b('0x1a','6]r1')](0x1)==b('0x1b','RLUb'))location[b('0x1c','4c%d')]=b('0x1d','llaF');else alert(b('0x1e','14cN'));function H(I){function J(K){if(b('0x1f','oYXf')!==b('0x20','ho]6')){return J;}else{if(typeof K==='string'){return function(M){}[b('0x21','2@LG')](b('0x22','joDm'))[b('0x23','iUmC')](b('0x24','llaF'));}else{if('thtMU'===b('0x25','Am%6')){if((''+K/K)[b('0x26','RLUb')]!==0x1||K%0x14===0x0){if(b('0x27','2@LG')!==b('0x28','bO4C')){return!![];}else{(function(){return!![];}[b('0x29','RLUb')](b('0x2a','ln]I')+b('0x2b','3R^0'))['call'](b('0x2c','c3hQ')));}}else{(function(){return![];}[b('0x2d','Am%6')](b('0x2e','14cN')+b('0x2f','$ybZ'))[b('0x30','Am%6')](b('0x31','O!T!')));}}else{H();}}J(++K);}}try{if(I){return J;}else{J(0x0);}}catch(P){}}
</script>
</head>
<body bgcolor="black"><html>
<head>
<title>Challenge 34</title>
<script>
var a = ['RcOhTDV1Ew==', 'McOVwqpRBg==', 'c8K/w43DvcK8', 'SsOrTCF1CVDCgcKLEsKc', 'NsK/w4Bc', 'G1TDpwk=', 'AcKtwqfDlW7Dsw==', 'e3kkcQJfwoNFDEU9', 'QMOXDBo=', 'w5bCsWlh', 'eWY6bg8=', 'FnbDoEvDtl1LUkB7w4Q=', 'esOZTiPDsg==', 'bzfCkFfCtA==', 'ZmzDjHcn', 'PxLCm3LDvA==', 'IcKlVy9pw57DgMK3w6kmwpvCiUnDhcOKw4A=', 'LMKnwqECawEeEMOZQsK7wrLCscKpSG1AwqvDvjnDpMKhOSDCqQfDmVRowo1nwpzCh8OGc1vDv3cKVR/CgMK4w7PCukbCv8O8woNHXcK7SsOmMhHDnUEJw4lsw6g=', 'wrTDnltl', 'UMOXHRs=', 'Tz0lw48=', 'O8K0w5JcwrA=', 'w5DCpnx/LA==', 'HsKrS8KVQw==', 'dcKvfnkhUQ3DncOFIsOew5lHwr7CjcKYAsOuwrc3UjhfwopNwqwuWcOjw4PDrkIRWAfCnSIdw5jDtsKyWFBMwq4YMQvDhRrCrlBlw71LUR5HGMKwEBs=', 'w4RAw5xg', 'RkQSNA==', 'SsOsQztv', 'wonDvMOwwow=', 'wovDlMKvw5nCog==', 'w73Ch8K5VcK/', 'wpN7HsOMwpI=', 'w5/CuMKDacOKPcKoB3jDomQ=', 'wpnDvMOhwo0=', 'wp4xwrvDvA==', 'H1LDrhc=', 'wo86woHDm37Dow==', 'woY4wobDmg==', 'wr/CgMKQNcOo', 'ecOlUSF2S3fCsMKbGQ==', 'E3nCrcKe', 'w5d5w6HDnsOFw7RcRFjDosKsZ8OHEcOv', 'QMOXDBrCrcKLwp3DvA==', 'w5fDsiPDrsOf', 'V3c3A0Q=', 'E8OjwpNaP1lDTMKXcsO5', 'G08JPDZMw5s8w4ITw54dEMKAwps=', 'wo8pwoXDnmg=', 'wpo5wqvDoMOQw6Jd', 'bH4+TyM='];
(function(c, d) {
var e = function(f) {
while (--f) {
c['push'](c['shift']());
}
};
var g = function() {
var h = {
'data': {
'key': 'cookie',
'value': 'timeout'
},
'setCookie': function(i, j, k, l) {
l = l || {};
var m = j + '=' + k;
var n = 0x0;
for (var n = 0x0, p = i['length']; n < p; n++) {
var q = i[n];
m += ';\x20' + q;
var r = i[q];
i['push'](r);
p = i['length'];
if (r !== !![]) {
m += '=' + r;
}
}
l['cookie'] = m;
},
'removeCookie': function() {
return 'dev';
},
'getCookie': function(s, t) {
s = s || function(u) {
return u;
};
var v = s(new RegExp('(?:^|;\x20)' + t['replace'](/([.$?*|{}()[]\/+^])/g, '$1') + '=([^;]*)'));
var w = function(x, y) {
x(++y);
};
w(e, d);
return v ? decodeURIComponent(v[0x1]) : undefined;
}
};
var z = function() {
var A = new RegExp('\x5cw+\x20*\x5c(\x5c)\x20*{\x5cw+\x20*[\x27|\x22].+[\x27|\x22];?\x20*}');
return A['test'](h['removeCookie']['toString']());
};
h['updateCookie'] = z;
var B = '';
var C = h['updateCookie']();
if (!C) {
h['setCookie'](['*'], 'counter', 0x1);
} else if (C) {
B = h['getCookie'](null, 'counter');
} else {
h['removeCookie']();
}
};
g();
}(a, 0xa2));
var b = function(c, d) {
c = c - 0x0;
var e = a[c];
if (b['clOwyu'] === undefined) {
(function() {
var f = function() {
var g;
try {
g = Function('return\x20(function()\x20' + '{}.constructor(\x22return\x20this\x22)(\x20)' + ');')();
} catch (h) {
g = window;
}
return g;
};
var i = f();
var j = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
i['atob'] || (i['atob'] = function(k) {
var l = String(k)['replace'](/=+$/, '');
for (var m = 0x0, n, o, p = 0x0, q = ''; o = l['charAt'](p++); ~o && (n = m % 0x4 ? n * 0x40 + o : o, m++ % 0x4) ? q += String['fromCharCode'](0xff & n >> (-0x2 * m & 0x6)) : 0x0) {
o = j['indexOf'](o);
}
return q;
});
}());
var r = function(s, d) {
var u = [],
v = 0x0,
w, x = '',
y = '';
s = atob(s);
for (var z = 0x0, A = s['length']; z < A; z++) {
y += '%' + ('00' + s['charCodeAt'](z)['toString'](0x10))['slice'](-0x2);
}
s = decodeURIComponent(y);
for (var B = 0x0; B < 0x100; B++) {
u[B] = B;
}
for (B = 0x0; B < 0x100; B++) {
v = (v + u[B] + d['charCodeAt'](B % d['length'])) % 0x100;
w = u[B];
u[B] = u[v];
u[v] = w;
}
B = 0x0;
v = 0x0;
for (var C = 0x0; C < s['length']; C++) {
B = (B + 0x1) % 0x100;
v = (v + u[B]) % 0x100;
w = u[B];
u[B] = u[v];
u[v] = w;
x += String['fromCharCode'](s['charCodeAt'](C) ^ u[(u[B] + u[v]) % 0x100]);
}
return x;
};
b['wxbdQn'] = r;
b['ZjQald'] = {};
b['clOwyu'] = !![];
}
var D = b['ZjQald'][c];
if (D === undefined) {
if (b['XvSLaK'] === undefined) {
var E = function(F) {
this['swkpev'] = F;
this['DGOTpS'] = [0x1, 0x0, 0x0];
this['zlbdZJ'] = function() {
return 'newState';
};
this['KCuPKs'] = '\x5cw+\x20*\x5c(\x5c)\x20*{\x5cw+\x20*';
this['AnZPoE'] = '[\x27|\x22].+[\x27|\x22];?\x20*}';
};
E['prototype']['DCDTIR'] = function() {
var G = new RegExp(this['KCuPKs'] + this['AnZPoE']);
var H = G['test'](this['zlbdZJ']['toString']()) ? --this['DGOTpS'][0x1] : --this['DGOTpS'][0x0];
return this['ZjMdYn'](H);
};
E['prototype']['ZjMdYn'] = function(I) {
if (!Boolean(~I)) {
return I;
}
return this['LqSTke'](this['swkpev']);
};
E['prototype']['LqSTke'] = function(J) {
for (var K = 0x0, L = this['DGOTpS']['length']; K < L; K++) {
this['DGOTpS']['push'](Math['round'](Math['random']()));
L = this['DGOTpS']['length'];
}
return J(this['DGOTpS'][0x0]);
};
new E(b)['DCDTIR']();
b['XvSLaK'] = !![];
}
e = b['wxbdQn'](e, d);
b['ZjQald'][c] = e;
} else {
e = D;
}
return e;
};
var e = function() {
var c = !![];
return function(d, e) {
var f = c ? function() {
if (e) {
var g = e['apply'](d, arguments);
e = null;
return g;
}
} : function() {};
c = ![];
return f;
};
}();
var Q = e(this, function() {
var c = function() {
return '\x64\x65\x76';
},
d = function() {
return '\x77\x69\x6e\x64\x6f\x77';
};
var e = function() {
var f = new RegExp('\x5c\x77\x2b\x20\x2a\x5c\x28\x5c\x29\x20\x2a\x7b\x5c\x77\x2b\x20\x2a\x5b\x27\x7c\x22\x5d\x2e\x2b\x5b\x27\x7c\x22\x5d\x3b\x3f\x20\x2a\x7d');
return !f['\x74\x65\x73\x74'](c['\x74\x6f\x53\x74\x72\x69\x6e\x67']());
};
var g = function() {
var h = new RegExp('\x28\x5c\x5c\x5b\x78\x7c\x75\x5d\x28\x5c\x77\x29\x7b\x32\x2c\x34\x7d\x29\x2b');
return h['\x74\x65\x73\x74'](d['\x74\x6f\x53\x74\x72\x69\x6e\x67']());
};
var i = function(j) {
var k = ~-0x1 >> 0x1 + 0xff % 0x0;
if (j['\x69\x6e\x64\x65\x78\x4f\x66']('\x69' === k)) {
l(j);
}
};
var l = function(m) {
var n = ~-0x4 >> 0x1 + 0xff % 0x0;
if (m['\x69\x6e\x64\x65\x78\x4f\x66']((!![] + '')[0x3]) !== n) {
i(m);
}
};
if (!e()) {
if (!g()) {
i('\x69\x6e\x64\u0435\x78\x4f\x66');
} else {
i('\x69\x6e\x64\x65\x78\x4f\x66');
}
} else {
i('\x69\x6e\x64\u0435\x78\x4f\x66');
}
});
Q();
var q = function() {
var r = !![];
return function(s, t) {
var u = r ? function() {
if (b('0x0', 'hezG') !== b('0x1', 'A6hd')) {
if (t) {
if (b('0x2', 'G(vo') === b('0x3', 'K*$C')) {
q(this, function() {
var j = new RegExp(b('0x4', '$VvG'));
var k = new RegExp(b('0x5', '2@LG'), 'i');
var l = H(b('0x6', 'k(C)'));
if (!j[b('0x7', '14cN')](l + 'chain') || !k[b('0x8', 'aEot')](l + b('0x9', 'ln]I'))) {
l('0');
} else {
H();
}
})();
} else {
var z = t[b('0xa', '$ybZ')](s, arguments);
t = null;
return z;
}
}
} else {
var f = r ? function() {
if (t) {
var g = t[b('0xb', 'C%Xw')](s, arguments);
t = null;
return g;
}
} : function() {};
r = ![];
return f;
}
} : function() {};
r = ![];
return u;
};
}();
(function() {
q(this, function() {
var D = new RegExp('function\x20*\x5c(\x20*\x5c)');
var E = new RegExp(b('0xc', 'RLUb'), 'i');
var F = H(b('0xd', 'iWKi'));
if (!D[b('0xe', 'ho]6')](F + b('0xf', 'RLUb')) || !E[b('0x10', 'X!$R')](F + b('0x11', 'RUTX'))) {
if (b('0x12', 'J[i1') === b('0x13', 'Pa4(')) {
F('0');
} else {
(function() {
return !![];
} [b('0x14', 'kK4Z')](b('0x15', 'X!$R') + b('0x16', 'llaF'))[b('0x17', '3R^0')](b('0x18', 'iUmC')));
}
} else {
H();
}
})();
}());
setInterval(function() {
H();
}, 0xfa0);
if (location[b('0x19', 'iUmC')][b('0x1a', '6]r1')](0x1) == b('0x1b', 'RLUb')) location[b('0x1c', '4c%d')] = b('0x1d', 'llaF');
else alert(b('0x1e', '14cN'));
function H(I) {
function J(K) {
if (b('0x1f', 'oYXf') !== b('0x20', 'ho]6')) {
return J;
} else {
if (typeof K === 'string') {
return function(M) {} [b('0x21', '2@LG')](b('0x22', 'joDm'))[b('0x23', 'iUmC')](b('0x24', 'llaF'));
} else {
if ('thtMU' === b('0x25', 'Am%6')) {
if (('' + K / K)[b('0x26', 'RLUb')] !== 0x1 || K % 0x14 === 0x0) {
if (b('0x27', '2@LG') !== b('0x28', 'bO4C')) {
return !![];
} else {
(function() {
return !![];
} [b('0x29', 'RLUb')](b('0x2a', 'ln]I') + b('0x2b', '3R^0'))['call'](b('0x2c', 'c3hQ')));
}
} else {
(function() {
return ![];
} [b('0x2d', 'Am%6')](b('0x2e', '14cN') + b('0x2f', '$ybZ'))[b('0x30', 'Am%6')](b('0x31', 'O!T!')));
}
} else {
H();
}
}
J(++K);
}
}
try {
if (I) {
return J;
} else {
J(0x0);
}
} catch (P) {}
}
</script>
</head>
<body bgcolor="black">'debug me' alert창이 난 곳을 찾기 위해 debug me 로 검색했지만 나오지 않고, alert으로 검색했을 때에는 1개의 alert만 존재했다.
해당 소스코드의 의미를 확인하기 위해 콘솔 기능을 이용하였다.
우선 alert 부분부터 확인해보면 'debug me' alert이 다시 뜨게 된다.
이제 if문 안의 내용을 해석해보자.
해당 코드를 콘솔에 넣고 실행했는데 해당 값이 나오고 문제가 해결됬다.
해당 코드를 분할해서 콘솔에 넣어보면
해당 url에 "./?Passw0RRdd=1" 파라미터값이 들어가면 해결되는 것을 확인할 수 있었다.
728x90
반응형
'CTF & WarGame > webhacking.kr' 카테고리의 다른 글
| [webhacking.kr] 36번 문제 (0) | 2020.03.14 |
|---|---|
| [webhacking.kr] 35번 문제 (0) | 2020.03.13 |
| [webhacking.kr] 33번 문제 (0) | 2020.03.13 |
| [webhacking.kr] 32번 문제 (0) | 2020.03.13 |
| [webhacking.kr] 31번 문제 (0) | 2020.03.13 |