From 5bb8c8a01487d5f76948838ef236c5131e3d4742 Mon Sep 17 00:00:00 2001
From: luzhisheng <aiyingfeng110@qq.com>
Date: Wed, 27 Jul 2022 00:06:42 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A4=9C=E5=B9=95-JS=E9=80=86=E5=90=91?=
 =?UTF-8?q?=E7=B3=BB=E5=88=97=E8=AF=BE=20=E7=AC=AC6=E8=AF=BE=E7=BB=83?=
 =?UTF-8?q?=E4=B9=A0=E9=A2=98=E7=AC=AC=E4=B8=80=E7=A7=8D=E6=97=A0=E9=99=90?=
 =?UTF-8?q?debugger?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../readme.md                                 | 23 +++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/夜幕-JS逆向系列课 第6课练习题第一种无限debugger/readme.md b/夜幕-JS逆向系列课 第6课练习题第一种无限debugger/readme.md
index fcf297e..d394718 100644
--- a/夜幕-JS逆向系列课 第6课练习题第一种无限debugger/readme.md	
+++ b/夜幕-JS逆向系列课 第6课练习题第一种无限debugger/readme.md	
@@ -4,3 +4,26 @@
 
 如果关键参数 arg1 为 5D6DBFF4776ED19E013868C0663AC4A6FD3C2FEB，那么 set 的关键 cookie arg2 是多少？
 
+1.打开浏览器开发者工具全局搜索,清除cookie数据，刷新页面
+
+![debugger](../img/96.png)
+
+2.过掉 debugger , 调试F11进入内部执行函数
+
+![debugger](../img/97.png)
+
+3.搜索 arg1 ，很容易就定位代码位置
+
+    var _0x23a392 = arg1[_0x55f3('0x19', '\x50\x67\x35\x34')]();
+    arg2 = _0x23a392[_0x55f3('0x1b', '\x7a\x35\x4f\x26')](_0x5e8b26);
+    setTimeout('\x72\x65\x6c\x6f\x61\x64\x28\x61\x72\x67\x32\x29', 0x66a);
+    
+4.控制台测试输出
+
+![debugger](../img/98.png)
+
+![debugger](../img/99.png)
+
+5.结果
+
+    a3c0e93f77bfd38a6be3e0d72665bdfd2cead199
\ No newline at end of file