WEB AAencode(分值100)

點此進入南京郵電大學(xué)網(wǎng)絡(luò)攻防訓(xùn)練平臺

解題過程

題目

點開題目干旧,發(fā)現(xiàn)是一堆亂亂的東西,審查元素無果
搜了一下javascript aaencode,發(fā)現(xiàn)是一個把js代碼轉(zhuǎn)成顏文字的編碼

在瀏覽器中顯示的亂亂的東西坤溃,是編碼的問題
換成正常編碼之后是這樣的:

這里給出正常編碼下的代碼:

?ω??= /`m′)? ~┻━┻   //*′?`*/ ['_']; o=(???)  =_=3; c=(?Θ?) =(???)-(???); (?Д?) =(?Θ?)= (o^_^o)/ (o^_^o);(?Д?)={?Θ?: '_' ,?ω?? : ((ω??==3) +'_') [?Θ?] ,???? :(?ω??+ '_')[o^_^o -(?Θ?)] ,?Д??:((???==3) +'_')[???] }; (?Д?) [?Θ?] =((?ω??==3) +'_') [c^_^o];(?Д?) ['c'] = ((?Д?)+'_') [ (???)+(???)-(?Θ?) ];(?Д?) ['o'] = ((?Д?)+'_') [?Θ?];(?o?)=(?Д?) ['c']+(?Д?) ['o']+(?ω?? +'_')[?Θ?]+ ((?ω??==3) +'_') [???] + ((?Д?) +'_') [(???)+(???)]+ ((???==3) +'_') [?Θ?]+((???==3) +'_') [(???) - (?Θ?)]+(?Д?) ['c']+((?Д?)+'_') [(???)+(???)]+ (?Д?) ['o']+((???==3) +'_') [?Θ?];(?Д?) ['_'] =(o^_^o) [?o?] [?o?];(?ε?)=((???==3) +'_') [?Θ?]+ (?Д?) .?Д??+((?Д?)+'_') [(???) + (???)]+((???==3) +'_') [o^_^o -?Θ?]+((???==3) +'_') [?Θ?]+ (?ω?? +'_') [?Θ?]; (???)+=(?Θ?); (?Д?)[?ε?]='\\'; (?Д?).?Θ??=(?Д?+ ???)[o^_^o -(?Θ?)];(o???o)=(?ω?? +'_')[c^_^o];(?Д?) [?o?]='\"';(?Д?) ['_'] ( (?Д?) ['_'] (?ε?+(?Д?)[?o?]+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (?Θ?)+ (?Д?)[?ε?]+(?Θ?)+ ((???) + (?Θ?))+ (???)+ (?Д?)[?ε?]+(?Θ?)+ (???)+ ((???) + (?Θ?))+ (?Д?)[?ε?]+(?Θ?)+ ((o^_^o) +(o^_^o))+ ((o^_^o) - (?Θ?))+ (?Д?)[?ε?]+(?Θ?)+ ((o^_^o) +(o^_^o))+ (???)+ (?Д?)[?ε?]+((???) + (?Θ?))+ (c^_^o)+ (?Д?)[?ε?]+(???)+ ((o^_^o) - (?Θ?))+ (?Д?)[?ε?]+(?Θ?)+ ((???) + (?Θ?))+ ((o^_^o) +(o^_^o))+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (o^_^o)+ (?Д?)[?ε?]+(?Θ?)+ ((o^_^o) +(o^_^o))+ (???)+ (?Д?)[?ε?]+(?Θ?)+ (???)+ ((o^_^o) +(o^_^o))+ (?Д?)[?ε?]+(?Θ?)+ ((???) + (o^_^o))+ (o^_^o)+ (?Д?)[?ε?]+(?Θ?)+ ((???) + (?Θ?))+ ((o^_^o) - (?Θ?))+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (?Θ?)+ (?Д?)[?ε?]+(?Θ?)+ ((o^_^o) +(o^_^o))+ ((o^_^o) +(o^_^o))+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (?Θ?)+ (?Д?)[?ε?]+(?Θ?)+ ((o^_^o) +(o^_^o))+ (o^_^o)+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (o^_^o)+ (?Д?)[?ε?]+(?Θ?)+ ((o^_^o) +(o^_^o))+ ((o^_^o) - (?Θ?))+ (?Д?)[?ε?]+(?Θ?)+ ((???) + (?Θ?))+ (?Θ?)+ (?Д?)[?ε?]+(?Θ?)+ ((o^_^o) +(o^_^o))+ (c^_^o)+ (?Д?)[?ε?]+(?Θ?)+ ((o^_^o) +(o^_^o))+ (???)+ (?Д?)[?ε?]+(?Θ?)+ (o^_^o)+ ((???) + (o^_^o))+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (?Θ?)+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (?Θ?)+ (?Д?)[?ε?]+(?Θ?)+ (???)+ ((???) + (?Θ?))+ (?Д?)[?ε?]+(?Θ?)+ ((???) + (?Θ?))+ ((o^_^o) +(o^_^o))+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (o^_^o)+ (?Д?)[?ε?]+(?Θ?)+ ((???) + (?Θ?))+ ((???) + (o^_^o))+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (???)+ (?Д?)[?ε?]+(?Θ?)+ (???)+ ((???) + (?Θ?))+ (?Д?)[?ε?]+(?Θ?)+ ((???) + (o^_^o))+ ((???) + (?Θ?))+ (?Д?)[?ε?]+(???)+ ((o^_^o) - (?Θ?))+ (?Д?)[?ε?]+((???) + (?Θ?))+ (?Θ?)+ (?Д?)[?o?]) (?Θ?)) ('_');

找到一個aadecode在線解碼的丹允,復(fù)制粘貼進去航瞭,顯示:

image.png

拿到console里跑一下,同樣也報錯:

報錯

點進去查看具體位置:


具體位置

看不懂钞钙,去找aaencode的具體編碼規(guī)則鳄橘,發(fā)現(xiàn)在aaencode官網(wǎng)demo的源代碼里有aaencode的具體實現(xiàn)方式,代碼如下:

function aaencode( text )
{
    var t;
    var b = [
        "(c^_^o)",
        "(?Θ?)",
        "((o^_^o) - (?Θ?))",
        "(o^_^o)",
        "(???)",
        "((???) + (?Θ?))",
        "((o^_^o) +(o^_^o))",
        "((???) + (o^_^o))",
        "((???) + (???))",
        "((???) + (???) + (?Θ?))",
        "(?Д?) .?ω??",
        "(?Д?) .?Θ??",
        "(?Д?) ['c']",
        "(?Д?) .????",
        "(?Д?) .?Д??",
        "(?Д?) [?Θ?]"
        ];
    var r = "?ω??= /`m′)? ~┻━┻   //*′?`*/ ['_']; o=(???)  =_=3; c=(?Θ?) =(???)-(???); "; 
    
    if( /ひだまりスケッチ×(365|356)\s*來週も見てくださいね[!芒炼!]/.test( text ) ){
        r += "X=_=3; ";
        r += "\r\n\r\n    X / _ / X < \"來週も見てくださいね!\";\r\n\r\n";
    }
    r += "(?Д?) =(?Θ?)= (o^_^o)/ (o^_^o);"+
        "(?Д?)={?Θ?: '_' ,?ω?? : ((?ω??==3) +'_') [?Θ?] "+
        ",???? :(?ω??+ '_')[o^_^o -(?Θ?)] "+
        ",?Д??:((???==3) +'_')[???] }; (?Д?) [?Θ?] =((?ω??==3) +'_') [c^_^o];"+
        "(?Д?) ['c'] = ((?Д?)+'_') [ (???)+(???)-(?Θ?) ];"+
        "(?Д?) ['o'] = ((?Д?)+'_') [?Θ?];"+
        "(?o?)=(?Д?) ['c']+(?Д?) ['o']+(?ω?? +'_')[?Θ?]+ ((?ω??==3) +'_') [???] + "+
        "((?Д?) +'_') [(???)+(???)]+ ((???==3) +'_') [?Θ?]+"+
        "((???==3) +'_') [(???) - (?Θ?)]+(?Д?) ['c']+"+
        "((?Д?)+'_') [(???)+(???)]+ (?Д?) ['o']+"+
        "((???==3) +'_') [?Θ?];(?Д?) ['_'] =(o^_^o) [?o?] [?o?];"+
        "(?ε?)=((???==3) +'_') [?Θ?]+ (?Д?) .?Д??+"+
        "((?Д?)+'_') [(???) + (???)]+((???==3) +'_') [o^_^o -?Θ?]+"+
        "((???==3) +'_') [?Θ?]+ (?ω?? +'_') [?Θ?]; "+
        "(???)+=(?Θ?); (?Д?)[?ε?]='\\\\'; "+
        "(?Д?).?Θ??=(?Д?+ ???)[o^_^o -(?Θ?)];"+ 
        "(o???o)=(?ω?? +'_')[c^_^o];"+//TODO
        "(?Д?) [?o?]='\\\"';"+ 
        "(?Д?) ['_'] ( (?Д?) ['_'] (?ε?+";
    r += "(?Д?)[?o?]+ ";
    for( var i = 0; i < text.length; i++ ){
        n = text.charCodeAt( i );
        t = "(?Д?)[?ε?]+";
        if( n <= 127 ){
            t += n.toString( 8 ).replace( /[0-7]/g, function(c){ return b[ c ] + "+ "; } );
        }else{
            var m = /[0-9a-f]{4}$/.exec( "000" + n.toString(16 ) )[0];
            t += "(o???o)+ " + m.replace( /[0-9a-f]/gi, function(c){ return b[ parseInt( c,16 ) ] + "+ "; } );
        }
        r += t;

    }
    r += "(?Д?)[?o?]) (?Θ?)) ('_');";
    return r;


}

function jjencode( gv, text )
{
    var r="";
    var n;
    var t;
    var b=[ "___", "__$", "_$_", "_$$", "$__", "$_$", "$$_", "$$$", "$___", "$__$", "$_$_", "$_$$", "$$__", "$$_$", "$$$_", "$$$$", ];
    var s = "";
    for( var i = 0; i < text.length; i++ ){
        n = text.charCodeAt( i );
        if( n == 0x22 || n == 0x5c ){
            s += "\\\\\\" + text.charAt( i ).toString(16);
        }else if( (0x20 <= n && n <= 0x2f) || (0x3A <= n == 0x40) || ( 0x5b <= n && n <= 0x60 ) || ( 0x7b <= n && n <= 0x7f ) ){
            s += text.charAt( i );
        }else if( (0x30 <= n && n <= 0x39 ) || (0x61 <= n && n <= 0x66 ) ){
            if( s ) r += "\"" + s +"\"+";
            r += gv + "." + b[ n < 0x40 ? n - 0x30 : n - 0x57 ] + "+";
            s="";
        }else if( n == 0x6c ){ // 'l'
            if( s ) r += "\"" + s + "\"+";
            r += "(![]+\"\")[" + gv + "._$_]+";
            s = "";
        }else if( n == 0x6f ){ // 'o'
            if( s ) r += "\"" + s + "\"+";
            r += gv + "._$+";
            s = "";
        }else if( n == 0x74 ){ // 'u'
            if( s ) r += "\"" + s + "\"+";
            r += gv + ".__+";
            s = "";
        }else if( n == 0x75 ){ // 'u'
            if( s ) r += "\"" + s + "\"+";
            r += gv + "._+";
            s = "";
        }else if( n < 128 ){
            if( s ) r += "\"" + s;
            else r += "\"";
            r += "\\\\\"+" + n.toString( 8 ).replace( /[0-7]/g, function(c){ return gv + "."+b[ c ]+"+" } );
            s = "";
        }else{
            if( s ) r += "\"" + s;
            else r += "\"";
            r += "\\\\\"+" + gv + "._+" + n.toString(16).replace( /[0-9a-f]/gi, function(c){ return gv + "."+b[parseInt(c,16)]+"+"} );
            s = "";
        }
    }
    if( s ) r += "\"" + s + "\"+";

    r = 
    gv + "=~[];" + 
    gv + "={___:++" + gv +",$$$$:(![]+\"\")["+gv+"],__$:++"+gv+",$_$_:(![]+\"\")["+gv+"],_$_:++"+
    gv+",$_$$:({}+\"\")["+gv+"],$$_$:("+gv+"["+gv+"]+\"\")["+gv+"],_$$:++"+gv+",$$$_:(!\"\"+\"\")["+
    gv+"],$__:++"+gv+",$_$:++"+gv+",$$__:({}+\"\")["+gv+"],$$_:++"+gv+",$$$:++"+gv+",$___:++"+gv+",$__$:++"+gv+"};"+
    gv+".$_="+
    "("+gv+".$_="+gv+"+\"\")["+gv+".$_$]+"+
    "("+gv+"._$="+gv+".$_["+gv+".__$])+"+
    "("+gv+".$$=("+gv+".$+\"\")["+gv+".__$])+"+
    "((!"+gv+")+\"\")["+gv+"._$$]+"+
    "("+gv+".__="+gv+".$_["+gv+".$$_])+"+
    "("+gv+".$=(!\"\"+\"\")["+gv+".__$])+"+
    "("+gv+"._=(!\"\"+\"\")["+gv+"._$_])+"+
    gv+".$_["+gv+".$_$]+"+
    gv+".__+"+
    gv+"._$+"+
    gv+".$;"+
    gv+".$$="+
    gv+".$+"+
    "(!\"\"+\"\")["+gv+"._$$]+"+
    gv+".__+"+
    gv+"._+"+
    gv+".$+"+
    gv+".$$;"+
    gv+".$=("+gv+".___)["+gv+".$_]["+gv+".$_];"+
    gv+".$("+gv+".$("+gv+".$$+\"\\\"\"+" + r + "\"\\\"\")())();";

    return r;
}

var _prev;
function keyup( force )
{
    var t = document.getElementById( "src" ).value;
    var d;
    if( _prev != ( t ) || force ){
        d = aaencode( t );
        document.getElementById("dst").value= d;
        _prev = t; 
        document.getElementById( "permalink").setAttribute( "href", 
            location.href.replace( /\?.*$/, "" ) + "?src=" + encodeURIComponent( t ) ); 
        document.getElementById( "eval").setAttribute( "href", "javascript:" + d );
    }
}

function init()
{
    var q = document.location.search && document.location.search.substring( 1 ).split( "&" );
    for( var i = 0; i < q.length; i++ ){
        if( q[ i ].substring( 0, 4 ) == "src=" ){
            document.getElementById( "src" ).value = decodeURIComponent( q[ i ].substring( 4 ) );
        }else if( q[ i ].substring( 0, 4 ) == "var=" ){
            document.getElementById( "var" ).value = decodeURIComponent( q[ i ].substring( 4 ) );
        }

    }
    keyup( true );
    document.getElementById( 'src' ).focus();
}

下面是代碼的簡單分析過程:
從網(wǎng)頁按鈕被按下后瘫怜,首先調(diào)用的是keyup()函數(shù)


找到編碼源代碼中的keyup函數(shù),(在第144行)本刽,然后在第149行和第150行可以看到鲸湃,編碼的具體函數(shù)是aaencode赠涮。

第22行發(fā)現(xiàn)變量r剛好是待解碼的code的前半部分。


從第60行和61行來看暗挑,似乎無論什么代碼笋除,經(jīng)過加密后,都:

  1. ?ω??= /`m′)? ~┻━┻ //*′?`*/ ['_']; o=(???) =_=3; c=(?Θ?) =(???)-(???);開頭
  2. (?Д?)[?o?]) (?Θ?)) ('_');結(jié)尾

24到27行炸裆,還有日語垃它,窩日語就會那么幾句,看不懂


24 ~ 27行

那搜一下在if中出現(xiàn)的r += "X=_=3; ";


沒有找到烹看,說明編碼過程中沒有進入到if語句中国拇,所以if語句不管,接著看下面惯殊。


對著編碼源代碼的第28~47行酱吝,把原題中的代碼分開,結(jié)果:


(講道理土思,現(xiàn)在窩已經(jīng)不覺得顏文字可愛了= =)


然后把剛才報錯的地方復(fù)制一小段:

在分開后的內(nèi)容里查找一下(然后發(fā)現(xiàn)自己其實沒必要分這么多= =):

對照編碼源代碼第29行务热,發(fā)現(xiàn):

仔細看,發(fā)現(xiàn)題目給出的代碼中少了一個小圈浪漠。
補全陕习,得:

?ω??= /`m′)? ~┻━┻   //*′?`*/ ['_']; o=(???)  =_=3; c=(?Θ?) =(???)-(???); (?Д?) =(?Θ?)= (o^_^o)/ (o^_^o);(?Д?)={?Θ?: '_' ,?ω?? : ((?ω??==3) +'_') [?Θ?] ,???? :(?ω??+ '_')[o^_^o -(?Θ?)] ,?Д??:((???==3) +'_')[???] }; (?Д?) [?Θ?] =((?ω??==3) +'_') [c^_^o];(?Д?) ['c'] = ((?Д?)+'_') [ (???)+(???)-(?Θ?) ];(?Д?) ['o'] = ((?Д?)+'_') [?Θ?];(?o?)=(?Д?) ['c']+(?Д?) ['o']+(?ω?? +'_')[?Θ?]+ ((?ω??==3) +'_') [???] + ((?Д?) +'_') [(???)+(???)]+ ((???==3) +'_') [?Θ?]+((???==3) +'_') [(???) - (?Θ?)]+(?Д?) ['c']+((?Д?)+'_') [(???)+(???)]+ (?Д?) ['o']+((???==3) +'_') [?Θ?];(?Д?) ['_'] =(o^_^o) [?o?] [?o?];(?ε?)=((???==3) +'_') [?Θ?]+ (?Д?) .?Д??+((?Д?)+'_') [(???) + (???)]+((???==3) +'_') [o^_^o -?Θ?]+((???==3) +'_') [?Θ?]+ (?ω?? +'_') [?Θ?]; (???)+=(?Θ?); (?Д?)[?ε?]='\\'; (?Д?).?Θ??=(?Д?+ ???)[o^_^o -(?Θ?)];(o???o)=(?ω?? +'_')[c^_^o];(?Д?) [?o?]='\"';(?Д?) ['_'] ( (?Д?) ['_'] (?ε?+(?Д?)[?o?]+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (?Θ?)+ (?Д?)[?ε?]+(?Θ?)+ ((???) + (?Θ?))+ (???)+ (?Д?)[?ε?]+(?Θ?)+ (???)+ ((???) + (?Θ?))+ (?Д?)[?ε?]+(?Θ?)+ ((o^_^o) +(o^_^o))+ ((o^_^o) - (?Θ?))+ (?Д?)[?ε?]+(?Θ?)+ ((o^_^o) +(o^_^o))+ (???)+ (?Д?)[?ε?]+((???) + (?Θ?))+ (c^_^o)+ (?Д?)[?ε?]+(???)+ ((o^_^o) - (?Θ?))+ (?Д?)[?ε?]+(?Θ?)+ ((???) + (?Θ?))+ ((o^_^o) +(o^_^o))+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (o^_^o)+ (?Д?)[?ε?]+(?Θ?)+ ((o^_^o) +(o^_^o))+ (???)+ (?Д?)[?ε?]+(?Θ?)+ (???)+ ((o^_^o) +(o^_^o))+ (?Д?)[?ε?]+(?Θ?)+ ((???) + (o^_^o))+ (o^_^o)+ (?Д?)[?ε?]+(?Θ?)+ ((???) + (?Θ?))+ ((o^_^o) - (?Θ?))+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (?Θ?)+ (?Д?)[?ε?]+(?Θ?)+ ((o^_^o) +(o^_^o))+ ((o^_^o) +(o^_^o))+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (?Θ?)+ (?Д?)[?ε?]+(?Θ?)+ ((o^_^o) +(o^_^o))+ (o^_^o)+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (o^_^o)+ (?Д?)[?ε?]+(?Θ?)+ ((o^_^o) +(o^_^o))+ ((o^_^o) - (?Θ?))+ (?Д?)[?ε?]+(?Θ?)+ ((???) + (?Θ?))+ (?Θ?)+ (?Д?)[?ε?]+(?Θ?)+ ((o^_^o) +(o^_^o))+ (c^_^o)+ (?Д?)[?ε?]+(?Θ?)+ ((o^_^o) +(o^_^o))+ (???)+ (?Д?)[?ε?]+(?Θ?)+ (o^_^o)+ ((???) + (o^_^o))+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (?Θ?)+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (?Θ?)+ (?Д?)[?ε?]+(?Θ?)+ (???)+ ((???) + (?Θ?))+ (?Д?)[?ε?]+(?Θ?)+ ((???) + (?Θ?))+ ((o^_^o) +(o^_^o))+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (o^_^o)+ (?Д?)[?ε?]+(?Θ?)+ ((???) + (?Θ?))+ ((???) + (o^_^o))+ (?Д?)[?ε?]+(?Θ?)+ (???)+ (???)+ (?Д?)[?ε?]+(?Θ?)+ (???)+ ((???) + (?Θ?))+ (?Д?)[?ε?]+(?Θ?)+ ((???) + (o^_^o))+ ((???) + (?Θ?))+ (?Д?)[?ε?]+(???)+ ((o^_^o) - (?Θ?))+ (?Д?)[?ε?]+((???) + (?Θ?))+ (?Θ?)+ (?Д?)[?o?]) (?Θ?)) ('_');

拿到console里跑,得到結(jié)果:

flag

nctf{javascript aaencode}

提交址愿,發(fā)現(xiàn)不對该镣,拿到aadecode在線解碼的網(wǎng)站,解碼后响谓,得到結(jié)果:

flag

所以最后的flag為nctf{javascript_aaencode}

關(guān)于Chrome不顯示下劃線的問題

Chrome 53之前:

  1. 地址欄輸入 chrome://flags/#enable-direct-write
  2. 回車
  3. 禁用DirectWrite

Chrome 53及以上版本:
目前沒看到解決辦法= =

最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請聯(lián)系作者
  • 序言:七十年代末损合,一起剝皮案震驚了整個濱河市,隨后出現(xiàn)的幾起案子娘纷,更是在濱河造成了極大的恐慌嫁审,老刑警劉巖,帶你破解...
    沈念sama閱讀 216,470評論 6 501
  • 序言:濱河連續(xù)發(fā)生了三起死亡事件赖晶,死亡現(xiàn)場離奇詭異律适,居然都是意外死亡,警方通過查閱死者的電腦和手機遏插,發(fā)現(xiàn)死者居然都...
    沈念sama閱讀 92,393評論 3 392
  • 文/潘曉璐 我一進店門捂贿,熙熙樓的掌柜王于貴愁眉苦臉地迎上來,“玉大人胳嘲,你說我怎么就攤上這事厂僧。” “怎么了了牛?”我有些...
    開封第一講書人閱讀 162,577評論 0 353
  • 文/不壞的土叔 我叫張陵颜屠,是天一觀的道長辰妙。 經(jīng)常有香客問我,道長甫窟,這世上最難降的妖魔是什么密浑? 我笑而不...
    開封第一講書人閱讀 58,176評論 1 292
  • 正文 為了忘掉前任,我火速辦了婚禮粗井,結(jié)果婚禮上肴掷,老公的妹妹穿的比我還像新娘。我一直安慰自己背传,他們只是感情好,可當我...
    茶點故事閱讀 67,189評論 6 388
  • 文/花漫 我一把揭開白布台夺。 她就那樣靜靜地躺著径玖,像睡著了一般。 火紅的嫁衣襯著肌膚如雪颤介。 梳的紋絲不亂的頭發(fā)上梳星,一...
    開封第一講書人閱讀 51,155評論 1 299
  • 那天,我揣著相機與錄音滚朵,去河邊找鬼冤灾。 笑死,一個胖子當著我的面吹牛辕近,可吹牛的內(nèi)容都是我干的韵吨。 我是一名探鬼主播,決...
    沈念sama閱讀 40,041評論 3 418
  • 文/蒼蘭香墨 我猛地睜開眼移宅,長吁一口氣:“原來是場噩夢啊……” “哼归粉!你這毒婦竟也來了?” 一聲冷哼從身側(cè)響起漏峰,我...
    開封第一講書人閱讀 38,903評論 0 274
  • 序言:老撾萬榮一對情侶失蹤糠悼,失蹤者是張志新(化名)和其女友劉穎,沒想到半個月后浅乔,有當?shù)厝嗽跇淞掷锇l(fā)現(xiàn)了一具尸體倔喂,經(jīng)...
    沈念sama閱讀 45,319評論 1 310
  • 正文 獨居荒郊野嶺守林人離奇死亡,尸身上長有42處帶血的膿包…… 初始之章·張勛 以下內(nèi)容為張勛視角 年9月15日...
    茶點故事閱讀 37,539評論 2 332
  • 正文 我和宋清朗相戀三年靖苇,在試婚紗的時候發(fā)現(xiàn)自己被綠了席噩。 大學(xué)時的朋友給我發(fā)了我未婚夫和他白月光在一起吃飯的照片。...
    茶點故事閱讀 39,703評論 1 348
  • 序言:一個原本活蹦亂跳的男人離奇死亡顾复,死狀恐怖班挖,靈堂內(nèi)的尸體忽然破棺而出,到底是詐尸還是另有隱情芯砸,我是刑警寧澤萧芙,帶...
    沈念sama閱讀 35,417評論 5 343
  • 正文 年R本政府宣布给梅,位于F島的核電站,受9級特大地震影響双揪,放射性物質(zhì)發(fā)生泄漏动羽。R本人自食惡果不足惜,卻給世界環(huán)境...
    茶點故事閱讀 41,013評論 3 325
  • 文/蒙蒙 一渔期、第九天 我趴在偏房一處隱蔽的房頂上張望运吓。 院中可真熱鬧,春花似錦疯趟、人聲如沸拘哨。這莊子的主人今日做“春日...
    開封第一講書人閱讀 31,664評論 0 22
  • 文/蒼蘭香墨 我抬頭看了看天上的太陽倦青。三九已至,卻和暖如春盹舞,著一層夾襖步出監(jiān)牢的瞬間产镐,已是汗流浹背。 一陣腳步聲響...
    開封第一講書人閱讀 32,818評論 1 269
  • 我被黑心中介騙來泰國打工踢步, 沒想到剛下飛機就差點兒被人妖公主榨干…… 1. 我叫王不留癣亚,地道東北人。 一個月前我還...
    沈念sama閱讀 47,711評論 2 368
  • 正文 我出身青樓获印,卻偏偏與公主長得像述雾,于是被迫代替她去往敵國和親。 傳聞我的和親對象是個殘疾皇子蓬豁,可洞房花燭夜當晚...
    茶點故事閱讀 44,601評論 2 353

推薦閱讀更多精彩內(nèi)容