当前位置:网站首页>2021/11/6-burpsuit packet capturing and web page source code modification
2021/11/6-burpsuit packet capturing and web page source code modification
2022-06-26 04:20:00 【Seven seven -l】
2021/11/6 Attack and defend the world
WEB
1.cookie
Open the web page 
utilize burpsuit Grab the bag 
Line eight :cookie:look-here=cookie.php
Then on the web page IP Add url Suffix name cookie.php Refresh the page again and capture the package 
Get this interface , stay burpsuit,HTTP In response, we get flag
2.disabled_button
Open the web page 
Get a button that can't be pressed
Ctrl-u Open the web page source code , To discover its existence disabled attribute ( It can be set so that the button cannot be pressed ), Modify the web page source code to delete disabled attribute
Modify the web page source code method :
Save as web page to desktop , Right click to select open mode and open its source code with a notebook , Save the code after modifying the source code , Open a new web page again , Modification successful 
Delete disabled attribute ( That is, the selected part )
At this point, you can click the button to get flag
边栏推荐
- 小程序中实现视频通话及互动直播功能
- Sorting out the examination sites of the 13th Blue Bridge Cup single chip microcomputer objective questions
- 【QT】对话框dialog
- 线程同步之读写锁
- Go SQL parsing time Time type
- Your requirements could not be resolved
- [Qunhui] Internet access + custom port
- After a test of 25K bytes, I really saw the basic ceiling
- [Qunhui] import certificate
- 35岁程序员炒Luna 千万资产3天归零,网友:和赌博一样
猜你喜欢
Read / write lock for thread synchronization
35 year old programmer fired Luna millions of assets and returned to zero in three days. Netizen: it's the same as gambling
In 2022, what professional competitions can college students majoring in automation, electrical engineering and automation participate in?
微软禁止俄用户下载安装Win10/11
Part 4: drawing quadrilateral
Install cenos in the virtual machine
![Notes on enterprise wechat development [original]](/img/66/cd83f4f86b7c42921db45f07957c15.jpg)
Notes on enterprise wechat development [original]
Mysql8.0 configuring my SQL in INI file_ mode=NO_ AUTO_ CREATE_ User can start
小程序中实现视频通话及互动直播功能
使用Jsoup提取接口中的图片
随机推荐
CTF crypto (I) some simple encoding and encryption
Mobile terminal pull-down loading pull-down loading data
Ipvs0 network card of IPVS
go语言泛型在IDE中语法报错
Mutex of thread synchronization (mutex)
Analysis report on development trend and market demand of global and Chinese molecular diagnostics industry from 2022 to 2028
Knowledge of functions
Go SQL parsing time Time type
Minecraft 1.16.5 生化8 模组 1.9版本 1.18版本同步
Analysis of updatechild principle of widget update mechanism of fluent
What if the serial port fails to open when the SCM uses stc-isp to download software?
Computer network high frequency interview questions
Threejs special sky box materials, five kinds of sky box materials are downloaded for free
Clickhouse stand alone installation
Matplotlib line chart, text display, win10
Analysis report on the development trend and operation status of China's environmental monitoring instrument industry from 2022 to 2028
Realize video call and interactive live broadcast in the applet
Development prospect and investment strategic planning report of global and Chinese PVC hose industry from 2022 to 2028
Knowledge of SQL - database design, backup and restore
线程同步之条件变量