当前位置:网站首页>[BJDCTF2020]Easy MD5
[BJDCTF2020]Easy MD5
2022-07-26 15:58:00 【白塔河冲浪手】
进入环境
查看源代码没有hint
爆下目录没发现什么
抓包发现响应头有hint
password与之前的输入框参数对应
这里可以绕过md5函数使其为恒真
即password='xxx'or 数字就行
输入ffifdyop绕过
源代码提示
<!--
$a = $GET['a'];
$b = $_GET['b'];
if($a != $b && md5($a) == md5($b)){
// wow, glzjin wants a girl friend.
-->
这里用数组绕过?a[]=1&&b[]=2
<?php
error_reporting(0);
include "flag.php";
highlight_file(__FILE__);
if($_POST['param1']!==$_POST['param2']&&md5($_POST['param1'])===md5($_POST['param2'])){
echo $flag;
}
这里也差不多换成post传参
param1[]=1¶m2[]=2
边栏推荐
- zabbix 6.2.0部署
- 绘制漂亮的中学操场轮廓,生成带经纬度数据
- Jmeter快速上手之接口测试
- 测试用例千万不能随便,记录由一个测试用例异常引起的思考
- 中金财富炒股安全吗 手续费最便宜的证券公司
- Jointly discuss the opening of public data, and the "digital document scheme" appeared at the digital China Construction Summit
- 小哥自创AI防拖延系统,一玩手机就被“闪瞎” | Reddit高热
- 潘多拉 IOT 开发板学习(RT-Thread)—— 实验17 ESP8266 实验(学习笔记)
- 邻接矩阵的COO格式
- 机器人手眼标定Ax=xB(eye to hand和eye in hand)及平面九点法标定
猜你喜欢
PS + PL heterogeneous multicore case development manual for Ti C6000 tms320c6678 DSP + zynq-7045 (4)
Paper: all models are wrong, but many are useful: all models are wrong, but many are useful: understand the importance of variables by studying a whole class of prediction models at the same time
阿里巴巴一面 :十道经典面试题解析
Sklearn clustering clustering
基于SSM实现个性化健康饮食推荐系统
Tutorial (7.0) 05. Issue forticlient * forticlient EMS * Fortinet network security expert NSE 5 through forticlient EMS
【万字长文】使用 LSM-Tree 思想基于.Net 6.0 C# 实现 KV 数据库(案例版)
Musk was exposed to be the founder of Google: he broke up his best friend's second marriage and knelt down to beg for forgiveness
Yushenle's learning record: the first project of SOC FPGA -hello world
潘多拉 IOT 开发板学习(RT-Thread)—— 实验17 ESP8266 实验(学习笔记)
随机推荐
测试用例千万不能随便,记录由一个测试用例异常引起的思考
Implementation of SAP ABAP daemon
C# 给Word每一页设置不同文字水印
FTP协议
基于SSM开发实现校园疫情防控管理系统
Google Earth Engine——MERRA-2 M2T1NXSLV:1980-至今全球压力、温度、风等数据集
【物理模拟】最简单的shape matching的原理与实践
tensorboard多个events文件显示紊乱的解决办法
Question collection come and ask nllb authors! (Zhiyuan live issue 24)
理解卷积神经网络中的权值共享
关于我写的IDEA插件能一键生成service,mapper....这件事(附源码)
Jointly discuss the opening of public data, and the "digital document scheme" appeared at the digital China Construction Summit
We were tossed all night by a Kong performance bug
Implementation of personalized healthy diet recommendation system based on SSM
Digital warehouse: iqiyi digital warehouse platform construction practice
物联网工业级串口转WiFi转网口转以太网模块的选型
TKE集群节点max-pod是如何配置的
Encryption model
机器人手眼标定Ax=xB(eye to hand和eye in hand)及平面九点法标定
Coo format of adjacency matrix