当前位置:网站首页>Ocean CMS vulnerability - search php
Ocean CMS vulnerability - search php
2022-07-03 13:45:00 【this is hhhhp】
stay i Made in spring and Autumn CTF The topic , There is one “ Baidu Cup ”CTF match September The title of is Test, yes web type .
Open and find the ocean CMS:
See is cms, Immediately searched the ocean CMS Loophole , Found a lot on the Internet , Mainly search.php Vulnerability .
Start solving the problem :
1. Click any one in the query bar :
See such a url, You can construct a payload:
I don't know why ······
2. Kitchen knife connection
Then you can connect it directly with a kitchen knife
No, flag, It should be in the database ,
find search.php, Open it and see. :
The discovery contains common.php This file , Keep looking :
Here is the path of the database configuration file , To find out :
Configure kitchen knife , Connect to database :
Change the query statement :
Successfully get flag.
边栏推荐
- Flutter dynamic | fair 2.5.0 new version features
- KEIL5出现中文字体乱码的解决方法
- 106. 如何提高 SAP UI5 应用路由 url 的可读性
- Brief analysis of tensorboard visual processing cases
- IBEM 数学公式检测数据集
- 全面发展数字经济主航道 和数集团积极推动UTONMOS数藏市场
- 实现CNN图像的识别和训练通过tensorflow框架对cifar10数据集等方法的处理
- Tutoriel PowerPoint, comment enregistrer une présentation sous forme de vidéo dans Powerpoint?
- Resolved (error in viewing data information in machine learning) attributeerror: target_ names
- Error running 'application' in idea running: the solution of command line is too long
猜你喜欢
Logseq 评测:优点、缺点、评价、学习教程
8皇后问题
Road construction issues
When updating mysql, the condition is a query
Servlet
MySQL
Introduction to the implementation principle of rxjs observable filter operator
Flutter dynamic | fair 2.5.0 new version features
Flink SQL knows why (19): the transformation between table and datastream (with source code)
Golang — 命令行工具cobra
随机推荐
KEIL5出现中文字体乱码的解决方法
The shortage of graphics cards finally came to an end: 3070ti for more than 4000 yuan, 2000 yuan cheaper than the original price, and 3090ti
Asp. Net core1.1 without project JSON, so as to generate cross platform packages
Flink SQL knows why (17): Zeppelin, a sharp tool for developing Flink SQL
JS 将伪数组转换成数组
SVN添加文件时的错误处理:…\conf\svnserve.conf:12: Option expected
SQL Injection (POST/Select)
Spark practice 1: build spark operation environment in single node local mode
Flink code is written like this. It's strange that the window can be triggered (bad programming habits)
Realize the recognition and training of CNN images, and process the cifar10 data set and other methods through the tensorflow framework
Box layout of Kivy tutorial BoxLayout arranges sub items in vertical or horizontal boxes (tutorial includes source code)
Logseq evaluation: advantages, disadvantages, evaluation, learning tutorial
MySQL_ JDBC
Unity embeddedbrowser browser plug-in event communication
服务器硬盘冷迁移后网卡无法启动问题
编程内功之编程语言众多的原因
MapReduce实现矩阵乘法–实现代码
用户和组命令练习
实现CNN图像的识别和训练通过tensorflow框架对cifar10数据集等方法的处理
Introduction to the implementation principle of rxjs observable filter operator