当前位置:网站首页>Ocean CMS vulnerability - search php
Ocean CMS vulnerability - search php
2022-07-03 13:45:00 【this is hhhhp】
stay i Made in spring and Autumn CTF The topic , There is one “ Baidu Cup ”CTF match September The title of is Test, yes web type .
Open and find the ocean CMS:
See is cms, Immediately searched the ocean CMS Loophole , Found a lot on the Internet , Mainly search.php Vulnerability .
Start solving the problem :
1. Click any one in the query bar :
See such a url, You can construct a payload:
I don't know why ······
2. Kitchen knife connection
Then you can connect it directly with a kitchen knife
No, flag, It should be in the database ,
find search.php, Open it and see. :
The discovery contains common.php This file , Keep looking :
Here is the path of the database configuration file , To find out :
Configure kitchen knife , Connect to database :
Change the query statement :
Successfully get flag.
边栏推荐
- 树的深入和广度优先遍历(不考虑二叉树)
- Flutter动态化 | Fair 2.5.0 新版本特性
- The R language GT package and gtextras package gracefully and beautifully display tabular data: nflreadr package and gt of gtextras package_ plt_ The winloss function visualizes the win / loss values
- 【556. 下一个更大元素 III】
- pytorch 载入历史模型时更换gpu卡号,map_location设置
- The principle of human voice transformer
- CVPR 2022 | 美团技术团队精选6篇优秀论文解读
- Road construction issues
- Students who do not understand the code can also send their own token, which is easy to learn BSC
- Unity embeddedbrowser browser plug-in event communication
猜你喜欢
This math book, which has been written by senior ml researchers for 7 years, is available in free electronic version
Libuv Library - Design Overview (Chinese version)
今日睡眠质量记录77分
![[redis] cache warm-up, cache avalanche and cache breakdown](/img/df/81f38087704de36946b470f68e8004.jpg)
[redis] cache warm-up, cache avalanche and cache breakdown
Comprehensively develop the main channel of digital economy and digital group, and actively promote the utonmos digital Tibet market
Error running 'application' in idea running: the solution of command line is too long
![[how to solve FAT32 when the computer is inserted into the U disk or the memory card display cannot be formatted]](/img/95/09552d33d2a834af4d304129714775.png)
[how to solve FAT32 when the computer is inserted into the U disk or the memory card display cannot be formatted]
Logseq 评测:优点、缺点、评价、学习教程
Golang — 命令行工具cobra
18W word Flink SQL God Road manual, born in the sky
随机推荐
双向链表(我们只需要关注插入和删除函数)
Comprehensive evaluation of double chain notes remnote: fast input, PDF reading, interval repetition / memory
SwiftUI 开发经验之作为一名程序员需要掌握的五个最有力的原则
Mysql database basic operation - regular expression
71 articles on Flink practice and principle analysis (necessary for interview)
MySQL_ JDBC
Golang — template
PowerPoint 教程,如何在 PowerPoint 中將演示文稿另存為視頻?
Flutter动态化 | Fair 2.5.0 新版本特性
Today's sleep quality record 77 points
NFT new opportunity, multimedia NFT aggregation platform okaleido will be launched soon
网上开户哪家证券公司佣金最低,我要开户,网上客户经理开户安全吗
Task5: multi type emotion analysis
NFT新的契机,多媒体NFT聚合平台OKALEIDO即将上线
Comprehensively develop the main channel of digital economy and digital group, and actively promote the utonmos digital Tibet market
Realize the recognition and training of CNN images, and process the cifar10 data set and other methods through the tensorflow framework
Static linked list (subscript of array instead of pointer)
MapReduce实现矩阵乘法–实现代码
Father and basketball
MySQL constraints