当前位置:网站首页>Ctfhub web information disclosure directory traversal
Ctfhub web information disclosure directory traversal
2022-06-25 06:40:00 【Long street 395】
Here we have two ways :
1. Manually open the files one by one to find
2. Use python Code crawl web site files
I use the second method :
import requests
url = "http://challenge-011f662b1a24880f.sandbox.ctfhub.com:10800/flag_in_here"
for i in range(5):
for j in range(5):
url_final = url + "/" + str(i) + "/" + str(j)
r = requests.get(url_final)
r.encoding = "utf-8"
get_file = r.text
if "flag.txt" in get_file:
print(url_final)
So the output contains flag.txt Link to
Click the link , You can get flag
flag by :
ctfhub{9313b9e3a2b2169610bc4ec4}Tips:requests.get You can get information about web pages
r.text It's a web page HTML Code
Finally, judge flag.txt Whether in a link
The reference link here is :http://Admiralll https://www.bilibili.com/read/cv15764985 Source :bilibili
边栏推荐
- JSON. toJSONString(object, SerializerFeature.WriteMapNullValue); Second parameter action
- ASP. Net core - encrypted configuration in asp NET Core
- Preliminary practice of niuke.com (summary)
- Derivation of COS (a+b) =cosa*cosb-sina*sinb
- 了解zbrush雕刻软件,以及游戏建模的分析
- How to chain multiple different InputStreams into one InputStream
- Derivation of sin (a-b) =sina*cosb-sinb*cosa
- sin(a-b)=sina*cosb-sinb*cosa的推导过程
- We cannot activate inspection type for article master in transaction code MM41?
- Face++ realizes face detection by flow
猜你喜欢
JSON. toJSONString(object, SerializerFeature.WriteMapNullValue); Second parameter action
Cs5092 5V USB input boost two section lithium battery charging management IC, SOT23-6 miniature package
Zero foundation wants to learn web security, how to get started?
sin(a-b)=sina*cosb-sinb*cosa的推导过程
VMware virtual machine prompt: the virtual device ide1:0 cannot be connected because there is no corresponding device on the host.
How to use asemi FET 7n80 and how to use 7n80
joda.time获取日期总结
直接选择排序和快速排序
3dmax软件的制作木桶过程:三步流程
How two hosts in different network segments directly connected communicate
随机推荐
Understand what ICMP Protocol is
Which of the top ten securities companies has the lowest Commission and is the most safe and reliable? Do you know anything
[200 opencv routines of youcans] 104 Motion blur degradation model
Can TCP syn handshake messages transmit data
Kotlin reflection -- Notes
Zhinai's database
Face++ realizes face detection by flow
Power representation in go language
How to record a database [closed] - how to document a database [closed]
The "&" character will destroy the data stored in the web The "&" character breaks passwords that are stored in the web config
delphi-UUID
JD 8 fleet stores search history, deletes history, clears history (not finished)
Sword finger offer II 095 Longest common subsequence
Is the number of indexes in a table the more the better?
レレ / 蕾蕾
R & D thinking 07 - embedded intelligent product safety certification required
[speech discrimination] discrimination of speech signals based on MATLAB double threshold method [including Matlab source code 1720]
聚类和分类的最基本区别。
System dilemma and software complexity: Why are our systems so complex?
Your local changes to the following files would be overwritten by merge: .vs/slnx.sqlite