当前位置:网站首页>[BJDCTF2020]Easy MD5
[BJDCTF2020]Easy MD5
2022-07-26 16:10:00 【Baita River surfer】
Enter the environment 
Check the source code hint
Pop down the directory and find nothing
Packet capturing found that the response header has hint
password Corresponding to the previous input box parameters
You can bypass md5 Function to make it constant truth
namely password='xxx'or Just numbers
Input ffifdyop Bypass
Source code tips
<!--
$a = $GET['a'];
$b = $_GET['b'];
if($a != $b && md5($a) == md5($b)){
// wow, glzjin wants a girl friend.
-->
Here we use arrays to bypass ?a[]=1&&b[]=2
<?php
error_reporting(0);
include "flag.php";
highlight_file(__FILE__);
if($_POST['param1']!==$_POST['param2']&&md5($_POST['param1'])===md5($_POST['param2'])){
echo $flag;
}
It's almost replaced here post The ginseng
param1[]=1¶m2[]=2
边栏推荐
- SAP ABAP Netweaver 容器化的一些前沿性研究工作分享
- This article explains in detail the discovery and processing of bigkey and hotkey in redis
- 物联网工业级串口转WiFi转网口转以太网模块的选型
- PAT甲级 1044 Shopping in Mars
- Teach the big model to skip the "useless" layer and improve the reasoning speed × 3. The performance remains unchanged, and the new method of Google MIT is popular
- “核弹级” Log4j 漏洞仍普遍存在,并造成持续影响
- Is CICC Fortune Securities safe? How long does it take to open an account
- Musk was exposed to be the founder of Google: he broke up his best friend's second marriage and knelt down to beg for forgiveness
- 国元期货网上开户安全吗?开户办理流程是怎样的?
- Bugku login2
猜你喜欢
parker电磁阀D1VW020DNYPZ5
如何通过ETL调度工具 TASKCTL 使用作业插件类型调用 kettle作业?
2022年全国最新消防设施操作员(高级消防设施操作员)考试试题及答案
Google Earth engine - merra-2 m2t1nxaer: aerosol daily data set from 1980 to 2022
OSPF comprehensive experiment
.net get injection object manually
2022年最新西藏建筑施工架子工(建筑特种作业)模拟考试试题及答案
2022 latest Beijing Construction Safety Officer simulation question bank and answers
德国EMG易安基推动器ED301/6 HS
![[tool sharing] automatic generation of file directory structure tool mddir](/img/bc/1071c0dfb20d16f5fdde641092c1af.png)
[tool sharing] automatic generation of file directory structure tool mddir
随机推荐
OSPF comprehensive experiment
CAD进阶练习题(一)
SAP ABAP 守护进程的实现方式
【DSCTF2022】pwn补题记录
Google Earth engine - merra-2 m2t1nxlv: 1980 present global pressure, temperature, wind and other data sets
基于SSM实现个性化健康饮食推荐系统
[dsctf2022] PWN supplementary question record
换把人体工学椅,缓解久坐写代码的老腰吧~
We were tossed all night by a Kong performance bug
I would like to ask you guys, how to specify the character set of MySQL CDC tables? I can't find the corresponding connector parameters on the official website. I read one
Tutorial (7.0) 05. Issue forticlient * forticlient EMS * Fortinet network security expert NSE 5 through forticlient EMS
Build resume editor based on Nocode
Is it safe for CICC fortune to speculate in stocks? The securities company with the cheapest handling fee
泰山OFFICE技术讲座:WORD的缩放比例与显示略有差异
2022 latest Tibet Construction scaffolder (construction special operation) simulation exam questions and answers
使用 ClojureScript 开发浏览器插件的过程与收获
【工具分享】自动生成文件目录结构工具mddir
ROS问题及解决方案——依赖包安装以及无法修正错误
修改mysql数据库root用户的密码
哪本书才是编程领域的“九阴真经”