当前位置:网站首页>[BJDCTF2020]Easy MD5
[BJDCTF2020]Easy MD5
2022-07-26 16:10:00 【Baita River surfer】
Enter the environment 
Check the source code hint
Pop down the directory and find nothing
Packet capturing found that the response header has hint
password Corresponding to the previous input box parameters
You can bypass md5 Function to make it constant truth
namely password='xxx'or Just numbers
Input ffifdyop Bypass
Source code tips
<!--
$a = $GET['a'];
$b = $_GET['b'];
if($a != $b && md5($a) == md5($b)){
// wow, glzjin wants a girl friend.
-->
Here we use arrays to bypass ?a[]=1&&b[]=2
<?php
error_reporting(0);
include "flag.php";
highlight_file(__FILE__);
if($_POST['param1']!==$_POST['param2']&&md5($_POST['param1'])===md5($_POST['param2'])){
echo $flag;
}
It's almost replaced here post The ginseng
param1[]=1¶m2[]=2
边栏推荐
猜你喜欢
Development and implementation of campus epidemic prevention and control management system based on SSM
2022年最新北京建筑安全员模拟题库及答案
换把人体工学椅,缓解久坐写代码的老腰吧~
Refuse noise, the entry journey of earphone Xiaobai
German EMG e-anji thruster ed301/6 HS
2022 test questions and answers for the latest national fire facility operator (senior fire facility operator)
我们被一个 kong 的性能 bug 折腾了一个通宵
基于SSM开发实现校园疫情防控管理系统
Implementation of personalized healthy diet recommendation system based on SSM
parker泵PV140R1K1T1PMMC
随机推荐
Vs2019debug mode too laggy can't enter the breakpoint
First knowledge of OpenGL (2) compilation shaders
German EMG e-anji thruster ed301/6 HS
测试用例千万不能随便,记录由一个测试用例异常引起的思考
I would like to ask you guys, how to specify the character set of MySQL CDC tables? I can't find the corresponding connector parameters on the official website. I read one
PAT甲级 1049 Counting Ones
Some cutting-edge research work sharing of SAP ABAP NetWeaver containerization
2022 test questions and answers for the latest national fire facility operator (senior fire facility operator)
一款可视化浏览器历史的 Firefox/Chrome 插件
[tool sharing] automatic generation of file directory structure tool mddir
Teach the big model to skip the "useless" layer and improve the reasoning speed × 3. The performance remains unchanged, and the new method of Google MIT is popular
Understanding weight sharing in convolutional neural networks
十周岁生日快乐,Clojure
想让照片中的云飘起来?视频编辑服务一键动效3步就能实现
PAT甲级 1044 Shopping in Mars
Development daily summary (11): file upload function improvement: Chinese character detection and text content processing
js 对数组操作的 API 总结
PAT甲级 1047 Student List for Course
Is it safe for Guoyuan futures to open an account online? What is the account opening process?
物联网工业级串口转WiFi转网口转以太网模块的选型