Answer to the second stage of the assignment of "information security management and evaluation" of the higher vocational group of the 2018 Jiangsu Vocational College skills competition

Standard for evaluation

• The file contains vulnerability attack and defense
  1. flag{707aldu7lz}        20 branch

Through the audit code , structure url, obtain flag

1. 1. flag{yps4fg13zb}       20 branch

adopt php Input stream execution php Code , Get all files in the current directory

1. 1. Flag{@jtcm5skp}       20 branch

Read the encrypted source code , And then use hackbar Decrypt , obtain flag

1. 1. flag{g61n2lr7lp}             20 branch

View the files in the current directory , Find out flag.zip

Get current directory path , by c:\www

Read... In the compressed file zip.txt file

1. 1. stay xp To create a txt file , Write the following code         10 branch

Because it is forbidden to include url With medium http, So build ftp To include    10 branch

• Web Penetration test
  1. flag{password is admin123}       20 branch

1. 1. flag{right backstage}            20 branch

1. 1. flag{upload successfully}            20 branch

1. 1. flag{Good Job}          20 branch

1. 1. flag{dcn$}            20 branch

• ARP Protocol security attack and defense
  1. arp –a see kali and DCFW Of ip And mac          20 branch

1. 1. launch ARP Spoofing After the attack ,arp –a see kali and DCFW Of ip And mac, Find out ip Different ,mac identical           20 branch

1. 1. echo 1 > /proc/sys/net/ipv4/ip_forward Open the forward    5 branch

Catch post package , Get the plaintext account password              15 branch

1. 1. Open under the global situation am enable           5 branch

Enter the configuration under the interface ：

am port               5 branch

am mac-ip-pool  MAC  IP         10 branch

1. 1. Proceed again arp cheating , then mac No change           20 branch

Four ． Mission 4  CTF

1）Flag{W31c0met0j51t}  20 branch

2） Flag{tr1pl3k1ll}  30 branch

find flag word 10 branch

Successfully found flag{tr1pl3k1ll}  20 branch

 3） Flag{14mWh1t3H4t}  50 branch

Put the picture in Binwalk View in   10 branch

Base64 Decrypt   10 branch

 Rot13 Decrypt , obtain Flag  30 branch