当前位置:网站首页>Buuctf, web:[geek challenge 2019] buyflag
Buuctf, web:[geek challenge 2019] buyflag
2022-07-03 22:08:00 【Part 02】
attention
If you want to buy the FLAG:
You must be a student from CUIT!!!
You must be answer the correct password!!!Only Cuit's students can buy the FLAG
Three tips , buy , use money=100000000, It's a CUIT Of the students , Correct password
Source code
~~~post money and password~~~
if (isset($_POST['password']))
{
$password = $_POST['password'];
if (is_numeric($password))
{
echo "password can't be number</br>";
}
elseif ($password == 404)
{
echo "Password Right!</br>";
}
}Weak comparison
password=404a
This is the code
Grab the bag post Still no response , The second tip is useless , Students can only correspond to cookie Of user
Change it to 1
Three conditions meet two ,money The parameter is too long
Use scientific counting method to get flag, Operation not available
flag{baf3e10e-319b-4315-a300-09be81b69856}
边栏推荐
- The latest analysis of crane driver (limited to bridge crane) in 2022 and the test questions and analysis of crane driver (limited to bridge crane)
- Decompile and modify the non source exe or DLL with dnspy
- China's coal industry investment strategic planning future production and marketing demand forecast report Ⓘ 2022 ~ 2028
- English topic assignment (28)
- 常用sql集合
- DOM light switch case
- MySQL——JDBC
- Is it safe and reliable to open an account and register for stock speculation? Is there any risk?
- How does sentinel, a traffic management artifact, make it easy for business parties to access?
- UC Berkeley proposes a multitask framework slip
猜你喜欢
IPhone development swift foundation 09 assets
Collections SQL communes
Why use pycharm to run the use case successfully but cannot exit?
90 後,辭職創業,說要卷死雲數據庫
Yyds dry inventory hcie security Day12: concept of supplementary package filtering and security policy
![[SRS] build a specified version of SRS](/img/01/0d2d762e01b304220b8924d20277e3.jpg)
[SRS] build a specified version of SRS
Code in keil5 -- use the code formatting tool astyle (plug-in)
What is the difference between res.send() and res.end() in the node express framework
Kali2021.4a build PWN environment
Nacos common configuration
随机推荐
Yyds dry inventory hcie security Day12: concept of supplementary package filtering and security policy
Oil monkey plug-in
抓包整理外篇——————autoResponder、composer 、statistics [ 三]
Summary of basic knowledge of exception handling
使用dnSpy對無源碼EXE或DLL進行反編譯並且修改
Global and Chinese market of wireless hard disk 2022-2028: Research Report on technology, participants, trends, market size and share
Redis single thread and multi thread
使用dnSpy对无源码EXE或DLL进行反编译并且修改
Is it safe and reliable to open an account and register for stock speculation? Is there any risk?
Functions and differences between static and Const
DR882-Qualcomm-Atheros-QCA9882-2T2R-MIMO-802.11ac-Mini-PCIe-Wi-Fi-Module-5G-high-power
Yyds dry inventory Chapter 4 of getting started with MySQL: data types that can be stored in the data table
[dynamic programming] Jisuan Ke: Jumping stake (variant of the longest increasing subsequence)
Data consistency between redis and database
The latest analysis of crane driver (limited to bridge crane) in 2022 and the test questions and analysis of crane driver (limited to bridge crane)
2022 safety officer-a certificate registration examination and summary of safety officer-a certificate examination
Leetcode problem solving - 235 Nearest common ancestor of binary search tree
2022 safety officer-b certificate examination summary and safety officer-b certificate simulation test questions
What indicators should be paid attention to in current limit monitoring?
Collections SQL communes