当前位置:网站首页>-Web direction attack and defense world
-Web direction attack and defense world
2022-07-05 13:54:00 【Cwxh0125】
The first question is view_source
Title Description :X The teacher asked Xiaoning to check the source code of a web page , But Xiaoning found that the right mouse button seems to be useless
“F12” Look at the source code in the viewer and find flag.
The second question is robots agreement
Title Description :X The teacher said in class Robots agreement , Xiaoning is dozing off in class , Hurry to teach Xiao Ning Robots What is the agreement .
Robots agreement , Also known as the crawler protocol 、 Robot protocol, etc , The whole is called “ Exclusion criteria for web crawlers (Robots Exclusion Protocol)”. Website through Robots The protocol tells search engines which pages to grab , Which pages can't be crawled . It's also Robots There are two ways of using , One is to tell search engines which pages you can't catch ( By default, others can be caught ); One is to tell search engines which pages you can only crawl ( By default, others cannot be caught ).
View the robots.txt file Here's the picture
next Manually open this file that cannot be crawled
Third question . backup
Title Description :X The teacher forgot to delete the backup file , He sent Xiao Ning to find out the backup files , Let's help Xiao Ning !
The suffix of the backup file is .bak
Check the backup file of the modified file /index.php.bak
Open it and you'll see flag
Fourth question cookie
Title Description :X The teacher told Xiao Ning that he was cookie There's something in it , Xiao Ning thought doubtfully :‘ Is that what sandwich biscuits mean ?’
Cookie It's a plain text file saved on the client side . such as txt file . The so-called client is our own local computer . When we use our computer to access web pages through a browser , The server will generate a certificate and return it to my browser and write it to our local computer . This certificate is cookie. Generally speaking cookie All are plain text files written by the server to the client .
Open here cookie Find a cookie.php file open
Fifth question .disabled_button
Title Description :X The teacher talked about the front-end knowledge in class today , Then I give you a button that you can't press , Xiao Ning is surprised to find that the button can't be pressed , How on earth can I press it ?
disabled Property specification should disable input Elements .
Forbidden input Elements are not available , You can't click .
Delete " disable="" " Then you can click the button , After clicking, the effect is as follows
Sixth question .weak_auth
Title Description : Xiaoning wrote a login verification page , Set a password at will .
Investigate the explosion of passwords
Method 1 : Because it is set casually Try some simple passwords
Method 2 : utilize burp Brute force
First, casually lose
use burp Grab the bag
Use a dictionary Brute force
According to the byte length and the returned data Find the password
Question seven .simple_php
Title Description : Xiaoning heard that php Is the best language , So she wrote a few lines after a simple study php Code .
Give to separately a b assignment obtain flag
The eighth question .get_post
Title Description :X The teacher told Xiao Ning that HTTP There are usually two request methods , Do you know which two ?
Use get and post The ginseng
Question 9 .xff_referer
Title Description :X The teacher told Xiao Ning that xff and referer It can be forged .
X-Forwarded-For(XFF) Is used to identify the pass HTTP agent or Load balancing Way to connect to Web The server The most original client IP Address Of HTTP Request header field . Squid Developers of the caching proxy server were the first to introduce this HTTP Header fields , And by the IETF stay HTTP The draft standardization of header fields was formally proposed .
HTTP Referer yes header Part of , When browser towards web The server When the request is sent , Usually with Referer, Tell the server which page is linked from , The server can therefore obtain some information for processing .
According to the topic tips Forgery xff referer utilize burp
use burp forge ip After execution, it is prompted by the arrow Then forge referer
forge referer
obtain flag
Question 10 .webshell
Title Description : Xiaoning Baidu php In a word , It's very interesting , And put it in index.php in
Their thinking : After entering the page, you can see a In a word, Trojans Check the use of the back door Use the ant sword
Connect with an ant sword
When you go in, you can see flag
Eleventh questions .command_execution
Title Description : Xiao Ning wrote a ping function , But didn't write waf,X The teacher told her it was very dangerous , Do you know why .
Web Application protection system ( Also known as : Website Application level intrusion prevention system . english :Web Application Firewall, abbreviation : WAF). utilize The international A generally accepted saying :Web application A firewall It's through the execution of a series of HTTP/HTTPS Of The security policy Come for Web An application that provides protection .------- Baidu Encyclopedia
There is no hint of waf You can try to inject vulnerabilities Inject success
use find Look for The name is flag The file of
find home There is a flag.txt Attempt to read command :cat
Twelfth questions .simple_js( Refer to the answer )
Title Description : Xiaoning found a web page , But I always input the wrong password .(Flag The format is Cyberpeace{xxxxxxxxx} )
First read the source code
Look at two for loop Find out no matter what Will output the wrong password
So the real password should be in the arrow below
First use the string python With the , Get array [55,56,54,79,115,69,114,116,107,49,50],exp as follows .
s="\x35\x35\x2c\x35\x36\x2c\x35\x34\x2c\x37\x39\x2c\x31\x31\x35\x2c\x36\x39\x2c\x31\x31\x34\x2c\x31\x31\x36\x2c\x31\x30\x37\x2c\x34\x39\x2c\x35\x30"
print (s)
Separate the obtained figures ascii Handle , Available string 786OsErtk12,exp
. standard flag Format , available Cyberpeace{786OsErtk12}
边栏推荐
- Network security - Novice introduction
- Zhubo Huangyu: it's really bad not to understand these gold frying skills
- Zibll theme external chain redirection go page beautification tutorial
- Could not set property 'ID' of 'class xx' with value 'XX' argument type mismatch solution
- The real king of caching, Google guava is just a brother
- What are the private addresses
- Godson 2nd generation burn PMON and reload system
- 牛客网:拦截导弹
- 什么叫做信息安全?包含哪些内容?与网络安全有什么区别?
- In addition to the root directory, other routes of laravel + xampp are 404 solutions
猜你喜欢
[machine learning notes] several methods of splitting data into training sets and test sets
Why do I support bat to dismantle "AI research institute"
锚点导航小demo
zabbix 监控
Those things I didn't know until I took the postgraduate entrance examination
Primary code audit [no dolls (modification)] assessment
Intranet penetration tool NetApp
Laravel framework operation error: no application encryption key has been specified
How to deal with the Yellow Icon during the installation of wampserver
:: ffff:192.168.31.101 what address is it?
随机推荐
这18个网站能让你的页面背景炫酷起来
Log4j utilization correlation
Basic characteristics and isolation level of transactions
How to deal with the Yellow Icon during the installation of wampserver
牛客网:拦截导弹
Could not set property 'ID' of 'class xx' with value 'XX' argument type mismatch solution
[machine learning notes] several methods of splitting data into training sets and test sets
What is information security? What is included? What is the difference with network security?
Integer = = the comparison will unpack automatically. This variable cannot be assigned empty
Requset + BS4 crawling shell listings
Record in-depth learning - some bug handling
什么叫做信息安全?包含哪些内容?与网络安全有什么区别?
Personal component - message prompt
Win10 - lightweight gadget
Elfk deployment
Self built shooting range 2022
Interviewer soul torture: why does the code specification require SQL statements not to have too many joins?
French scholars: the explicability of counter attack under optimal transmission theory
UE source code reading [1]--- starting with problems delayed rendering in UE
基于微信小程序的订餐系统