Evilzone question bank web application security first question: Damn them robots - Code World

Evilzone question bank web application security first question: Damn them robots

Others 2020-04-20 11:14:13 views: null

evilzone：Damn them robots

Note: In order to facilitate browsing, the pages have been translated!
Insert picture description here
The essence of penetration is information collection!
The essence of penetration is information collection!
The essence of penetration is information collection!

Start:

In the introduction of the topic, it seems that no important tips are given.
Visit the goal ...
Insert picture description here
Welcome page of the website, there is no useful clue. Instead, there is a word emphasized: robot, record it first. F12 Dafa check the basic structure

There is no doubt in the source code. Looking at

the link given in the request title, the request header and the response body have not seen any abnormality for the time being. I want to catch the bag

It ’s the first time, why bother embarrassing each other ... The
Insert picture description here
first criterion of penetration testing: information collection
Since it is information gathering, return to the welcome page and study it carefully. A clue I just collected: Robots
Look at the link again and collect useful information

Another "robot"!
Seeing the cleverness here, I instantly thought of rebots.txt ( web crawler exclusion standard protocol )
access ~
Insert picture description here
Sure enough, there is no guessing wrong,
and then continue to visit

Get success! Submit the flag to receive points ~

Follow me for more articles!

╲ ゞ Red peach K

Published 6 original articles · liked 0 · visits 271

Private letter concerns

Guess you like

Origin blog.csdn.net/heartsk/article/details/105624887

Evilzone question bank web application security first question: Damn them robots

Evilzone question bank web application security second question: You validated it where !?

Evilzone question banque sécurité des applications Web première question: Damn them robots

NSSCTF question bank - web

Network Security Technology and Application Final Exam Question Bank

[Secret Review] Assessment Question Bank for Commercial Cryptocurrency Application Security Assessment Practitioners (2)

[Secret Review] Assessment question bank for commercial password application security assessment practitioners (1)

Question L: Robots

Question L: Robots

Internet of Things Technology and Application Knowledge Points——Terminal Question Bank

Java EE Enterprise Application Development Tutorial Question Bank (Second Edition)

CISCN Question Bank【Accumulating】

Dachang Question Bank

Algorithm question bank 001

Algorithm question bank 002

Dynamic programming question bank

Personnel Interview Question Bank

Food Chemistry Question Bank

Cyberspace security is a must! Hundreds of [network security, penetration testing, security services] interview question bank (with answer analysis)

Web page automatically obtains question matching question bank answer fill (original 1.0)

Web page automatically obtains question matching question bank answer fill (original)

The 13th Blue Bridge Cup National Software and Information Technology Operation Talent Competition (Web Application Development) - Layout Question Type (First Question)

[Question Bank] The King of Salted Fish Answer Challenge Question Bank Collection

Stable online question bank with reputation

【Introduction to Database ①】Review Question Bank

Interview question bank-pink

Python Final Exam Question Bank

Machine Learning Final Question Bank

General Biology Question Bank and Answers

Child and Adolescent Hygiene Question Bank

Recommended

The sixth meeting of openKylin Community Ecology Committee was successfully held

Alibaba Cloud officially releases Tongyi Qianwen 2.5

Python 3.13 releases first Beta: experimental free-threading mode and JIT, improved interactive interpreter

Stack Overflow used my code to train large AI models and banned my account.

Pop!_OS’s COSMIC desktop completes App Store listing

Report: Django is still the first choice for 74% of developers

"Internet Investment and Financing Operation in the First Quarter of 2024" Research Report

15 years ago, he was on the "FFmpeg pillar of shame", and today he still has to thank us - Tencent QQPlayer avenges its shame?

Ranking

Python handwritten digit recognition, the corresponding mathematical formulas and Detailed procedures

Der M-Chip-Mac implementiert mehrere Android-Emulatoren

CentOS 명령줄 모드에서 화면이 항상 켜져 있도록 설정 ---- 예상한 효과를 얻지 못했습니다.

Teach you step by step how to use GDB to debug programs: a comprehensive guide from entry to mastery

python3 pip ipython installation

A lot of python crawler source code sharing -- talk about the little thing about python crawler

Agile Sprint in Alpha Stage (7)

Access URL in Unity

FunctoinDemo form

MS SQL common SQL statements (6): create, modify, delete triggers and other operations sq

Daily

More

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)

2024-05-03(8)

2024-05-02(0)

2024-05-01(4)