[BUUCTF] [Geek Challenge 2019] Http Writeup
)
0x00 test site
Request header
- User-Agent: What browser is used to access
- Referer: The current page was entered through the link in the source page
- X-Forwarded-For: Get the IP address of the client that originally initiated the request
How to add request header
- Hackbar
- ModHeader
- Burp Suite
- Manually add cookies to the browser
0x01 problem solving
Secret.php
1 、 ModHeader
Add, change and delete at any time, very convenient
2 、 Hackbar
Short-term use, more convenient to add, not long-term storage
Download link :
https://blog.csdn.net/vanarrow/article/details/107994085
Three fake hackbars...piracy scams
3、Burp Suite
Professional and detailed, highly customized, simple and cumbersome to use
Summary of operation content
Add request header
referer: https://www.Sycsecret.com
User-Agent: Syclover
X-Forwarded-For: 127.0.0.1
flag{b1797a52-a6ca-4ff7-b7d8-5401592ff173}
Syclover @ cl4y