BugkuCTF_Web——"Administrator System", "Website Hacked"

Others 2020-10-29 11:27:28 views: null

Article Directory

use tools
1. "Administrator System
2. "The website is hacked"
Finish

use tools

Yujian WEB Directory Scan
Burpsuite

1. "Administrator System

The topic is login account

Prompt the administrator system, first try adminto login and capture the account and password
Insert picture description here

Prompt to contact the local administrator

Insert picture description here
The page has a string of base64 encoding, and the password of the administrator account istest123

Insert picture description here
Try to test123log in to the account with a passwordadmin

Also prompted to contact the local administrator
Insert picture description here

Use X-Forwarded-Forpoint to local127.0.0.1

Get FLAG
Insert picture description here

flag{85ff2ee4171396724bae20c0bd851f6b}

2. "The website is hacked"

The topic is a website
Insert picture description here
that has been attacked. Now that it has been hacked and there are loopholes in the website, then there should be a backend and use the sword to scan

Insert picture description here
To access the shell, you need to find the password.

Use Burpsuite password dictionary to blast

Insert picture description here

Send the package to Intruder, set the payload and sort the results according to the response length

Insert picture description here
hackLogin with password to get FLAG

Insert picture description here

flag{hack_bug_ku035}

Finish

Welcome to leave a message in the comment area.
Thanks for browsing

Guess you like

Origin blog.csdn.net/Xxy605/article/details/108460505

BugkuCTF_Web——"Administrator System", "Website Hacked"

If the pbootcms system website is hacked, how to restore the backup.

Website was hacked prevention and treatment

The website was hacked question how to prevent

Website was hacked have any effect?

Website was hacked influence is very great

What is the website was hacked? Website is how do hackers?

Baidu website was hacked prompted a safety hazard

bugkuCTF system administrator

How to prevent your website from being hacked? How are hackers made?

He Caitou - When You're Hacked On The Web

How to prevent the website from being hacked? That's because you don't know these skills!

Office building display system web page website graduation design work finished product (Part 2): backend management system functions and system renderings

SpringBoot: Everyone TOEFL website system

Development imitate Lynx website system

Blog website system based on springBoot

ITMOMO Website and Software Design System

Tourism website system implemented by Nodejs

Well-known web comic XKCD been hacked, about 56 million users data was leaked

BugkuCTF_Web——"web5", "first class", "backup is a good habit", "flag in the index"

Web mall web website graduation project finished product (7): Design and implementation of online snack shopping mall system

Web mall web website graduation project finished product (3): Design and implementation of cosmetics online shopping mall system

Web mall web website graduation project finished product (8): mobile digital mall system design and implementation

Web mall web website graduation project finished product (10): Design and implementation of sports goods shopping mall system

After the server was hacked...

Web-based movie ticket booking system/movie ticket buying website

Campus sports meeting registration management system web page website graduation design work finished product (Part 2): backend management system functions and system renderings

Fine imitation CNZZ website visitor statistics system source code | web page visitor crawling collection source code | website visitor flow statistics source code

Binance, Huobi, and ZB were hacked one by one. Is your small currency still safe? Wonder Woman is here to tell you Your System Safe? She Said...

YouDianCMS 6.7.0 release, PHP website system

Recommended

Rushing to the GitHub hot list——How can open source programming languages and frameworks be so cute?

Beijing Humanoid Robot Innovation Center launches Tiangong, the world's first full-size humanoid robot with purely electric drive for anthropomorphic running

Ranking

8个无需编写代码即可使用 Python 内置库的方法

Java collections interview knowledge Lite

Machine learning algorithms foundation - Introduction a (watermelon materials for the book)

(Easy) Ransom Note - LeetCode

[Five days] Qt from entry to actual combat: the second day

Remember once extremely pit father can not download Maven Jar package of issues: IDEA question

The minimum cost Shortest

OSPF study map (the most complete version)

Network Takeaways

GnuPG

Daily

More

2024-04-27(29)

2024-04-26(22)

2024-04-25(32)

2024-04-24(30)

2024-04-23(30)

2024-04-22(5)

2024-04-21(0)

2024-04-20(6)

2024-04-19(5)

2024-04-18(0)