BUUCTF The mystery of ip

Others 2021-03-20 07:10:21 views: null
  • PHP's SSTI template injection
  • Go inside and you see a beautiful page
  • You can't help but order Flag
  • It tells you your IP address, but it doesn’t seem to be my IP address, right?
  • Then I clicked HINT
    Insert picture description here
  • Look at the source code and find nothing. Look at wp
  • Found weird in X-Forwarded-For
  • Grab a package and add X-Forwarded-For: { {127.0.0.1}}
    Insert picture description here
  • Learned python template injection to mess around a few times
  • {system("ls /")}
    Insert picture description here
  • {system("cat /flag")}
    Insert picture description here

Guess you like

Origin blog.csdn.net/CyhDl666/article/details/114371798
Recommended
Ranking
Linux关机和重启详解(shutdown、halt、poweroff、reboot、init)
Netty work notes 0007---NIO's three core component relationships
Knife4j tutorial
2021.10.29,内容:什么时候用接口和抽象类
How to solve the problem that changing the memory frequency causes the computer to become unusable?
SpringMVC Tutorial - Controller
linux learning skills -Linux 25 transport Vega paid special privileges and facl extension
Financial quarterly report evaluation report data automatic generation 1.0
Agile Development Series - The Values of Agile Development
scrapy achieve browsercookie Middleware
Daily
More
2024-05-19(0)
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)

Code World

© 2018 codetd.com