Bugku CTF web32(Web)

Others 2021-03-20 18:58:23 views: null

0. Open the webpage, we find that a file needs to be uploaded, and it is a picture file

1. Write a word of Trojan horse, rename it to jpg file and upload it

Upload is successful, then capture the package and modify the file name

2. Use BurpSuite to capture the package and modify the file extension

Change the suffix name to php2, php3, php4, php5, phps, pht, phtm, phtml (alias of php), and find that only php4 is not filtered

Note that there are two changes here, the first is to bypass the case

3. Use a chopper to connect and view the root directory

4. Get the flag: flag{e46b352d86f8f08b2102927fdff09eb1}

Guess you like

Origin blog.csdn.net/ChaoYue_miku/article/details/114858145
Recommended
Ranking
Linux关机和重启详解(shutdown、halt、poweroff、reboot、init)
Netty work notes 0007---NIO's three core component relationships
Knife4j tutorial
2021.10.29,内容:什么时候用接口和抽象类
How to solve the problem that changing the memory frequency causes the computer to become unusable?
SpringMVC Tutorial - Controller
linux learning skills -Linux 25 transport Vega paid special privileges and facl extension
Financial quarterly report evaluation report data automatic generation 1.0
Agile Development Series - The Values of Agile Development
scrapy achieve browsercookie Middleware
Daily
More
2024-05-19(0)
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)

Code World

© 2018 codetd.com