1. 
Open the scene found
our first view the page source code
found 
after inquiry, cyberpeace network security means, namely to understand, this is the Flag
2. 
first understand what is robots protocol
found just add the url in robots.txt protocol to see robots
I found 
that I thought f1ag_1s_h3re.php was a flag, but I submitted an error and thought of the characteristics of the robots protocol. After putting f1ag_1s_h3re.php in the url, I found flag 
3.
First understand a point of knowledge.
If there are backup files on the website, common backup file extensions are: ".git", ".svn", ".swp", ".~", ".bak", ".bash_history", ". "bkf" Try to enter the common file backup extensions in sequence after the URL.
After adding a suffix to the url in turn, no flag or file can be obtained.
But there is index.php in the page, try to enter it into the url, and then enter the above suffix in turn, and finally find
Then
open it with notepad++ and find the flag
4.
Open the scene, capture the package, find the following picture,
perform the picture operation, and find the flag
Delete the disabled
button and press it, and you get the flag
6. 
Try some simple password usernames. I
found that the username is admin. Here I thought of the blasting password, but in the process of checking burp, I found it by accident
Get the flag directly