Micro-CMS v1

Others 2019-06-11 18:33:22 views: null

There are four flag

First Flag
Select Edit this page
and then modify the path
http://35.196.135.216/4c30365280/page/edit/8 '
(the SQL injection type)
and submit

The second Flag
XSS attacks (that is, the user can change the content of submitted api meaning)
as editor
Here Insert Picture Description
and select save found normal display, then click Go Home to get the second Flag
Here Insert Picture Description

3rd Flag

There is XSS content, structure
and then save, then click on the image will come out the dialog box.
After, F12, right All, Response to get the Flag
Here Insert Picture Description

4th Flag directly into the id in the address bar and then press Enter you can get 4

Guess you like

Origin blog.csdn.net/appleyuchi/article/details/91128102
Recommended
微软回应中国区AI团队“打包赴美”传闻
Ranking
How to use ChatGPT to write 100,000+ hot articles for public accounts (includes prompt words)
sudo echo command execution Permission denied
ADO: Using Transactions to Operate Oracle Database
[Java] [Class and Object] equals, hashCode, clone methods
Linux virtual host function
Порт управления rabbitmq открыт
on,where
jQuery WeUI
How can there be a weed pilot in Hangzhou?
tcp / ip model four
Daily
More
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)

Code World

© 2018 codetd.com