He came to the bug database, choosing to sign a few questions as follows:
Sort difficulty: easy to difficult (Author subjective)
The first question: WEB2:
Opening the link:
As shown in FIG funny full screen, press the right or directly f12 review elements:
Find the flag submit.
The second question: Calculator
Point after opening the link:
Just a simple addition problems, but typing a length limit. . .
Right at this moment we review elements:
Maxlength found this condition; double-click to modify:
Changed after 3, enter the answer can be obtained by clicking validation flag.
web basis $ _GET
The foundation needs a bit of php, can be a rookie tutorial https://www.runoob.com/php/php-tutorial.html
Learn basic grammar a bit of php,
Adding to the URL can be obtained as shown in FIG statement flag.
WEB3:
After opening the link to block popups, right Inspect Element see a line unicode coding, coding can decrypt this in html online decrypted flag.
You have to make him stop
After opening the website pages have been beating, and different pages, guess flag in some pages of them, the use of look burpsuite a frame, repeatedly go in Repeter, you will find each jpg prefix numbers go get not the same, until digital became 10 will find flag.
First Class
Open topic Link:
After a review of source code found page contains a hidden element with burpsuite Ethereal:
Get flag.
Now not fine art only temporarily these do first. . . In the future to do the other direction. . .
Continually updated.....