Geeks Challenge 2019-http explanations

Others 2020-03-12 13:17:12 views: null

View page source, found a file secret.php.

secret.php reads as follows:

Requirements must enter a page from https://www.Sycsecret.com, using python add headers to access.

import requests
url = 'http://861-fd096d07-6da8-4c2d-9959-15792888b57.enode3.buuoj.cn:25828/Secret.php'
headers={"Referer":"https://www.Sycsecret.com","Origin":"https://www.Sycsecret.com"}
r = requests.get(url,headers=headers)
print(r.text)

The results showed Please use "Syclover" browser.

Continue to add the User-Agent headers inside

headers['User-Agent'] = "Syclover"

Continue to visit, get No !!! you can only read this locally !!!

Should be to forge IP, add X-Forwarded-For headers inside the

headers['X-Forwarded-For'] = '127.0.0.1'

Get flag.

Feeling, geek title challenge for the novice friendly, geeks do challenge the title if returned just learning the CTF.

Guess you like

Origin www.cnblogs.com/kevinbruce656/p/12468411.html
Recommended
TIOBE May list: Fortran “resurrected” into Top 10
GCC 14.1 released
Ranking
B. Little Girl and Game【1300 / 回文字符串 博弈论】
CIKERS Shane 20190613
"Javascript advanced programming" study notes - the constructor and prototype
beeline hiveserver2 start
springboot - Automatically backup mysql data every day
Data Storage Full Solution--Detailed Persistence Technology
Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original
TCP / IP protocol layers structure and function
Command type literal pos: unknown; Fallback type literal pos: unknown] with root cause
Design of multifunctional curtain controller with indoor anti-theft alarm
Daily
More
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)

Code World

© 2018 codetd.com