码迷,mamicode.com
首页 > 其他好文 > 详细

CTF-never give up

时间:2020-07-04 13:31:26      阅读:57      评论:0      收藏:0      [点我收藏+]

标签:nas   blog   net   doc   sdn   ima   write   mic   style   

CTF-never give up 100

技术图片

点击进入界面,F12看下有个提示

1.html,查看一下发现是官方…….

?

技术图片

进行brupsuite抓包试试

发现有一大串java代码+注释

技术图片

进行url解码

var Words ="<script>window.location.href%3D‘http%3A//www.bugku.com‘%3B</script>

<!--JTIyJTNCaWYlMjglMjElMjRfR0VUJTVCJTI3aWQlMjclNUQlMjklMEElN0IlMEElMDloZWFkZXIlMjglMjdMb2NhdGlvbiUzQSUyMGhlbGxvLnBocCUzRmlkJTNEMSUyNyUyOSUzQiUwQSUwOWV4aXQlMjglMjklM0IlMEElN0QlMEElMjRpZCUzRCUyNF9HRVQlNUIlMjdpZCUyNyU1RCUzQiUwQSUyNGElM0QlMjRfR0VUJTVCJTI3YSUyNyU1RCUzQiUwQSUyNGIlM0QlMjRfR0VUJTVCJTI3YiUyNyU1RCUzQiUwQWlmJTI4c3RyaXBvcyUyOCUyNGElMkMlMjcuJTI3JTI5JTI5JTBBJTdCJTBBJTA5ZWNobyUyMCUyN25vJTIwbm8lMjBubyUyMG5vJTIwbm8lMjBubyUyMG5vJTI3JTNCJTBBJTA5cmV0dXJuJTIwJTNCJTBBJTdEJTBBJTI0ZGF0YSUyMCUzRCUyMEBmaWxlX2dldF9jb250ZW50cyUyOCUyNGElMkMlMjdyJTI3JTI5JTNCJTBBaWYlMjglMjRkYXRhJTNEJTNEJTIyYnVna3UlMjBpcyUyMGElMjBuaWNlJTIwcGxhdGVmb3JtJTIxJTIyJTIwYW5kJTIwJTI0aWQlM0QlM0QwJTIwYW5kJTIwc3RybGVuJTI4JTI0YiUyOSUzRTUlMjBhbmQlMjBlcmVnaSUyOCUyMjExMSUyMi5zdWJzdHIlMjglMjRiJTJDMCUyQzElMjklMkMlMjIxMTE0JTIyJTI5JTIwYW5kJTIwc3Vic3RyJTI4JTI0YiUyQzAlMkMxJTI5JTIxJTNENCUyOSUwQSU3QiUwQSUwOXJlcXVpcmUlMjglMjJmNGwyYTNnLnR4dCUyMiUyOSUzQiUwQSU3RCUwQWVsc2UlMEElN0IlMEElMDlwcmludCUyMCUyMm5ldmVyJTIwbmV2ZXIlMjBuZXZlciUyMGdpdmUlMjB1cCUyMCUyMSUyMSUyMSUyMiUzQiUwQSU3RCUwQSUwQSUwQSUzRiUzRQ%3D%3D-->"

function OutWord()

{

var NewWords;

NewWords = unescape(Words);

document.write(NewWords);

}

OutWord();

将注释再进行base64解码

";if(!$_GET[‘id‘])

{

????header(‘Location: hello.php?id=1‘);

????exit();

}

$id=$_GET[‘id‘];

$a=$_GET[‘a‘];

$b=$_GET[‘b‘];

if(stripos($a,‘.‘))

{

????echo ‘no no no no no no no‘;

????return ;

}

$data = @file_get_contents($a,‘r‘);

if($data=="bugku is a nice plateform!" and $id==0 and strlen($b)>5 and eregi("111".substr($b,0,1),"1114") and substr($b,0,1)!=4)

{

????require("f4l2a3g.txt");

}

else

{

????print "never never never give up !!!";

}

?

?

?>

?ü0

得到这段代码

发现有f4l2a3g.txt

得尝试绕过?

看的有点难,百度了一下发现直接查找这个txt就可以了如下:

技术图片

得到flag

当然也可以构造payload

参看链接:https://blog.csdn.net/changer_WE/article/details/89001076

总结:这题莫非是考加密解密求出源码,再进行绕过获取flag?这作者给力啊

CTF-never give up

标签:nas   blog   net   doc   sdn   ima   write   mic   style   

原文地址:https://www.cnblogs.com/cxl862002755/p/13234364.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!