当前位置:网站首页>Buuctf Web - [geek challenge 2019] buyflag 1

Buuctf Web - [geek challenge 2019] buyflag 1

2020-12-06 14:08:26 junlebao

Open the web page , And found that menu There was a buyflag The connection of , Click in

 

  If you want to buy this flag , You have to be from CUIT One of my students , You also have to answer the correct password . Simple understanding , Let's look at the source code , Find ideas

 

 POST Method to pass in two parameters ,password and money, among password To bypass is_numeric() function , And the password must be equal to 404,php Weak type matching ,

So we just let password=404a That's all right. , Both bypass is_numeric() It's done again password The matching of . And then our money needs to be 100000000 So we bp Capture and send POST request

 

 0 yes false,1 yes true

To see this , The feeling should be to control whether it is CUIT Of the students , So I changed it to 1, Then construct the parameters :password=404a&money=100000000 When sending , Tell us Nember lenth is too long, So we switched to scientific counting , And then we send it again to get flag

It's a question to repeat before , I can't find out , Today it's a success , This question is not difficult , Just take a note . The main thing is to test the weak type comparison , There's nothing . And sometimes the data is too long , It can be changed to scientific counting . Of course , There's another way for big guys to blog , utilize

strcmp Function . Look at this article , Han Xin orders soldiers , the more , the better . Simply record

 

版权声明
本文为[junlebao]所创,转载请带上原文链接,感谢
https://chowdera.com/2020/12/202012061406270837.html