Network information security attack and Defense learning platform (base off write up)

Title Address: http://hackinglab.cn/index_2.php

---------------------------------------------------------------------------------

1. Where is key? (http://lab1.xseclab.com/base1_4a4d993ed7bd7d467b27af52d2aaa800/index.php)

Solution: Check the source of the Web page and find key hidden in the comments.

Answer: Jflsjklejflkdsjfklds

2. once again, you get the key.

The data after encryption is XRLVF23XFQWSXSQF

Solution: The topic said will ciphertext again encrypted once can get the original text, this is exactly the characteristic of ROT13 encryption, so, to cipher a ROT13 encryption to find key.

Answer: 23ksdjfkfds

3 . Guess how many times it's been encrypted?

The encrypted string is

Vm0wd2qyuxlvwgxwv0d4v1ywzdrwmvl3wkrsv01wbdnxa1jtvjaxv2jetlhhmupuvmpbefyyskvubghotvvwvvztcejlrll5u2twvwjhag9uvlz3vlzacvftr Lrnbe ... 10,000 words are omitted here ... Rmfzvmxyvwtov2excghvbfjzvkzscmffsmtnv1j6vm0xr2ffmvdjrmxwtw5saflxeetxr1ziumxwv1juvkvxbfphvjfjefnsvmlsa1pxvmtsqk5rpt0 =

Solution: I saw the last sign of the cipher, which is the Base64 encryption flag. Write a script to the ciphertext loop Base64 decryption, until it can no longer be decrypted with Base64, the number of memory decryption, found key.

The script is as follows:

Import base64def base64count (src): ret = 0try:while true:src = base64.decodestring (src) ++retexcept Exception, E:return Src

Answer: jkljdkl232jkljkdl2389

4, it is said that MD5 encryption is very safe, really?

e0960851294d7b2253978ba858e24633

Solution: online MD5 decryption take key.

Answer: BIGHP

5. Racial discrimination (http://lab1.xseclab.com/base1_0ef337f3afbe42d5619d7a36c19c20ab/index.php)

Xiao Ming classmate visited a website today, unexpectedly do not allow Chinese to visit! Too pit, so Xiao Ming classmate determined must go in a probe!

Solution: Chinese---Chinese-->accept-language, caught bag found:

Delete the following Chinese support, and then forward the request for key.

Answer: * (tu687jksf6&*

6. Haha browser (http://lab1.xseclab.com/base6_6082c908819e105c378eb93b6631c4d3/index.php)

It is said that the information security team recently developed a new browser called haha browser, some topics must be haha browser to correct. Xiao Ming classmate resolutely do not install haha browser, afraid there is a back door, but how can this need to install haha browser can have the problem?

Solution: modify user-agent to receive key.

Answer: Meiyouhahaliulanqi

7, where is the key exactly? (http://lab1.xseclab.com/base7_eb68bd2f0d762faf70c89799b3c1cc52/index.php)

The last time Xiao Ming classmate easily found key, feel so simple topic more boring, so have to find the key to strengthen version, then key this will hide where?

Solution: grab the bag without thinking about it.

Answer: KJH%#$#%FDJJJ

8, key and can not find (http://lab1.xseclab.com/base8_0abd63aa54bef0464289d6a42465f354/index.php)

Xiao Ming can not find the key to go where, can you help him find key?

Solution: no idea grasping the bag.

Find two responses, guess key hidden in that fast-to-see response, go to http://hacklist.sinaapp.com/base8_0abd63aa54bef0464289d6a42465f354/key_is_here_now_.php to get key.

Answer: OHHTTP302DD

9. Impersonate a login user (http://lab1.xseclab.com/base9_ab629d778e3a29540dfd60f2e548a5eb/index.php)

Xiao Ming came to a website, or want to key, but how to tease not landing, you can help him landing it?

Solution: try to get into admin.php, no! No idea grasping the bag.

Set the login for the cookie to 1 before sending the key.

Answer: yescookieedit7823789kj

10. Compare Digital Size (http://lab1.xseclab.com/base10_0b4e4866096913ac9c3a2272dde27215/index.php)

As long as the number on the server is larger than it is possible!

Solution: View the source of the Web page, found that the number of input box appears to be the largest only 3 digits, then in the browser to change the HTML code, the Maxlength= "3" to Maxlength= "10", after saving in the input box input 2147483647 wins key.

Answer: 768hkyu678567&*&k

11. Local Temptation (http://lab1.xseclab.com/base11_0f8e35973f552d69a02047694c27a8c9/index.php)

Xiao Ming scanned His beloved little red computer, found that opened a 80 port, but when Xiao Ming to visit but found only allowed from local access, but his beloved little Red dare not let this strange Xiao Ming touch her computer, but Xiao Ming really want to know the small red Computer 80 port in the end what Secret (key)?

Solution: It is said that the background can get the user's IP from the HTTP header's X-forwarded-for property, so the intercept packet is added to the HTTP request header parameter x-forwarded-for:127.0.0.1 again released key. (Here's an interesting thing, I'm using burp suite to do this, and when I add the parameter to the end of the request header, it's a failure; it's a success when I add the parameter to the middle of the request header.) )

Answer: ^&* (UIHKJJKADSHF

12, will not let you visit (http://lab1.xseclab.com/base12_44f0d8a96eed21afdc4823a0bf1a316b/index.php)

Xiao Ming designed a Web site, because always suffer from hacker attacks backstage, so this time he put the backstage to a no matter what people can not find the place .... Can finally be found by hackers, and was placed a black page, wrote: Find you, no more than 3 secs!

Solution: try to enter admin.php, fail!! No idea grab the bag, did not find!! At this point, it is said that a protocol called robots.txt, this protocol will save a robots.txt in the root directory of the site, go:

You disallow not let the search engine included, the user is accessible, go in this subdirectory:

Enter login.php to receive key.

Answer: UIJ%%IOOQWEQWSDF

---------------------------------------------------------------------------------

Summary: When you have no idea, grab the bag.

Network information security attack learning platform (base write up)