CTF实战:从入门到提升
1.3.5.[第一章][1.3.5 案例解析][极客大挑战 2019]Http
-
打开页面,没有发现什么有用的东西
-
右键打开页面源代码,发现页面Secret.php
-
显示It doesn't come from 'https://Sycsecret.buuoj.cn',使用postman,增加Referer头
-
显示Please use "Syclover" browser,带有浏览器信息的就是UA头,增加User-Agent
-
显示No!!! you can only read this locally!!!,说明需要本地访问,增加X-Forwarded-For头,得到flag,flag{9bc8c2e3-7570-4bcd-892c-911d44c4051a}
- BUUCTF-Web BUUCTF Webbuuctf-web buuctf-web buuctf web web_buuctf_writeup ping web_buuctf_writeup writeup buuctf web_buuctf_writeup easysql writeup buuctf buuctf_writeup web_xctf writeup buuctf buuctf 2019 swpu web1 easy_web buuctf 2019 easy web_buuctf_writeup havefun writeup buuctf web_buuctf_writeup新生writeup buuctf