类型:web
网址:http://www.shiyanbar.com/ctf/1854
攻击:无
一句话总结:
response取得FLAG值,base64解密获得post请求的key值并post提交,获得flag。重点是必须使用脚本或者burp爆破插件,否则太慢
Writeup:
python脚本
import requests
import base64
url = 'http://ctf5.shiyanbar.com/web/10/10.php'
r = requests.session()
flag = r.get(url).headers['FLAG']
flag = base64.b64decode(flag)
flag = str(flag).split(':')[1]
flag = flag.split("'")[0]
param = {'key':flag}
r = requests.post(url, data=param).text
print(r);
FLAG
CTF{Y0U_4R3_1NCR3D1BL3_F4ST!}