old-51本題考點:Raw MD5 SQL injection
是個登入頁面,來看一下 source code:
12345678910111213141516171819202122232425262728293031323334353637<?php include "../../config.php"; if($_GET['view_source']) view_source();?><html&g...
old-46本題考點:SQLi with WAF bypass、char() 繞過
又是一題 SQL Injection,來看一下 source code:
12345678910111213141516171819202122232425262728293031<?php include "../../config.php"; if($_GET['view_source']) view_source();?>&...
old-41本題考點:Maximum filename length、error_reporting 讀取目錄
給了一個上傳的地方,來看一下 source code:
123456789101112131415161718192021222324252627282930313233<?php include "../../config.php"; include "./inc.php"; if($_GET['view...
old-36本題考點:vim 存檔 .swp 檔案
題目如下所示:
12While editing index.php file using vi editor in the current directory, a power outage caused the source code to disappear.Please help me recover.
他說他在使用 vi 時因為電源中斷退出了,因此目錄中應該會存在 ....
old-31本題考點:open port with public ip
這題題目就給了 source code:
12$port = rand(10000,10100);$socket = fsockopen($_GET['server'],$port,$errno,$errstr,3) or die("error : {$errstr}");
所以我們需要一個公網 IP 來接收 10000~10100 隨機一個 port 的...
old-26本題考點:雙重 urlencode()、WAF 繞過
來看一下 source code:
1234567891011121314151617181920212223<?php include "../../config.php"; if($_GET['view_source']) view_source();?><html><head><title>Challeng...
old-21本題考點:Error-based Blind SQLi
又是一題 Blind SQLi,看起來是個登入頁面,試試看 一般登入 admin:
1Result : login fail
換換看 SQLi admin' or 1=1#:
1Result : wrong password
變成 wrong password 了,表示使用者確實為admin,而我們需要透過 Blind SQLi 找到 password,把 1...
old-16本題考點:前端原始碼分析
直接來看一下 source code:
12345678910111213document.body.innerHTML+="<font color=yellow id=aa style=position:relative;left:0;top:0>*</font>";function mv(cd){ kk(star.style.left-50,star.style...
old-11本題考點:正規表達式解析、URL 編碼字元轉義
來看一下 source code:
12345678910111213141516171819202122232425<?php include "../../config.php"; if($_GET['view_source']) view_source();?><html><head><title>Challen...
old-06本題考點:Client-Side State Forgery(CSSF)、對稱編碼與混淆還原
題目給了一組 ID 和 PW,目前還不知道用途,先來看一下 source code:
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646...