BUUCTF-[极客大挑战 2019]BuyFlag

BUUCTF-[极客大挑战 2019]BuyFlag

进去一看,哦原来是某安全团队的招募启示。
但没看到什么有用的信息,看到了Q群号,我还以为是一道社工题(=_=)
来到pay.php

![在这里插入图片描述]( https://img-blog.csdnimg.cn/20210527152349303.png?x-oss-process=image/watermark ,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl81MjUxNzkzOQ==,size_16,color_FFFFFF,t_70#pic_center)

看一下源码,发现了一串代码。

![在这里插入图片描述]( https://img-blog.csdnimg.cn/20210527151913791.png?x-oss-process=image/watermark ,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl81MjUxNzkzOQ==,size_16,color_FFFFFF,t_70#pic_center)

<!--
	~~~post money and password~~~
if (isset($_POST['password'])) {
	$password = $_POST['password'];
	if (is_numeric($password)) {
		echo "password can't be number</br>";
	}elseif ($password == 404) {
		echo "Password Right!</br>";
	}
}
-->

要post传入password,is_numeric () 函数用于检测变量是否为数字或数字字符串,如果是数字,输出password can't be number
Bp抓包
![在这里插入图片描述]( https://img-blog.csdnimg.cn/20210527153129458.png?x-oss-process=image/watermark ,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl81MjUxNzkzOQ,size_16,color_FFFFFF,t_70#pic_center)
Cookie中user=0,把user=1放包试一下
![在这里插入图片描述]( https://img-blog.csdnimg.cn/20210527153404383.png?x-oss-process=image/watermark ,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl81MjUxNzkzOQ,size_16,color_FFFFFF,t_70#pic_center)
需要输入密码,并且100000000美元。。。才能购买
结合上面得到的源码,post传参

password=404a&money=1000000000

![在这里插入图片描述]( https://img-blog.csdnimg.cn/20210527153902450.png?x-oss-process=image/watermark ,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl81MjUxNzkzOQ==,size_16,color_FFFFFF,t_70#pic_center)

Nember lenth is too long

提示数字长度过长,那用科学计数法试一下money=1e9
![在这里插入图片描述]( https://img-blog.csdnimg.cn/20210527154042371.png?x-oss-process=image/watermark ,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl81MjUxNzkzOQ==,size_16,color_FFFFFF,t_70#pic_center)
得到flag

posted @ 2021-05-27 15:44  AndyNoel  阅读(160)  评论(0)    收藏  举报