Skip to content
This repository has been archived by the owner on Jan 8, 2024. It is now read-only.

Latest commit

 

History

History

CISCN_2019_southeastern_China_web4

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
app
app
 
 
exp
exp
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
desc.yaml
desc.yaml
 
 
docker-compose.yml
docker-compose.yml
 
 

README.md

题目:CISCN 2019 华东南 Web4

题目描述:none

题目难度: 🌟🌟🌟🌟🌟

维护:le31ei

KEY: flag{glzjin_wants_a_girl_firend}

配置信息:

  1. 开放端口: 8083

解题过程:

  1. 任意文件读取、伪随机数
  2. http://web55.buuoj.cn/read?url=app.py 读源码
  3. http://web55.buuoj.cn/read?url=/sys/class/net/eth0/address 读网卡地址
  4. 用 exp 下面的脚本来算出 SECRET_KEY,并重新签名。(Python2,和靶机一致)
  5. 置 session Cookie,访问 http://web55.buuoj.cn/flag