NCTF-变量覆盖

NCTF-变量覆盖

原题链接:

http://ctf.nuptsast.com/challenges#%E5%8F%98%E9%87%8F%E8%A6%86%E7%9B%96

mark

分析:

看源码:

<?php if ($_SERVER["REQUEST_METHOD"] == "POST") { ?>
                        <?php
                        extract($_POST);
                        if ($pass == $thepassword_123) { ?>
                            <div class="alert alert-success">
                                <code><?php echo $theflag; ?></code>
                            </div>
                        <?php } ?>
                    <?php } ?>

比较乱,整理一下:

<?php if ($_SERVER["REQUEST_METHOD"] == "POST") {
    extract($_POST);
      if ($pass == $thepassword_123) { 
          echo $theflag; }
?>

可以看到有函数extract($_POST); 结合变量覆盖,(变量覆盖漏洞)。
只要将两个变量的值改成一样的,就可以覆盖了。

payload:

mark

flag:

nctf{bian_liang_fu_gai!}

### NCTF Web Challenges and Resources NCTF (National Cybersecurity Talent Competition) is a well-known competition that focuses on cybersecurity skills, including web security challenges. These challenges are designed to test participants' abilities in identifying vulnerabilities within web applications and exploiting them ethically. The website mentioned in the reference provides access to various Capture The Flag (CTF) competitions where contestants can engage with different types of challenges, such as web-based ones[^1]. Participants often encounter tasks involving SQL injection, cross-site scripting (XSS), command injection, insecure deserialization, and more advanced techniques like bypassing authentication mechanisms or exploiting server-side request forgery (SSRF). For those interested specifically in NCTF's web-related content, it’s recommended to explore past challenge archives from official sources when available. Additionally, there exist several platforms hosting similar CTF-style exercises which could serve as supplementary material: #### Example Code for Testing XSS Vulnerability Below demonstrates how one might check whether an input field allows reflected Cross-Site Scripting attacks. ```javascript // Simple payload used during testing phase alert('This shows potential vulnerability'); ``` Such scripts should only execute under conditions indicating improper sanitization processes at play—highlighting areas needing remediation efforts before deployment into production environments.
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值