[Day30]- 新手的CTF系列picoCTF 2019

Day30- 新手的CTF系列picoCTF 2019

正文

终於！来到最後一篇了，好感动( ´▽｀)
这篇来打一下简单的CTF吧
以下是写picoCTF 2019 Web Exploitation 的题目

Insp3ct0r

Kishor Balan tipped us off that the following code may need inspection: https://2019shell1.picoctf.com/problem/11196/ (link) or http://2019shell1.picoctf.com:11196

解法：

先看看原始码
可以看到下面注解
- 
再看看别的档案有什麽东西
- mycss.css 档
  - Here's part 2/3 of the flag: t3ct1ve_0r_ju5t
- myjs.js 档
  - Anyways part 3/3 of the flag: _lucky?9df7e69a}
要注意这些是有顺序的喔
picoCTF{tru3_d3t3ct1ve_0r_ju5t_lucky?9df7e69a}

dont-use-client-side

Can you break into this super secure portal? https://2019shell1.picoctf.com/problem/32259/ (link) or http://2019shell1.picoctf.com:32259

解法：

先看看原始码
你会发现

<script type="text/javascript">
  function verify() {
    checkpass = document.getElementById("pass").value;
    split = 4;
    if (checkpass.substring(0, split) == 'pico') {
      if (checkpass.substring(split*6, split*7) == 'b956') {
        if (checkpass.substring(split, split*2) == 'CTF{') {
         if (checkpass.substring(split*4, split*5) == 'ts_p') {
          if (checkpass.substring(split*3, split*4) == 'lien') {
            if (checkpass.substring(split*5, split*6) == 'lz_e') {
              if (checkpass.substring(split*2, split*3) == 'no_c') {
                if (checkpass.substring(split*7, split*8) == 'b}') {
                  alert("Password Verified")
                  }
                }
              }
      
            }
          }
        }
      }
    }
    else {
      alert("Incorrect password");
    }
    
  }
</script>

它有顺序，按照顺序拼
picoCTF{no_clients_plz_eb956b}

logon

The factory is hiding things from all of its users. Can you login as logon and find what they've been looking at? https://2019shell1.picoctf.com/problem/21895/ (link) or http://2019shell1.picoctf.com:21895