[Day25] Web 小涟漪

picobrowser ( 200 points)

This website can be rendered only by picobrowser, go and catch the flag! https://jupiter.challenges.picoctf.org/problem/26704/ (link) or http://jupiter.challenges.picoctf.org:26704

Hints
You don't need to download a new web browser

broswer 是浏览器
所以我们可以往这方向去想
下图是连结点下去,按 flag 的画面

https://jupiter.challenges.picoctf.org/problem/26704/flag

You're not picobrowser! Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.71 Safari/537.36
这是我们目前的 User-Agent
我们要做的是骗他以为是picobrowser
header 段添加
curl -A "picobrowser"
https://2019shell1.picoctf.com/problem/26704/flag

<link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css" rel="stylesheet">

<link href="https://getbootstrap.com/docs/3.3/examples/jumbotron-narrow/jumbotron-narrow.css" rel="stylesheet">

<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>

<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>

<div class="container">
    <div class="header">
        <nav>
            <ul class="nav nav-pills pull-right">
                <li role="presentation" class="active"><a href="/">Home</a>
                </li>
                <li role="presentation"><a href="/unimplemented">Sign In</a>
                </li>
                <li role="presentation"><a href="/unimplemented">Sign Out</a>
                </li>
            </ul>
        </nav>
        <h3 class="text-muted">My New Website</h3>
    </div>
    
   <!-- Categories: success (green), info (blue), warning (yellow), danger (red) -->
   
   
   <div class="alert alert-success alert-dismissible" role="alert" id="myAlert">
     <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
     <!-- <strong>Title</strong> --> picobrowser!
       </div>
 
 
 
    <div class="jumbotron">
        <p class="lead"></p>
        <p style="text-align:center; font-size:30px;"><b>Flag</b>: <code>picoCTF{p1c0_s3cr3t_ag3nt_ee951878}</code></p>
        <!-- <p><a class="btn btn-lg btn-success" href="admin" role="button">Click here for the flag!</a> -->
        <!-- </p> -->
    </div>


    <footer class="footer">
        <p>&copy; PicoCTF 2019</p>
    </footer>

</div>
<script>
$(document).ready(function(){
    $(".close").click(function(){
        $("myAlert").alert("close");
    });
});
</script>

picoCTF{p1c0_s3cr3t_ag3nt_ee951878}

今天第25天了
我想说谢谢各位陪我一起成长
我看到文章有点阅数,还有留言
蛮开心的出乎意料:)
我不敢预期有人会看我的文章
毕竟我第一次写
又写的很浅,不少闲聊很生活化
跟其他创作者风格不太一样
其他人都比较技术少聊天
这些不经意的点阅和留言
都在我心里泛起涟漪
谢谢你们陪着我快走完铁人赛
明年我一定会更好
我要超越自己
你们也要嗷
晚安安