Tanson
commented
1 month ago https://ctf.show/challenges#web372-856 CTFSHOW这题
Open Marven11 opened 1 month ago
Tanson
commented
1 month ago https://ctf.show/challenges#web372-856 CTFSHOW这题
Marven11
commented
3 weeks ago https://ctf.show/challenges#web372-856 CTFSHOW这题
最新版里用--no-verify-ssl忽略ssl证书验证就行了,然后ctfshow是支持http的,也可以直接用http,这样就没有烦人的warning了
warning下个版本消掉(大概
zmh2000829
commented
2 weeks ago 有一说一,这个感觉大部分比赛题目都不太行欸,基础一点的靠经验很快也能写出来,比如下面这个 black_list = ["url_for", "[", "]", '{{', "libsum", "init", "for", "application", "config", "self", "cycler", "namespace", "get_flashed_messages", "g.", "bases", "builtins",'u']
Marven11
commented
2 weeks ago 有一说一,这个感觉大部分比赛题目都不太行欸,基础一点的靠经验很快也能写出来,比如下面这个 black_list = ["url_for", "[", "]", '{{', "libsum", "init", "for", "application", "config", "self", "cycler", "namespace", "get_flashed_messages", "g.", "bases", "builtins",'u']
我试了一下最新版是可以的,命令是python -m fenjing crack --url 'http://127.0.0.1:5000' --method GET --inputs name,服务端代码在下面,要不你再看看?
from flask import Flask, request, render_template_string
app = Flask(__name__)
blacklist = ["url_for", "[", "]", '{{', "libsum", "__init__", "for", "application", "config", "self", "cycler",
"namespace", "get_flashed_messages", "g.", "bases", "__builtins__",'u']
@app.route("/", methods=["GET", "POST"])
def index():
name = request.args.get("name", "world")
if any(w in name for w in blacklist):
return "Nope"
return render_template_string("Hello, {}".format(name))
if __name__ == "__main__":
app.run(host="0.0.0.0", port=5000)最新版的确实可以!感谢
xtyy0510
commented
1 week ago 请问ctfshow https://ctf.show/challenges#web372-856 CTFSHOW这题怎么用fenjing打呀,我试了一下也是不行的,就是显示可以输入命令了,没有反应,用的http协议, WARNING:[cli] | Payload generator says that this payload won't print command execution result.
<div class="center-content error">
<h1>Hello</h1>
<h3></h3>
</div>那题就是这样的,题目可以执行命令,但是看不到回显。需要打反弹shell
xtyy0510
commented
1 week ago 好的好的谢谢大佬
主要是最近比较忙没时间看CTF了,而且最近没有看到fenjing解不出的Jinja SSTI题目,不知道该更新什么
题目最好满足这些条件:
最好提供题目链接或者源代码(至少有WAF的部分),如果能提供一条成功绕过的payload就更好了,感谢各位师傅