CTF – moctf – 火眼金睛

题目说明

题目来源: www.moctf.com

题目分析

  • 题目要求找出文本框中有多少moctf并在2秒内提交
  • 我并没有暂停时间的能力,所以我决定用python
  • burpsuite截取的访问包和发送包分析来反数据包
  • 发现有cookie,提交moctf的个数是使用POST,变量为answer

解题代码

Python3

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
from bs4 import BeautifulSoup
import requests

r = requests.get('http://119.23.73.3:5001/web10/')
cookie = r.cookies['PHPSESSID']

bsOjb = BeautifulSoup(r.content,'html.parser')
txt = bsOjb.find('textarea').text
cnt = txt.count('moctf')

postData = {'answer':cnt}
postCookie = dict(PHPSESSID=cookie)

r = requests.post('http://119.23.73.3:5001/web10/work.php',data=postData,cookies=postCookie)
print(r.text)