CTFHub_Write_Up
Web前置技能——HTTP协议——请求方式
题意 点击所给链接,下列代码显示在页面上
1 2 3 4 5 6 HTTP Method is GET Use CTF**B Method, I will give you flag. Hint: If you got 「HTTP Method Not Allowed」 Error, you should request index.php.
说明本题需要用GET方式请求index.php,而且要用CTF**B Method
解题 如果使用get方式的话,的不到flag,响应包如下
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 HTTP/1.1 200 OK Server: openresty/1.19.3.2 Date: Sun, 05 Dec 2021 13:56:21 GMT Content-Type: text/html; charset=UTF-8 Connection: close X-Powered-By: PHP/5.6.40 Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: * Content-Length: 297 <!DOCTYPE html> <html> <head> <meta charset="UTF-8"/> <title>CTFHub HTTP Method</title> </head> <body> <p>HTTP Method is GET</p><p>Use CTF**B Method, I will give you flag.</p><br/><p>Hint: If you got 「HTTP Method Not Allowed」 Error, you should request index.php.</p> </body> </html>
那就将get方式改成CTFHUB方式,响应包如下
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 HTTP/1.1 200 OK Server: openresty/1.19.3.2 Date: Sun, 05 Dec 2021 13:59:19 GMT Content-Type: text/html; charset=UTF-8 Connection: close X-Powered-By: PHP/5.6.40 Access-Control-Allow-Origin: * Access-Control-Allow-Headers: X-Requested-With Access-Control-Allow-Methods: * Content-Length: 172 <!DOCTYPE html> <html> <head> <meta charset="UTF-8"/> <title>CTFHub HTTP Method</title> </head> <body> good job! ctfhub{1f1619b5de362b0f7e6a3820} </body> </html>
拿到flag。
