当前位置:网站首页>Buuctf entry diary -- [nctf2019]fake XML Cookbook
Buuctf entry diary -- [nctf2019]fake XML Cookbook
2022-07-22 21:10:00 【Breeze--】
Enter the page :
The old problem has been made again , Want to explode again username and password, A lot of time has been wasted , This is not here at all
Let's look at the page source code , Found a php file
Let's visit
It's as simple as entity injection ;
Will be our first page
Grab a bag
Back to XML Grab it where you inject it and send it to repeater Convenient test
success , Now it's construction XML Injected packets
But this flag I tried many paths , Just tried it out
边栏推荐
- 1.虚拟化和容器技术
- JS BOM(浏览器对象模型)
- [LTTng学习之旅]------Trace控制--进阶
- Human stars website collection plan -- Michael kerrisk
- PKG config lookup library and for compilation
- [lttng learning journey] - lttng features
- How many holes are there in string split operation
- 第七章:使用jwt token的方式来进行登录
- [lttng learning journey] - environment construction
- Multithreading 05 -- reentrantlock principle
猜你喜欢
![BUUCTF闯关日记--[SUCTF 2019]CheckIn1()](/img/2f/efa9d898a170a24624e4fe13e34903.png)
BUUCTF闯关日记--[SUCTF 2019]CheckIn1()
Set colSpan invalidation for TD of table
![[lttng learning journey] - a preliminary study of trace view](/img/72/d3e46a820796a48b458cd2d0a18f8f.png)
[lttng learning journey] - a preliminary study of trace view
Redis series 11 -- redis persistence
Write a 3D banner using JS
pytorch 自定义数据集载入(标签在csv文件里)
![BUUCTF闯关日记03--[极客大挑战 2019]Havefun1](/img/9f/172299c5f7ba913d96b62f3c69afd1.png)
BUUCTF闯关日记03--[极客大挑战 2019]Havefun1
微信小程序Cannot read property 'setData' of null错误
Multithreading 05 -- reentrantlock principle
MATLAB2017a环境下使用libsvm-3.23出现的问题与解决方案
随机推荐
微信小程序入门教程学习笔记
【PyTorch深度学习实践】学习笔记 第三节 梯度下降
Chapter 2: Minio stand-alone version, using the client to back up files
2020中南大学信息与通信夏令营面试
第一章:minio介绍与安装
Buuctf breakthrough diary -- [netding cup 2020 Qinglong group]areuserialz
使用vis-network根据节点坐标定位环形工具栏
[LTTng学习之旅]------core concepts 拾遗
Seata first met
Multithreading 03 -- synchronized and lock escalation
BUUCTF闖關日記--[網鼎杯 2020 青龍組]AreUSerialz
[LTTng学习之旅]------在用户程序中简单的添加一个trace点
JUC-7.3-线程协作-CyclicBarrier
Wechat applet cannot read property'setdata'of null error
6.管理服务器和服务
Use VBScript on xshell and CRT to connect and locate servers, directories and databases more efficiently
Bash变量--用户自定义变量
Bash基本功能—别名与快捷键
How many holes are there in string split operation
BUUCTF闯关日记--[SUCTF 2019]CheckIn1()