【HNCTF 2022 WEEK3】ssssti Ting included in Web · 2024做题2024-10-28 About 100 words One minute Contents 思路 EXP 总结 [HNCTF 2022 WEEK3]ssssti 思路 fenjing一把梭 [以下是看大佬博客知道的] 黑名单 1 blacklist = ['\'', '"', 'args', 'os', '_'],不能用post方法 可以用request.cookies,通过cookies传入参数 EXP 其实就是fenjing命令解析 直接图形化界面来破解 1 python3 fenjing -m fenjing webui 总结 fenjing一把梭
Ting included in Web · 2024做题 Ting included in Web · 2024做题 Ting included in Web · 2024做题