题目来源于:bugku
题目难度:简单
题目 描 述: > Wanna learn about some types of headache? > Let's dig right into it!
下面是题目源代码:
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Headache</title>
<link rel="stylesheet" href="/static/bulma.min.css">
<style type="text/css">
img {
width: 400px;
height: auto;
}
</style>
</head>
<body>
<section class="section">
<div class="container">
<h1 class="title is-primary">
HEADACHE
</h1>
<p class="subtitle"> In this challenge you'll discover some types of <strong class="is-primary">Headache</strong>! </p> <img src="/static/meme.png">
<p>Otherwise, if you want the flag just ask for it politely :D</p>
</div>
</section>
</body>
</html>下面我们开始解题:
这道题我们直接用“ BurpSuite ”抓包工具
直接在抓包到的页面添加请求头“ Wanna-Something:can-i-have-a-flag-please ”,就能获取到flag,完成题目了
原文链接: CTF网络安全大赛简单的web抓包题:HEADache - [红客网]网络编程与渗透技术笔记
红客网:blog.hongkewang.cn
