Questions and answers of BiliBili1024 security challenge (related to ctf)
Question and solution process/answer
1. What is behind the page
$.ajax({ url: "api/admin", type: "get", success:function (data) { //console.log(data); if (data.code == 200){ //If there is a value: jump to the front end var input = document.getElementById("flag1"); input.value = String(data.data); } else { //If it's not worth it $('# flag1'). html ("Interface exception, please try again later~"); } } }) $.ajax({ url: "api/ctf/2", type: "get", success:function (data) { //console.log(data); if (data.code == 200){ //If there is a value: jump to the front end $('#flag2').html("flag2: " + data.data); } else { //If it's not worth it $('# flag2'). html ("You need to use the bilibili Security Browser browser to access ~"); } } })
2. The real secret can only be seen by special equipment
3. What is the password
User name: admin Password: bilibili
4. Sorry, insufficient permission
5. Others' secrets
6. The end is also the beginning
" U7a0b u5e8f u5458 u6700 u591a u7684 u5730 u65b9" ->Github is the place with most programmers "bilibili1024havefun"
https://github.com/interesting-1024/end
http://45.113.201.36/blog/end.php?id []=1
http://45.113.201.36/blog/end.php?id []=1&url=/flag.txt
flag10:2ebd3b08-47ffc478-b49a5f9d-f6099d65
7. Young people need to explore by themselves
8. Young people need to explore by themselves
redis-cli -h 45.113.201.36 -p 6379
keys *
1) "flag8"
get flag8
9. Young people need to explore by themselves
10. Young people need to explore by themselves
other