用wireshark打开,筛选http,看到一些可疑的字符
用python跑一下把这些可疑字符提取出来
import re f = open("Not Only Wireshark.pcapng", "rb").read() a = re.findall(b"/sqli/example2\.php\?name=(...)", f) f1 = open("test.txt", "a+") for i in a: j = i.decode() strs = "".join(j) f1.write(strs) f1.close()
提取出来的字符
在 1234 后面补个5,加上后面几位就是504B0304,这是zip的文件头
生成zip文件
a = "504B03040A0001080000739C8C4B7B36E495200000001400000004000000666C616781CD460EB62015168D9E64B06FC1712365FDE5F987916DD8A52416E83FDE98FB504B01023F000A0001080000739C8C4B7B36E4952000000014000000040024000000000000002000000000000000666C61670A00200000000000010018000DB39B543D73D301A1ED91543D73D301F99066543D73D301504B0506000000000100010056000000420000000000" a_b = bytes.fromhex(a) f = open(‘test.zip‘,‘wb‘) f.write(a_b) f.close()
生成完成后打开
看到一个flag文件,但是要密码
解压密码在流量包中
解压密码是 key= 之后的内容
输入解压密码,得到flag
simple upload:
原文:https://www.cnblogs.com/sch01ar/p/8992754.html