文件上传漏洞CTF笔记

参加i春秋训练营,根据大佬写的write  up,以下为过程中个人笔记

访问赛题 URL, 返回包如下

HTTP/1.1 200 OK
Server: nginx/1.10.2
Date: Thu, 28 Dec 2017 08:19:49 GMT
Content-Type: text/html
Content-Length: 87
Connection: keep-alive
X-Powered-By: PHP/5.5.9-1ubuntu4.19
Set-Cookie: PHPSESSID=uftmhmic9cts56dopv6vf7pjt1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
flag: ZmxhZ19pc19oZXJlOiBNakkxTXpnMw==
Vary: Accept-Encoding


Hi,CTFer!u should be a fast man:)
                    

你可能感兴趣的:(web安全)