# [GXYCTF2019]StrongestMind

搞了个计算机,要算 1000 次正确就给 flag

直接上脚本:

import requests
import re
import time

url = 'http://6f50dc2f-2732-4820-9115-f988593362dd.node5.buuoj.cn:81/'
session = requests.session()
req = session.get(url).text
flag = ""

for i in range(1010):
    try:
        result = re.findall("<br\>\<br\>(\d.*?)\<br\>\<br\>", req)  # 获取[数字]
        result = "".join(result)  # 提取字符串
        result = eval(result)  # 运算
        print("time: " + str(i) + "   " + "result: " + str(result))

        data = {"answer": result}
        req = session.post(url, data=data).text
        if "flag{" in req:
            print(re.search("flag{.*}", req).group(0)[:50])
            break
        time.sleep(0.1)  # 防止访问太快断开连接
    except:
        print("[-]")

没学过的爬虫方式(还能提取字符串)

Edited on

Give me a cup of [coffee]~( ̄▽ ̄)~*

odiws WeChat Pay

WeChat Pay

odiws Alipay

Alipay

odiws PayPal

PayPal