# [RootersCTF2019]ImgXweb
# 
注册登录在 / Home 这里发现 cookie,感觉是 jwt,直接上传 JSON Web Tokens - jwt.io
要有密码才能修改:信息搜集发现 robots.txt:
发现密码 you-will-never-guess
修改 user 名为 admin:换 jwt 发现有了 flag.png
可以直接搞一个 curl(抓包也可以)
- Contents
- Related
- Overview
- buuctf4月27日
- buuctf4月28日
- buuctf4月29日
- buuctf5月5日
- buu5月25日
- buuctf5月26日
- [红明谷CTF 2021]write_shell
- '[GWCTF 2019]枯燥的抽奖'
- [nctf2019]truecookbook
- Web5]CyberPunk
- Web1]Dropbox
- ‘’[HITCON 2017]SSRFme‘’
- '[GYCTF2020]Ezsqli'
- '[RootersCTF2019]I_<3_Flask'
- '[NCTF2019]SQLi'
- '[NPUCTF2020]ezinclude'
- [SWPUCTF 2018]SimplePHP
- '[网鼎杯 2018]Comment'
- [HarekazeCTF2019]encode_and_encode
- [SUCTF 2019]EasyWeb
- [网鼎杯2018]Unfinish
- ’[CISCN2019 华东南赛区]Double Secret‘
- October 2019 Twice SQL Injection
- [GYCTF2020]EasyThinking
- [BJDCTF2020]ezPHP
- GKCTF 2021:easycms
- [GXYCTF2019]StrongestMind
- [HFCTF2020]JustEscape
- [suctf2018]GetShell
- [b01lers2020]lifeMars
- [WMCTF2020]Make PHP Great Again
- [MRCTF2020]Ezaudit
- [CSAWQual2019]Web_Unagi
- easybypass
- [极客大挑战2020]Greatphp
- [BSidesCF2019]SVGMagic
- [羊城杯2020]easyphp
- Shop
- [FireshellCTF2020]CaasC的预处理
- [HarekazeCTF2019]AvatarUploader1
- [ISITDTU 2019]EasyPHP
- [GYCTF2020]Easyphp
- 2018]eating_cms
- [GYCTF2020]Ez_Express
- [SUCTF2018]MultiSQL-MySQL预处理学习
- 2019强网杯Upload题
- [安洵杯2019]不是文件上传
- [SUCTF2018]annonymous
- [RootersCTF2019]babyWeb
- bestphp'srevenge
- [GXYCTF2019]BabysqliV3.0
- [CISCN2019华东南赛区]Web4
- [EIS2019]EzPOP
- [RoarCTF2019]OnlineProxy
- [GWCTF2019]mypassword
- [pasecactf_2019]flask_ssti
- [SWPU2019]Web4
- [WMCTF2020]MakePHPGreatAgain2.0
- [HFCTF2020]BabyUpload
- 2020]Hurdles
- 入群题]Web
- Quals]Bnv
- [NPUCTF2020]ezlogin
- [RoarCTF2019]SimpleUpload
- [GWCTF2019]你的名字
- [XNUCA2019Qualifier]EasyPHP
- [安洵杯2019]iamthinking
- [羊城杯2020]Easyphp2
- virink_2019_files_share
- [NESTCTF2019]LoveMath2
- [RootersCTF2019]ImgXweb
- [DDCTF2019]homebreweventloop
- [羊城杯2020]Blackcat
- [watevrCTF-2019]PickleStore
- [GYCTF2020]NodeGame-nodejs
- [CSAWQual2016]i_got_id
- [HarekazeCTF2019]EasyNotes
- [SWPU2019]Web3
- [FBCTF2019]Event
- [RCTF2019]Nextphp
- [BSidesCF2019]Pick Tac Toe
- [HITCON2016]Leaking
- [网鼎杯2020青龙组]notes
- [羊城杯2020]EasySer
- [NewStarCTF2023公开赛道]include0。0
- [CISCN2021Quals]upload
- [2021祥云杯]PackageManager2021
- [极客大挑战2020]Roamphp2-Myblog
- [HXBCT_2021]easywill
- [HFCTF2021Quals]Unsetme
- [WMCTF2020]Web-Check-in-2.0
- [蓝帽杯_2021]One_Pointer_PHP
- [HarekazeCTF2019]Sqlite-Voting
- [JMCTF2021]UploadHub
- [NewStarCTF-2023-公开赛道]ez_sql
- [NPUCTF2020]webdog
- [网鼎杯2020半决赛]faka
- [HCTF2018]Hideandseek
- [FBCTF2019]Products-Manager
- [BSidesCF-2019]Mixer
- [BSidesCF-2020]Cards
- [极客大挑战-2020]Roamphp4-Rceme
- [网鼎杯-2020-半决赛]BabyJS
- [HMGCTF2022]Smarty-Calculator
- [红明谷CTF-2021]EasyTP
- [LineCTF2022]BB
- [NewStarCT_2023_公开赛道]Upload_again!
- 刷新过的图片
- [MRCTF2020]Ezpop_Revenge
- [b01lers2020]Spac_Noodles
- [De1CTF_2019]Giftbox
- [NewStarCTF2023公开赛道]EasyLogin
- NewStarCTF2023新生赛_BabySSTI_Three
- 公开赛赛道]UnserializeOne
- [NewStarCTF公开赛赛道]BabySSTI_Two
- [BSidesCF2019]Sequel
- NewStarCTF_2023_公开赛道Include
- [HFCTF_2021_Final]hatenum
- [Dest0g3_520迎新赛]SimpleRCE
- [SWPUCTF_2016]Web7
- [HMGCTF2022]Fan_Website
- PyCalX_1
- [GKCTF_2021]babycat-revenge
- 谁赢了比赛?
- 梅花香自苦寒来
- [ACTF新生赛2020]outguess
- [NewStarCTF-2023-公开赛道]R!!!C!!!E!!!
- [JMCTF_2021]GoOSS
