打开链接“http://ctf5.shiyanbar.com/web/10/10.php”,从页面内容未发现明显信息,查看源代码发现“please post what you find with parameter:key”,f12看到返回response headers中有flag字样,看起来是base64加密,然后构造Post包,重新请求,即可获得flag
附Python3脚本
#coding:utf-8 import base64 import urllib.request import urllib.parse url = 'http://ctf5.shiyanbar.com/web/10/10.php' response = urllib.request.urlopen(url).info() flag = response.get('FLAG') flag1 = base64.b64decode(flag).decode() flag2 = flag1.split(':')[1] print(flag2) req = urllib.parse.urlencode({'key':flag2}).encode() print(req) response1 = urllib.request.urlopen(url,data=req).read() print(response1)