![Root-me : [Web_Server] HTTP - POST](https://img1.daumcdn.net/thumb/R750x0/?scode=mtistory2&fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdna%2FoMc6H%2FbtqF9kK7cib%2FAAAAAAAAAAAAAAAAAAAAAHCv6NpG_fkQ-vHFgo9PApSw6ouiB9XFffg-Q-HsprPv%2Fimg.png%3Fcredential%3DyqXZFxpELC7KVnFOS48ylbz2pIh7yKj8%26expires%3D1756652399%26allow_ip%3D%26allow_referer%3D%26signature%3Dx%252Be%252BBdf81GYnej9fOxs7XKeecF4%253D)
버튼을 누르면 저렇게 숫자가 나간다.
이 숫자가 나가는 방식이 POST 방식으로 전달되는 것 같으니,
Burp Suite 로 잡아서 POST 값을 변조해주면 되겠다.
score를 9999999로 변조해주자.
Flag : H7tp_h4s_N0_s3Cr37S_F0r_y0U
'WriteUp > Root-me.org' 카테고리의 다른 글
| Root-me : [Web_Server] HTTP - Verb tampering (0) | 2020.07.31 |
|---|---|
| Root-me : [Web_Server] HTTP - Improper redirect (0) | 2020.07.30 |
| Root-me : [Web_Server] HTTP - Headers (0) | 2020.07.30 |
| Root-me : [Web_Server] HTTP - Directory indexing (0) | 2020.07.29 |
| Root-me : [Web_Server] Backup file (0) | 2020.07.29 |