可以看到,当我们的name=user.__class__.__init__.__globals__时,就可以将很多敏感的东西给打印出来 SWPUCTF 皇家线上赌场 文件读取 根据首页弹出的xss,来到路径 http://107.167.188.241/static?file=test.js 接着发现任意文件读取 http://107.167.188.241/static?file=/etc/passwd 发现泄露: http://107.167....
[4441星][3m] [Shell] zardus/ctf-tools Some setup scripts for security research tools. [4436星][15d] [JS] cure53/dompurify a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hoo...