[极客大挑战 2019]Http
考点:http抓包改包
进入网页,打开源代码,发现“secret.php”
链接后输入/secret.php,打开发现It doesn't come from 'https://Sycsecret.buuoj.cn'
抓包后添加报头Referer: https://Sycsecret.buuoj.cn,活得提示Please use "Syclover" browser
修改报头为User-Agent: Syclover,获得提示No!!! you can only read this locally!!!
添加报头X-Forwarded-For:127.0.0.1,获得flag
flag{4b08f86b-b10c-466f-a822-8108f0197229}
(未完待续)