Use cURL from your Pwnbox (not the target machine) to obtain the source code of the "https://www.inl

link管理

链接快照平台

输入网页链接，自动生成快照
标签化管理网页链接

相关文章推荐

刚毅的紫菜 · If else in the script ...· 20 小时前 ·

有胆有识的砖头 · 用curl post json的小技巧 | ...· 3 天前 ·

独立的黑框眼镜 · node.js设置请求头_全局设置请求头_j ...· 4 天前 ·

聪明伶俐的围巾 · Received HTTP/0.9 ...· 4 天前 ·

谦虚好学的消防车 · 使用 UnityWebRequest ...· 4 天前 ·

睿智的小熊猫 · 《我不是药神》净利奔11亿 ...· 2 月前 ·

爱旅游的遥控器 · 功率训练相关名词释义 – 单车实验室BikeLab· 3 月前 ·

才高八斗的双杠 · 深入浅出WebGL - 02 - 线性变换· 3 月前 ·

曾经爱过的猴子 · Vue 中引入 Unity3D - 漠里 ...· 4 月前 ·

坚强的西装 · Concurrent Execution ...· 8 月前 ·

Use cURL from your Pwnbox (not the target machine) to obtain the source code of the “ https://www.inlanefreight.com ” website and filter all unique paths of that domain. Submit the number of these paths as the answer.

first do a curl and redirect the output to htb.txt and(&&) use a cat to htb.txt and the rest is filter

if you don’t know what it’s a path in a domain:
For example, in the url https://cloudflare.com/learning/,cloudflare.com is the domain name, while https is the protocol and /learning/ is the path to a specific page on the website

function guesser(){
document.getElementById(“answer430”).value = x
document.getElementById(“btnAnswer430”).click()

setInterval(guesser,1000)

This shorter version worked for me:

Thank you for the hint anyway. I was overwhelmed at first, but now it’s totally comprehensible.

If you are used to using regex, then you don’t need to use so many commands - grep can handle all the filtering for you:

curl https://www.inlanefreight.com/ | grep -Po "https://www.inlanefreight.com/[^'\"]*" | sort -u | wc -l

Could you clarify what you did on that grep filter? I am new to this, I would like to understand what [^'"]* this does.
Thanks!

Sure - but bear in mind that it’s not been covered in the material, I was just saying if you already know regex then you can use that instead.

[^'"]* means any character ([ ] lists characters) that isn’t (^ = isn’t) a ’ or a " . The * at the end means match if there are 0 or more of them.

So basically what that expression is doing is searching for https://www.inlanefreight.com/ including all characters after until it reaches a ’ or a " (which would be the closing of the anchor link)

We need to check for both ’ and ", as some of the links are written:
<a href='https://www.inlanefreight.com/'> and others are written <a href="https://www.inlanefreight.com/">

It should be more like grep -Po "https?://www.inlanefreight.com[^\"'?#]*" shouldn’t it ?
The url path ends at the first ? (query parameters) and # (fragment). Thus the correct answer should be one less.
( https://www.inlanefreight.com/index.php/wp-json/oembed/1.0/embed is present in the result with different query parameters)

推荐文章

刚毅的紫菜 · If else in the script section of a job? - GitLab CI/CD - GitLab Forum

20 小时前

有胆有识的砖头 · 用curl post json的小技巧 | OrdosX

3 天前

独立的黑框眼镜 · node.js设置请求头_全局设置请求头_js设置请求头 - 腾讯云开发者社区 - 腾讯云

4 天前

聪明伶俐的围巾 · Received HTTP/0.9 when not allowed - General - Posit Community

4 天前

谦虚好学的消防车 · 使用 UnityWebRequest 时报错 Curl error 1: Received HTTP/0.9 when not allowed [已解决]_unitywebrequest bug-CS

4 天前

睿智的小熊猫 · 《我不是药神》净利奔11亿宁浩徐峥公司各分超2亿 | 界面新闻

2 月前

爱旅游的遥控器 · 功率训练相关名词释义 – 单车实验室BikeLab

3 月前

才高八斗的双杠 · 深入浅出WebGL - 02 - 线性变换

3 月前

曾经爱过的猴子 · Vue 中引入 Unity3D - 漠里 - 博客园

4 月前

坚强的西装 · Concurrent Execution — Python 3.12.2 documentation

8 月前