题目来源于：bugku

题目难度：简单

题目 描 述: > Wanna learn about some types of headache? > Let's dig right into it!

下面是题目源代码：

<!DOCTYPE html><html><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <title>Headache</title> <link rel="stylesheet" href="/static/bulma.min.css"> <style type="text/css"> img { width: 400px; height: auto; } </style></head><body> <section class="section"> <div class="container"> <h1 class="title is-primary"> HEADACHE </h1> <p class="subtitle"> In this challenge you'll discover some types of <strong class="is-primary">Headache</strong>! </p> <img src="/static/meme.png"> <p>Otherwise, if you want the flag just ask for it politely :D</p> </div> </section></body></html>

下面我们开始解题：

这道题我们直接用“ BurpSuite ”抓包工具

直接在抓包到的页面添加请求头“ Wanna-Something:can-i-have-a-flag-please ”，就能获取到flag，完成题目了

原文链接： CTF网络安全大赛简单的web抓包题：HEADache - [红客网]网络编程与渗透技术笔记  

红客网：blog.hongkewang.cn