{"provider_name":"Hatena Blog","version":"1.0","title":"Photo Gallery [Hacker101 CTF]","type":"rich","blog_title":"\u306f\u307e\u3084\u3093\u306f\u307e\u3084\u3093\u306f\u307e\u3084\u3093","author_url":"https://blog.hatena.ne.jp/hamayanhamayan/","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fblog.hamayanhamayan.com%2Fentry%2F2020%2F05%2F18%2F234052\" title=\"Photo Gallery [Hacker101 CTF] - \u306f\u307e\u3084\u3093\u306f\u307e\u3084\u3093\u306f\u307e\u3084\u3093\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","provider_url":"https://hatena.blog","url":"https://blog.hamayanhamayan.com/entry/2020/05/18/234052","published":"2020-05-18 23:40:52","blog_url":"https://blog.hamayanhamayan.com/","categories":["Security"],"author_name":"hamayanhamayan","description":"\u753b\u50cf\u306e\u30ae\u30e3\u30e9\u30ea\u30fc\u30b5\u30a4\u30c8 \u30bd\u30fc\u30b9\u30b3\u30fc\u30c9\u3092\u898b\u308b\u3068\u3001fetch?id=1\u3068\u3044\u3046\u30ea\u30af\u30a8\u30b9\u30c8\u3067\u753b\u50cf\u3092\u5f97\u3066\u3044\u308b fetch?id=1\u3068fetch?id=2\u306f200\u5fdc\u7b54 fetch?id=3\u306f500\u30a8\u30e9\u30fc\u3001fetch?id=0\u3084fetch?id=4\u306f404\u30a8\u30e9\u30fc fetch\u306f400\u30a8\u30e9\u30fc \u3068\u308a\u3042\u3048\u305afetch?id=../../../../../../../etc/passwd\u306f\u30c0\u30e1\u3063\u307d\u3044 HTTP\u901a\u4fe1\u304b\u3089\u306e\u8aad\u307f\u53d6\u308a Server: nginx/1.14.0 (Ubuntu) Flag 0 \u8a66\u3057\u306b'\u3092\u5165\u308c\u3066\u307f\u308b\u3068\u3001500\u30a8\u30e9\u30fc\u306b\u306a\u308b\u3002 404\u30a8\u30e9\u30fc\u306b\u306a\u3089\u306a\u3044\u3068\u3053\u308d\u3092\u898b\u308b\u3068\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u53ef\u80fd\u306a\u96f0\u56f2\u6c17\u304c\u3042\u308b\u3002\u2026","height":"190","width":"100%","image_url":"https://cdn-ak.f.st-hatena.com/images/fotolife/h/hamayanhamayan/20200518/20200518233947.png"}