当前位置:网站首页>ctfshow-web355,356(SSRF)
ctfshow-web355,356(SSRF)
2022-07-01 06:48:00 【m0_62094846】
web-355
<?php
error_reporting(0);
highlight_file(__FILE__);
$url=$_POST['url'];
$x=parse_url($url);
if($x['scheme']==='http'||$x['scheme']==='https'){
$host=$x['host'];
if((strlen($host)<=5)){
$ch=curl_init($url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result=curl_exec($ch);
curl_close($ch);
echo ($result);
}
else{
die('hacker');
}
}
else{
die('hacker');
}
?>host长度小于5,即127.0.0.1要小于5,可以写成127.1或0
web-356
<?php
error_reporting(0);
highlight_file(__FILE__);
$url=$_POST['url'];
$x=parse_url($url);
if($x['scheme']==='http'||$x['scheme']==='https'){
$host=$x['host'];
if((strlen($host)<=3)){
$ch=curl_init($url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result=curl_exec($ch);
curl_close($ch);
echo ($result);
}
else{
die('hacker');
}
}
else{
die('hacker');
}
?>url=http://0/flag.php
边栏推荐
- Stored procedure learning notes
- SQL learning notes 2
- 解决无法读取META-INF.services里面定义的类
- On whether variables are thread safe
- 【电气介数】电气介数及考虑HVDC和FACTS元件的电气介数计算
- Some pits designed by NOC
- Docker installation and deployment redis
- 嵌入式系统
- SQL learning notes nine connections 2
- Is fixed investment fund a high-risk product?
猜你喜欢
![[matlab] solve nonlinear programming](/img/2e/7a1f520b602b7539be479efb198f6a.png)
随机推荐
如果我在广州,到哪里开户比较好?究竟网上开户是否安全么?
Product learning (III) - demand list
Rotate the animation component around the circle, take it and use it directly
【电气介数】电气介数及考虑HVDC和FACTS元件的电气介数计算
Common shortcut keys
How the esp32 deep sleep current is lower than 10uA
Methods of downloading Foreign Periodicals
考研目录链接
记一次线上接口慢查询问题排查
数据库笔记
buildroot override 机制
[matlab] solve nonlinear programming
【LINGO】求无向图的最短路问题
Problem: officeexception: failed to start and connect (II)
How to use Alibaba vector font files through CDN
MySQL table partition creation method
产品学习(一)——结构图
如何进入互联网行业,成为产品经理?没有项目经验如何转行当上产品经理?
AI视频智能平台EasyCVR设备录像出现无法播放现象的问题修复
On whether variables are thread safe