当前位置:网站首页>The "Baidu Cup" CTF competition was held in February 2017, Web: explosion-2
The "Baidu Cup" CTF competition was held in February 2017, Web: explosion-2
2022-07-05 13:19:00 【Part 02】
Topic content :
flag Not in variable .
<?php
include "flag.php";
$a = @$_REQUEST['hello'];
eval( "var_dump($a);");
show_source(__FILE__);?hello=file('flag.php')
file Commands can be read directly
file_get_contents It's OK , But in the source code
边栏推荐
- Simple page request and parsing cases
- Overflow toolbar control in SAP ui5 view
- [深度学习论文笔记]使用多模态MR成像分割脑肿瘤的HNF-Netv2
- 多人合作项目查看每个人写了多少行代码
- 将函数放在模块中
- Fragmented knowledge management tool memos
- Default parameters of function & multiple methods of function parameters
- Can and can FD
- Get you started with Apache pseudo static configuration
- go 字符串操作
猜你喜欢
Put functions in modules
Cf:a. the third three number problem
简单上手的页面请求和解析案例
Simple page request and parsing cases
初次使用腾讯云,解决只能使用webshell连接,不能使用ssh连接。
MySQL - database query - sort query, paging query
Could not set property ‘id‘ of ‘class XX‘ with value ‘XX‘ argument type mismatch 解决办法
Although the volume and price fall, why are the structural deposits of commercial banks favored by listed companies?
How to protect user privacy without password authentication?
Backup and restore of Android local SQLite database
随机推荐
碎片化知识管理工具Memos
What is a network port
C# 对象存储
Laravel document reading notes -mews/captcha use (verification code function)
FPGA 学习笔记:Vivado 2019.1 添加 IP MicroBlaze
Flutter 3.0更新后如何应用到小程序开发中
一网打尽异步神器CompletableFuture
无密码身份验证如何保障用户隐私安全?
C object storage
STM32 and motor development (from architecture diagram to documentation)
A specific example of ABAP type and EDM type mapping in SAP segw transaction code
Pandora IOT development board learning (HAL Library) - Experiment 7 window watchdog experiment (learning notes)
函数的默认参数&函数参数的多种方法
Sorry, we can't open xxxxx Docx, because there is a problem with the content (repackaging problem)
uni-app开发语音识别app,讲究的就是简单快速。
Summary and arrangement of JPA specifications
Apicloud studio3 API management and debugging tutorial
My colleague didn't understand selenium for half a month, so I figured it out for him in half an hour! Easily showed a wave of operations of climbing Taobao [easy to understand]
潘多拉 IOT 开发板学习(HAL 库)—— 实验7 窗口看门狗实验(学习笔记)
【Hot100】34. 在排序数组中查找元素的第一个和最后一个位置